2022-04-03 14:21:09 +00:00
# Basic OIDC
2022-05-05 15:52:48 +00:00
[![Build Status ](https://drone.communiquons.org/api/badges/pierre/BasicOIDC/status.svg )](https://drone.communiquons.org/pierre/BasicOIDC)
2022-04-18 15:02:30 +00:00
Basic & lightweight OpenID provider, written in Rust using the Actix framework.
2022-04-03 14:21:09 +00:00
2022-04-18 15:00:28 +00:00
**WARNING :** This tool has not been audited, use it at your own risks!
BasicOIDC operates without any database, just with two files :
* `clients.yaml` : a list of authorized relying parties.
* `users.json` : a list of users, managed through a web UI.
You can configure a list of clients (Relying Parties) in a `clients.yaml` file with the following syntax :
```yaml
- id: gitea
name: Gitea
description: Git with a cup of tea
secret: TOP_SECRET
redirect_uri: https://mygit.mywebsite.com/
2023-04-15 08:33:06 +00:00
# If you want new accounts to be granted access to this client by default
default: true
2022-04-18 15:00:28 +00:00
```
On the first run, BasicOIDC will create a new administrator with credentials `admin` / `admin` . On first login you will have to change these default credentials.
In order to run BasicOIDC for development, you will need to create a least an empty `clients.yaml` file inside the storage directory.
Features :
2022-04-18 15:17:02 +00:00
* [x] `authorization_code` flow
2022-04-18 15:02:30 +00:00
* [x] Client authentication using secrets
* [x] Bruteforce protection
2022-04-23 18:31:09 +00:00
* [x] 2 factor authentication
2022-04-20 07:39:28 +00:00
* [x] TOTP (authenticator app)
2022-04-23 18:31:09 +00:00
* [x] Using a security key (Webauthn)
2022-04-18 15:02:30 +00:00
* [ ] Fully responsive webui
2022-04-23 18:41:31 +00:00
* [x] `robots.txt` prevents indexing
2022-04-18 15:00:28 +00:00
## Compiling
You will need the Rust toolchain to compile this project. To build it for production, just run:
```bash
cargo build --release
```
## Contributing
2022-05-05 15:52:48 +00:00
If you wish to contribute to this software, feel free to send an email to contact@communiquons.org to get an account on my system, managed by BasicOIDC :)