Basic OpenID Provider
Go to file
pierre 1a1b3661ed
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
Merge branch 'master' into renovate/futures-util-0.x
2022-08-19 12:42:18 +00:00
assets Block pages indexing 2022-04-23 20:41:31 +02:00
src Display app version for administrators 2022-07-22 15:11:30 +02:00
templates Display app version for administrators 2022-07-22 15:11:30 +02:00
.drone.yml Add missing instruction 2022-05-05 17:55:37 +02:00
.gitignore Automatically create admin on first start 2022-03-29 19:32:31 +02:00
build_docker_image.sh Add dockerfile 2022-04-15 22:09:26 +02:00
Cargo.lock Merge branch 'master' into renovate/futures-util-0.x 2022-08-19 12:42:18 +00:00
Cargo.toml Merge branch 'master' into renovate/futures-util-0.x 2022-08-19 12:42:18 +00:00
Dockerfile Add dockerfile 2022-04-15 22:09:26 +02:00
LICENSE Add README & LICENSE 2022-04-18 17:00:28 +02:00
README.md Update CI script & add badge 2022-05-05 17:52:48 +02:00
renovate.json Add renovate.json 2022-04-01 00:10:26 +00:00

Basic OIDC

Build Status

Basic & lightweight OpenID provider, written in Rust using the Actix framework.

WARNING : This tool has not been audited, use it at your own risks!

BasicOIDC operates without any database, just with two files :

  • clients.yaml: a list of authorized relying parties.
  • users.json: a list of users, managed through a web UI.

You can configure a list of clients (Relying Parties) in a clients.yaml file with the following syntax :

- id: gitea
  name: Gitea
  description: Git with a cup of tea
  secret: TOP_SECRET
  redirect_uri: https://mygit.mywebsite.com/

On the first run, BasicOIDC will create a new administrator with credentials admin / admin. On first login you will have to change these default credentials.

In order to run BasicOIDC for development, you will need to create a least an empty clients.yaml file inside the storage directory.

Features :

  • authorization_code flow
  • Client authentication using secrets
  • Bruteforce protection
  • 2 factor authentication
    • TOTP (authenticator app)
    • Using a security key (Webauthn)
  • Fully responsive webui
  • robots.txt prevents indexing

Compiling

You will need the Rust toolchain to compile this project. To build it for production, just run:

cargo build --release

Contributing

If you wish to contribute to this software, feel free to send an email to contact@communiquons.org to get an account on my system, managed by BasicOIDC :)