Basic OpenID Provider
Go to file
Pierre Hubert cc4a8a962b
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
User can delete his own 2FA login history
2022-11-12 11:51:24 +01:00
assets Merge factors type for authentication 2022-11-11 12:26:02 +01:00
src User can delete his own 2FA login history 2022-11-12 11:51:24 +01:00
templates User can delete his own 2FA login history 2022-11-12 11:51:24 +01:00
.drone.yml Forbid cargo clippy warnings 2022-09-02 15:56:31 +02:00
.gitignore Automatically create admin on first start 2022-03-29 19:32:31 +02:00
build_docker_image.sh Add dockerfile 2022-04-15 22:09:26 +02:00
Cargo.lock Can clear 2FA login history from edit_user page 2022-11-12 11:16:55 +01:00
Cargo.toml Can clear 2FA login history from edit_user page 2022-11-12 11:16:55 +01:00
Dockerfile Add dockerfile 2022-04-15 22:09:26 +02:00
LICENSE Add README & LICENSE 2022-04-18 17:00:28 +02:00
README.md Update CI script & add badge 2022-05-05 17:52:48 +02:00
renovate.json Add renovate.json 2022-04-01 00:10:26 +00:00

Basic OIDC

Build Status

Basic & lightweight OpenID provider, written in Rust using the Actix framework.

WARNING : This tool has not been audited, use it at your own risks!

BasicOIDC operates without any database, just with two files :

  • clients.yaml: a list of authorized relying parties.
  • users.json: a list of users, managed through a web UI.

You can configure a list of clients (Relying Parties) in a clients.yaml file with the following syntax :

- id: gitea
  name: Gitea
  description: Git with a cup of tea
  secret: TOP_SECRET
  redirect_uri: https://mygit.mywebsite.com/

On the first run, BasicOIDC will create a new administrator with credentials admin / admin. On first login you will have to change these default credentials.

In order to run BasicOIDC for development, you will need to create a least an empty clients.yaml file inside the storage directory.

Features :

  • authorization_code flow
  • Client authentication using secrets
  • Bruteforce protection
  • 2 factor authentication
    • TOTP (authenticator app)
    • Using a security key (Webauthn)
  • Fully responsive webui
  • robots.txt prevents indexing

Compiling

You will need the Rust toolchain to compile this project. To build it for production, just run:

cargo build --release

Contributing

If you wish to contribute to this software, feel free to send an email to contact@communiquons.org to get an account on my system, managed by BasicOIDC :)