Basic project setup

2021-09-11 12:16:14 +02:00 · 2021-09-11 12:16:14 +02:00 · 4b852dee3f
commit 4b852dee3f
3 changed files with 115 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,3 @@
+.idea/
+certs/
+resource_app.toml
--- a/README.md
+++ b/README.md
@ -0,0 +1,109 @@
+# Demo OpenID connect application
+
+This repository contains a demo application using OAuth2/OpenID Connect to
+authenticate and authorize users.
+
+The code in this repository is licensed under the terms of the Apache License
+Version 2.0.
+
+Copyright © 2020, 2021  Jan Dittberner
+
+## Setup
+
+### Certificates
+
+You need a set of certificates for the application. You can use the Test CA
+created by the ``setup_test_ca.sh`` script from the [CAcert developer
+setup](https://git.dittberner.info/jan/cacert-devsetup) repository like this:
+
+1. create signing requests
+
+   ```
+   mkdir certs
+   cd certs
+   openssl req -new -newkey rsa:3072 -nodes \
+       -keyout app.cacert.localhost.key \
+       -out app.cacert.localhost.csr.pem \
+       -subj /CN=app.cacert.localhost \
+       -addext subjectAltName=DNS:app.cacert.localhost
+   cp *.csr.pem $PATH_TO_DEVSETUP_TESTCA/
+   ```
+
+2. Use the CA to sign the certificates
+
+   ```
+   pushd $PATH_TO_DEVSETUP_TESTCA/
+   openssl ca -config ca.cnf -name class3_ca -extensions server_ext \
+       -in app.cacert.localhost.csr.pem \
+       -out app.cacert.localhost.crt.pem -days 365
+   popd
+   cp $PATH_TO_DEVSETUP_TESTCA/app.cacert.localhost.crt.pem .
+   ```
+
+### Configure the Demo Application
+
+You will need a 32 byte and a 64 byte random secret for the session
+authentication and encryption keys:
+
+```
+openssl rand -base64 64
+openssl rand -base64 32
+```
+
+You also need the client id and the client secret, that have been generated
+during the OIDC client setup described above.
+
+```
+[oidc]
+client-id = "<client id from hydra clients invocation>"
+client-secret = "<client secret from hydra clients invocation>"
+
+[session]
+auth-key = "<64 bytes of base64 encoded data>"
+enc-key = "<32 bytes of base64 encoded data>"
+```
+
+## Start
+
+Now you can start the demo application:
+
+  ```
+  go run cmd/app/main.go
+  ```
+
+Visit https://app.cacert.localhost:4000/ in a Browser and you will be directed
+through the OpenID connect authorization code flow.
+
+## Translations
+
+This application uses [go-i18n](https://github.com/nicksnyder/go-i18n/) for
+internationalization (i18n) support.
+
+The translation workflow needs the `go18n` binary which can be installed via
+
+```
+go get -u  github.com/nicksnyder/go-i18n/v2/goi18n
+```
+
+To extract new messages from the code run
+
+```
+goi18n extract .
+```
+
+Then use
+
+```
+goi18n merge active.*.toml
+```
+
+to create TOML files for translation as `translate.<locale>.toml`. After
+translating the messages run
+
+```
+goi18n merge active.*.toml translate.*.toml
+```
+
+to merge the messages back into the active translation files. To add a new
+language you need to add the language code to the languages configuration
+option (default is defined in the configmap in cmd/app/main.go).
--- a/go.mod
+++ b/go.mod
@ -0,0 +1,3 @@
+module git.cacert.org/oidc_demo_app
+
+go 1.17