OpenID Connect resource demo application
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
Jan Dittberner 815c8e792a Use oauth2.AuthCodeURL to simplify Authenticate 11 months ago
cmd/app Use oauth2.AuthCodeURL to simplify Authenticate 11 months ago
debian Add packaging via goreleaser 11 months ago
docs Add packaging via goreleaser 11 months ago
internal Use oauth2.AuthCodeURL to simplify Authenticate 11 months ago
translations Add separate protected resource page 11 months ago
ui Add separate protected resource page 11 months ago
.gitignore Add separate protected resource page 11 months ago
.golangci.yml Modernize demo application 11 months ago
.goreleaser.yml Add packaging via goreleaser 11 months ago
Makefile Add separate protected resource page 11 months ago
README.md Update Copyright in README.md 11 months ago
changelog.md Add separate protected resource page 11 months ago
go.mod Modernize demo application 11 months ago
go.sum Modernize demo application 11 months ago

README.md

Demo OpenID connect application

This repository contains a demo application using OAuth2/OpenID Connect to authenticate and authorize users.

The code in this repository is licensed under the terms of the Apache License Version 2.0.

Copyright © 2020-2023 CAcert Inc.

Setup

Certificates

You need a server certificate and corresponding private key to run demo-app.

An easy way to generate server certificate and key for local testing is mkcert.

Run mkcert to generate app.cacert.localhost.pem and app.cacert.localhost-key.pem:

mkcert -cert-file app.cacert.localhost

Configure the Demo Application

You will need a 32 byte and a 64 byte random secret for the session authentication and encryption keys:

openssl rand -base64 64
openssl rand -base64 32

You also need the client id and the client secret, that have been generated during the OIDC client setup described above.

Put the data into resource_app.toml:

[oidc]
client-id = "<client id from hydra clients invocation>"
client-secret = "<client secret from hydra clients invocation>"

[session]
auth-key = "<64 bytes of base64 encoded data>"
enc-key = "<32 bytes of base64 encoded data>"

Start

Now you can start the demo application:

make
./demo-app

Visit https://app.cacert.localhost:4000/ in a Browser and you will be directed through the OpenID connect authorization code flow.

Translations

This application uses go-i18n for internationalization (i18n) support.

The translation workflow needs the go18n binary which can be installed via

go install github.com/nicksnyder/go-i18n/v2/goi18n

To extract new messages from the code run

cd translations
goi18n extract ..

Then use

cd translations
goi18n merge active.*.toml

to create TOML files for translation as translate.<locale>.toml.

After translating the messages run

cd translations
goi18n merge active.*.toml translate.*.toml

to merge the messages back into the active translation files. To add a new language you need to add the language code to the languages configuration option (default is defined in the configmap in services/configuration.go).