|
|
|
@ -31,6 +31,53 @@ export PATH=$HOME/.local/bin:$PATH
|
|
|
|
|
*Note:* It is a good idea to put the `PATH` export line into your `.bashrc` or
|
|
|
|
|
`.zshenv`.
|
|
|
|
|
|
|
|
|
|
### Initial Configuration
|
|
|
|
|
Each of the sub-directories contains instructions for creating or editing
|
|
|
|
|
a configuration file and, usually, certificates.
|
|
|
|
|
|
|
|
|
|
The first that must be performed are the instructions found in the "hydra_config"
|
|
|
|
|
sub-directory.
|
|
|
|
|
|
|
|
|
|
In that one, you must create a certificate and key pair using mkcert,
|
|
|
|
|
set your database password, and generate a secret key for Hydra.
|
|
|
|
|
|
|
|
|
|
Following that, you need to create the Hydra configuration file, hydra.yaml.
|
|
|
|
|
|
|
|
|
|
Finally, after starting Hydra, you need to create a Hydra Client, using the
|
|
|
|
|
command found at the bottom of the README.md in that directory. Save the
|
|
|
|
|
values returned from that command.
|
|
|
|
|
|
|
|
|
|
Next, go in to the cacert_resources sub-directory and follow the directions
|
|
|
|
|
in that README.md.
|
|
|
|
|
|
|
|
|
|
Third, go in to the oidc_app sub-directory.
|
|
|
|
|
|
|
|
|
|
There, you again need to create a certicate and key pair using mkcert.
|
|
|
|
|
|
|
|
|
|
Create the configuration file, resource_app.toml, using the values created
|
|
|
|
|
from the Hydra command described in the hydra_config README.md, and the two
|
|
|
|
|
secret keys as described in the current README.md file.
|
|
|
|
|
|
|
|
|
|
Next, the oidc_idp sub-directory.
|
|
|
|
|
|
|
|
|
|
Again, you will need to create the certificate and key pair using mkcert.
|
|
|
|
|
|
|
|
|
|
Create the configuration file, idp.toml, using only the a secret key, as
|
|
|
|
|
described in the current README.md file.
|
|
|
|
|
|
|
|
|
|
Finally, change into the oidc_registration sub-directory.
|
|
|
|
|
|
|
|
|
|
There, you will find detailed instructions for certificate creation for
|
|
|
|
|
this module.
|
|
|
|
|
|
|
|
|
|
As well, after creating a secret key, you will create the configuration
|
|
|
|
|
file, registration.toml.
|
|
|
|
|
|
|
|
|
|
### Continuing
|
|
|
|
|
|
|
|
|
|
At this point, you should have created all of the certificates and configuration files
|
|
|
|
|
needed by this system.
|
|
|
|
|
|
|
|
|
|
### Build the applications
|
|
|
|
|
|
|
|
|
|
Use `make` to build the web app resources and applications:
|
|
|
|
@ -94,6 +141,11 @@ certificate authority.
|
|
|
|
|
|
|
|
|
|
## Testing your local setup
|
|
|
|
|
|
|
|
|
|
After running "make", in each of the sub-directories except cacert_resources and
|
|
|
|
|
hydra_config you will find an executable file. You must execute each of these
|
|
|
|
|
commands, using multiple terminal windows, so that they are each running
|
|
|
|
|
in individual terminals.
|
|
|
|
|
|
|
|
|
|
### Test the authorization server
|
|
|
|
|
|
|
|
|
|
Request the OpenID connect auto discovery information from Hydra
|
|
|
|
|