# CAcert OpenID connect parent project

This repository references several repositories for the CAcert OpenID connect
setup.

## Clone the repository

```shell
git clone --recurse-submodules https://code.cacert.org/cacert/oidc-parent.git
cd oidc-parent
# cause pull, fetch and other git commands to consider submodules
git config submodule.recurse true
```

## Get started

- [setup Hydra](https://code.cacert.org/cacert/oidc-hydra-config/src/branch/main/README.md)
- build CAcert web application resources
- setup IDP (provides login and consent screens)
- setup demo application
- setup setup OpenID Connect client registration application

## Local development setup

Make sure you have the necessary prerequisites installed (tested on Debian 11
Bullseye) and `~/.local/bin` is in your `$PATH` variable:

```shell
sudo apt update
sudo apt install make python3-pip python3-psycopg2 golang-go yarnpkg
python3 -m pip install --user -U pip
python3 -m pip install --user ansible
export PATH=$HOME/.local/bin:$PATH
```

*Note:* It is a good idea to put the `PATH` export line into your `.bashrc` or
`.zshenv`.

Use `make` to build the web app resources and applications:

```shell
make
```

Use `ansible-playbook` to deploy Hydra, IDP, Client registration and the demo
application:

```shell
cd deployment
ansible-playbook 01_install_cacert_oidc.yml
```