You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1.8 KiB
1.8 KiB
CAcert OpenID connect parent project
This repository references several repositories for the CAcert OpenID connect setup.
Clone the repository
git clone --recurse-submodules https://code.cacert.org/cacert/oidc-parent.git
cd oidc-parent
# cause pull, fetch and other git commands to consider submodules
git config submodule.recurse true
Get started
- setup Hydra
- build CAcert web application resources
- setup IDP (provides login and consent screens)
- setup demo application
- setup OpenID Connect client registration application
Local development setup
Make sure you have the necessary prerequisites installed (tested on Debian 11
Bullseye) and ~/.local/bin is in your $PATH variable:
sudo apt update
sudo apt install make python3-pip python3-psycopg2 golang-go yarnpkg
python3 -m pip install --user -U pip
python3 -m pip install --user ansible
export PATH=$HOME/.local/bin:$PATH
Note: It is a good idea to put the PATH export line into your .bashrc or
.zshenv.
Use make to build the web app resources and applications:
go install github.com/nicksnyder/go-i18n/v2/goi18n@latest
make
Use ansible-playbook to deploy Hydra, IDP, Client registration and the demo
application:
cd deployment
ansible-playbook 01_install_cacert_oidc.yml
Note: If ansible-playbook fails early in the process with "sudo: a password is required," then confirm that your user has sudo privileges and execute that command like
ansible-playbook -K 01_install_cacert_oidc.yml
Vagrant setup
sudo apt install vagrant-libvirt virt-manager libvirt-clients
vagrant up
vagrant ssh -- cat .local/share/mkcert/rootCA.pem | sudo tee /usr/local/share/ca-certificates/mkcert-vagrant-oidc.crt
sudo update-ca-certificates