lite-idp - Lightweight SAML Identity Provider

  •        52

LITE-IDP is a lightweight SAML 2.0 Identity Provider and Service Provider library written in Go. The project’s goal is to create an IdP that is easier to configure and extend than Shibboleth’s IdP. The initial implemention of SAML 2 protocols was completed in 2015. However, the project lacked an extensible configuration mechanism. It was converted to use Cobra and Viper in September 2017 and is now easy to use customize.

https://github.com/amdonov/lite-idp

Tags
Implementation
License
Platform

   




Related Projects

saml - SAML library for go

  •    Go

Package saml contains a partial implementation of the SAML standard in golang. SAML is a standard for identity federation, i.e. either allowing a third party to authenticate your users or allowing third parties to rely on us to authenticate their users. In SAML parlance an Identity Provider (IDP) is a service that knows how to authenticate users. A Service Provider (SP) is a service that delegates authentication to an IDP. If you are building a service where users log in with someone else's credentials, then you are a Service Provider. This package supports implementing both service providers and identity providers.

spring-boot-security-saml-sample - Sample SAML 2.0 Service Provider with Spring Boot.

  •    Java

Currently Spring Security SAML module doesn't provide a starter for Spring Boot. Moreover, its configuration is XML-based as of this writing. The aim of this project is to explain how to develop a Service Provider (SP) which uses Spring Boot and Spring Security SAML Extension, by defining an annotation-based configuration (Java Configuration). Thymeleaf is also used as template engine.

spring-security-saml - SAML extension for the Spring Security project

  •    Java

Spring SAML Extension allows seamless inclusion of SAML 2.0 Service Provider capabilities in Spring applications. All products supporting SAML 2.0 in Identity Provider mode (e.g. ADFS 2.0, Shibboleth, OpenAM/OpenSSO, Ping Federate, Okta) can be used to connect with Spring SAML Extension.This project adheres to the Contributor Covenant link:CODE_OF_CONDUCT.adoc[code of conduct]. By participating, you are expected to uphold this code. Please report unacceptable behavior to spring-code-of-conduct@pivotal.io.

dex - OpenID Connect Identity (OIDC) and OAuth 2.0 Provider with Pluggable Connectors

  •    Go

Dex is an identity service that uses OpenID Connect to drive authentication for other apps. Dex acts as a portal to other identity providers through "connectors." This lets dex defer authentication to LDAP servers, SAML providers, or established identity providers like GitHub, Google, and Active Directory. Clients write their authentication logic once to talk to dex, then dex handles the protocols for a given backend.

dex - OpenID Connect Identity (OIDC) and OAuth 2.0 Provider with Pluggable Connectors

  •    Go

Dex is an identity service that uses OpenID Connect to drive authentication for other apps.Dex is NOT a user-management system, but acts as a portal to other identity providers through "connectors." This lets dex defer authentication to LDAP servers, SAML providers, or established identity providers like GitHub, Google, and Active Directory. Clients write their authentication logic once to talk to dex, then dex handles the protocols for a given backend.


keycloak - Open Source Identity and Access Management For Modern Applications and Services

  •    Java

Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code. Users authenticate with Keycloak rather than individual applications. This means that your applications don't have to deal with login forms, authenticating users, and storing users. Once logged-in to Keycloak, users don't have to login again to access a different application.

node-oidc-provider - OpenID Provider(OP) implementation for node

  •    Javascript

oidc-provider is an OpenID Provider implementation of OpenID Connect. It allows to export a complete mountable or standalone OpenID Provider implementation. This implementation does not dictate a fixed data models or persistence store, instead, you must provide adapters for these. A generic in memory adapter is available to get you started as well as feature-less dev-only views to be able to get off the ground. The following specifications are implemented by oidc-provider. Note that not all features are enabled by default, check the configuration section on how to enable them.

pact-ruby - Enables consumer driven contract testing, providing a mock service and DSL for the consumer project, and interaction playback and verification for the service provider project

  •    Ruby

Define a pact between service consumers and providers, enabling "consumer driven contract" testing. Pact provides a fluent API for service consumers to define the HTTP requests they will make to a service provider and the HTTP responses they expect back. These expectations are used in the consumer specs to provide a mock service provider. The interactions are recorded, and played back in the service provider specs to ensure the service provider actually does provide the response the consumer expects.

mod_auth_openidc - OpenID Connect Relying Party and OAuth 2

  •    C

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. It can also function as an OAuth 2.0 Resource Server, validating OAuth 2.0 bearer access tokens presented by OAuth 2.0 Clients. This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party (RP) to an OpenID Connect Provider (OP). It authenticates users against an OpenID Connect Provider, receives user identity information from the OP in a so called ID Token and passes on the identity information (a.k.a. claims) in the ID Token to applications hosted and protected by the Apache web server.

omniauth-saml - A generic SAML strategy for OmniAuth

  •    Ruby

We tag and release gems according to the Semantic Versioning principle. In addition to the guidelines of Semantic Versioning, we follow a further guideline that otherwise backwards-compatible dependency upgrades for security reasons should generally be cause for a MINOR version upgrade as opposed to a PATCH version upgrade. Backwards-incompatible dependency upgrades for security reasons should still result in a MAJOR version upgrade for this library. For IdP-initiated SSO, users should directly access the IdP SSO target URL. Set the href of your application's login link to the value of idp_sso_target_url. For SP-initiated SSO, link to /auth/saml.

hydra - OAuth2 server with OpenID Connect - cloud native, security-first, open source API security for your infrastructure

  •    Go

ORY Hydra is a hardened OAuth2 and OpenID Connect server optimized for low-latency, high throughput, and low resource consumption. ORY Hydra is not an identity provider (user sign up, user log in, password reset flow), but connects to your existing identity provider through a consent app. Implementing the consent app in a different language is easy, and exemplary consent apps (Go, Node) and SDKs (Go, Node) are provided.Besides mitigating various attack vectors, such as database compromisation and OAuth 2.0 weaknesses, ORY Hydra is able to securely manage JSON Web Keys, and has a sophisticated policy-based access control you can use if you want to. Click here to read more about security.

smart-home-nodejs - A sample of the Smart Home device control APIs in Actions on Google

  •    HTML

This sample contains a fully functioning example of a Smart Home provider cloud service designed to work with Actions on Google. This can be used with a Actions Console project to create an Action interface to your IoT devices. This sample includes everything you need to get started, including a mocked user authentication service with sample users and a user web portal to demonstrate the user experience when controlling their lights with your action. An example of a Smart Home IoT cloud engine is stored in smart-home-provider. This consists of both the main smart-home-provider-cloud.js main web service, as well as the web portal used to interact with virtual devices in frontend/. smart-home-provider-cloud.js is the entry point to the Node.js Express app that runs the IoT cloud service, and handles authentication, and ultimately handles requests from the Google Assistant.

passport-saml - SAML 2.0 authentication with Passport

  •    Javascript

This is a SAML 2.0 authentication provider for Passport, the Node.js authentication library.The code was originally based on Michael Bosworth's express-saml library.

Single Sign On - 2.0 Web Service Membership Provider

  •    DotNet

In short, this is simply a pass-through web service membership provider and role provider library. I've taken advantage of the 2.0 membership provider model to allow pre-existing applications to easily integrate this library. The idea is to have one centrally hosted asp.net we...

vagrant-azure - Enable Vagrant to manage virtual machines in Microsoft Azure

  •    Ruby

This is a Vagrant 1.7.3+ plugin that adds Microsoft Azure provider to Vagrant, allowing Vagrant to control and provision machines in Microsoft Azure.AAD encourages the use of Applications / Service Principals for authenticating applications. An application / service principal combination provides a service identity for Vagrant to manage your Azure Subscription. Click here to learn about AAD applications and service principals.

ngprogress-lite - Angular provider for slim progress bars

  •    HTML

Nice looking slim progress bars provider for Angular.js applications.It has similar API as original popular jQuery plugin (see references) to keep things as simple as possible.

dflydev-doctrine-orm-service-provider - Doctrine ORM Service Provider

  •    PHP

Provides Doctrine ORM Entity Managers as services to Pimple applications. Through Composer as dflydev/doctrine-orm-service-provider.

LDAP/AD Claims Provider For SharePoint 2013

  •    

This claims provider implements search on LDAP and AD for SAML authentication (claims mode) in SharePoint 2013

LDAP/AD Claims Provider For SharePoint 2010

  •    

This claims provider implements search on LDAP and AD for SAML authentication (claims mode) in SharePoint 2010

uaa - CloudFoundry User Account and Authentication (UAA) Server

  •    Java

The UAA is a multi tenant identity management service, used in Cloud Foundry, but also available as a stand alone OAuth2 server. It's primary role is as an OAuth2 provider, issuing tokens for client applications to use when they act on behalf of Cloud Foundry users. It can also authenticate users with their Cloud Foundry credentials, and can act as an SSO service using those credentials (or others). It has endpoints for managing user accounts and for registering OAuth2 clients, as well as various other management functions. The apps all work together with the apps running on the same port (8080) as /uaa, /app and /api.