keycloak-gatekeeper - A OpenID / Keycloak Proxy service

  •        311

Keycloak Gatekeeper is an adapter which, at the risk of stating the obvious, integrates with the Keycloak authentication service. The Gatekeeper is most happy in the company of Keycloak, but is also able to make friends with other OpenID Connect providers. The service supports both access tokens in browser cookie or bearer tokens.

https://github.com/keycloak/keycloak-gatekeeper

Tags
Implementation
License
Platform

   




Related Projects

keycloak - Open Source Identity and Access Management For Modern Applications and Services

  •    Java

Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code. Users authenticate with Keycloak rather than individual applications. This means that your applications don't have to deal with login forms, authenticating users, and storing users. Once logged-in to Keycloak, users don't have to login again to access a different application.

angular-oauth2-oidc - Support for OAuth 2 and OpenId Connect (OIDC) in Angular.

  •    TypeScript

Support for OAuth 2 and OpenId Connect (OIDC) in Angular. Successfully tested with Angular 6 and its Router, PathLocationStrategy as well as HashLocationStrategy and CommonJS-Bundling via webpack. At server side we've used IdentityServer (.NET/ .NET Core) and Redhat's Keycloak (Java).

mod_auth_openidc - OpenID Connect Relying Party and OAuth 2

  •    C

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. It can also function as an OAuth 2.0 Resource Server, validating OAuth 2.0 bearer access tokens presented by OAuth 2.0 Clients. This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party (RP) to an OpenID Connect Provider (OP). It authenticates users against an OpenID Connect Provider, receives user identity information from the OP in a so called ID Token and passes on the identity information (a.k.a. claims) in the ID Token to applications hosted and protected by the Apache web server.

fosite - Extensible security first OAuth 2.0 and OpenID Connect SDK for Go.

  •    Go

The security first OAuth2 & OpenID Connect framework for Go. Built simple, powerful and extensible. This library implements peer-reviewed IETF RFC6749, counterfeits weaknesses covered in peer-reviewed IETF RFC6819 and countermeasures various database attack scenarios, keeping your application safe when that hacker penetrates or leaks your database. OpenID Connect is implemented according to OpenID Connect Core 1.0 incorporating errata set 1 and includes all flows: code, implicit, hybrid.OAuth2 and OpenID Connect are difficult protocols. If you want quick wins, we strongly encourage you to look at Hydra. Hydra is a secure, high performance, cloud native OAuth2 and OpenID Connect service that integrates with every authentication method imaginable and is built on top of Fosite.

node-oidc-provider - OpenID Provider(OP) implementation for node

  •    Javascript

oidc-provider is an OpenID Provider implementation of OpenID Connect. It allows to export a complete mountable or standalone OpenID Provider implementation. This implementation does not dictate a fixed data models or persistence store, instead, you must provide adapters for these. A generic in memory adapter is available to get you started as well as feature-less dev-only views to be able to get off the ground. The following specifications are implemented by oidc-provider. Note that not all features are enabled by default, check the configuration section on how to enable them.


hydra - OAuth2 server with OpenID Connect - cloud native, security-first, open source API security for your infrastructure

  •    Go

ORY Hydra is a hardened OAuth2 and OpenID Connect server optimized for low-latency, high throughput, and low resource consumption. ORY Hydra is not an identity provider (user sign up, user log in, password reset flow), but connects to your existing identity provider through a consent app. Implementing the consent app in a different language is easy, and exemplary consent apps (Go, Node) and SDKs (Go, Node) are provided.Besides mitigating various attack vectors, such as database compromisation and OAuth 2.0 weaknesses, ORY Hydra is able to securely manage JSON Web Keys, and has a sophisticated policy-based access control you can use if you want to. Click here to read more about security.

MITREid Connect - An OpenID Connect reference implementation in Java on the Spring platform

  •    Java

This project contains a certified OpenID Connect reference implementation in Java on the Spring platform, including a functioning server library, deployable server package, client (RP) library, and general utility libraries. The server can be used as an OpenID Connect Identity Provider as well as a general-purpose OAuth 2.0 Authorization Server.

lua-resty-openidc - Lua implementation to make NGINX operate as an OpenID Connect RP or OAuth 2

  •    Lua

lua-resty-openidc is a library for NGINX implementing the OpenID Connect Relying Party (RP) and/or the OAuth 2.0 Resource Server (RS) functionality. When used as an OpenID Connect Relying Party it authenticates users against an OpenID Connect Provider using OpenID Connect Discovery and the Basic Client Profile (i.e. the Authorization Code flow). When used as an OAuth 2.0 Resource Server it can validate OAuth 2.0 Bearer Access Tokens against an Authorization Server or, in case a JSON Web Token is used for an Access Token, verification can happen against a pre-configured secret/key .

Apache Oltu - OAuth protocol implementation in Java

  •    Java

Apache Oltu is an OAuth protocol implementation in Java. It also covers others "OAuth family" related implementations such as JWT, JWS and OpenID Connect.

DotNetOpenAuth - A C# implementation of the OpenID, OAuth protocols

  •    CSharp

The C# implementation of the OpenID, OAuth protocols. Use DotNetOpenAuth to create Identity Providers and Identity Consumers (Relying Parties).

authlib - An ambitious authentication library for OAuth 1, OAuth 2, OpenID clients and servers.

  •    Python

Authlib is an ambitious authentication library for OAuth 1, OAuth 2, OpenID clients, servers and more. Authlib is compatible with Python2.7+ and Python3.5+.

IdentityServer3 - OpenID Connect Provider and OAuth 2

  •    CSharp

Certified OpenID Connect implementation.IdentityServer is a .NET/Katana-based framework and hostable component that allows implementing single sign-on and access control for modern web applications and APIs using protocols like OpenID Connect and OAuth2. It supports a wide range of clients like mobile, web, SPAs and desktop applications and is extensible to allow integration in new and existing architectures.

OpenID Provider for X.509 client certs

  •    Python

There are many sites using OpenID as alternative login method. The application is for CA's (e.g. CAcert) and service providers which would implement an OpenID provider for their client certs. You could use a X.509 certificate to login to an OpenID site.

IdentityServer4 - OpenID Connect and OAuth 2.0 Framework for ASP.NET Core

  •    CSharp

IdentityServer is a free, open source OpenID Connect and OAuth 2.0 framework for ASP.NET Core. Founded and maintained by Dominick Baier and Brock Allen, IdentityServer4 incorporates all the protocol implementations and extensibility points needed to integrate token-based authentication, single-sign-on and API access control in your applications. IdentityServer4 is officially certified by the OpenID Foundation and thus spec-compliant and interoperable. It is part of the .NET Foundation, and operates under their code of conduct. It is licensed under Apache 2 (an OSI approved license).For project documentation, please visit readthedocs.

Silhouette - Authentication library for Play Framework

  •    Scala

Silhouette is an authentication library for Play Framework applications that supports several authentication methods, including OAuth1, OAuth2, OpenID, CAS, Credentials, Basic Authentication, Two Factor Authentication or custom authentication schemes.

dex - OpenID Connect Identity (OIDC) and OAuth 2.0 Provider with Pluggable Connectors

  •    Go

Dex is an identity service that uses OpenID Connect to drive authentication for other apps. Dex acts as a portal to other identity providers through "connectors." This lets dex defer authentication to LDAP servers, SAML providers, or established identity providers like GitHub, Google, and Active Directory. Clients write their authentication logic once to talk to dex, then dex handles the protocols for a given backend.

AppAuth-Android - Android client SDK for communicating with OAuth 2.0 and OpenID Connect providers.

  •    Java

AppAuth for Android is a client SDK for communicating with OAuth 2.0 and OpenID Connect providers. It strives to directly map the requests and responses of those specifications, while following the idiomatic style of the implementation language. In addition to mapping the raw protocol flows, convenience methods are available to assist with common tasks like performing an action with fresh tokens. The library follows the best practices set out in RFC 8252 - OAuth 2.0 for Native Apps, including using Custom Tabs for authorization requests. For this reason, WebView is explicitly not supported due to usability and security reasons.

AppAuth-iOS - iOS and macOS SDK for communicating with OAuth 2.0 and OpenID Connect providers.

  •    Objective-C

AppAuth for iOS and macOS is a client SDK for communicating with OAuth 2.0 and OpenID Connect providers. It strives to directly map the requests and responses of those specifications, while following the idiomatic style of the implementation language. In addition to mapping the raw protocol flows, convenience methods are available to assist with common tasks like performing an action with fresh tokens. It follows the best practices set out in RFC 8252 - OAuth 2.0 for Native Apps including using SFAuthenticationSession and SFSafariViewController on iOS for the auth request. UIWebView and WKWebView are explicitly not supported due to the security and usability reasons explained in Section 8.12 of RFC 8252.

openiddict-core - Easy-to-use OpenID Connect server for ASP.NET Core

  •    CSharp

OpenIddict aims at providing a simple and easy-to-use solution to implement an OpenID Connect server in any ASP.NET Core 1.x or 2.x application. OpenIddict is based on AspNet.Security.OpenIdConnect.Server (codenamed ASOS) to control the OpenID Connect authentication flow and can be used with any membership stack, including ASP.NET Core Identity.





We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.