The security first OAuth2 & OpenID Connect framework for Go. Built simple, powerful and extensible. This library implements peer-reviewed IETF RFC6749, counterfeits weaknesses covered in peer-reviewed IETF RFC6819 and countermeasures various database attack scenarios, keeping your application safe when that hacker penetrates or leaks your database. OpenID Connect is implemented according to OpenID Connect Core 1.0 incorporating errata set 1 and includes all flows: code, implicit, hybrid.OAuth2 and OpenID Connect are difficult protocols. If you want quick wins, we strongly encourage you to look at Hydra. Hydra is a secure, high performance, cloud native OAuth2 and OpenID Connect service that integrates with every authentication method imaginable and is built on top of Fosite.
oauth oauth2 library sdk security auth authentication authorization openid-connect oauth2-server oauth2-providerIdentityServer is a free, open source OpenID Connect and OAuth 2.0 framework for ASP.NET Core. Founded and maintained by Dominick Baier and Brock Allen, IdentityServer4 incorporates all the protocol implementations and extensibility points needed to integrate token-based authentication, single-sign-on and API access control in your applications. IdentityServer4 is officially certified by the OpenID Foundation and thus spec-compliant and interoperable. It is part of the .NET Foundation, and operates under their code of conduct. It is licensed under Apache 2 (an OSI approved license).For project documentation, please visit readthedocs.
openid-connect oauth2 aspnet-core security identity identityserver4For issues, use the consolidated IdentityServer4 issue tracker.
identityserver4 openid-connect oauth2 docker aspnet-coreCierge is an OpenID Connect server that handles user signup, login, profiles, management, social logins, and more. Instead of storing passwords, Cirege uses magic links/codes and external logins to authenticate your users. Passwords are insecure by default. Cierge does away by the illusion of security passwords give ("forgot password" usually relies upon email-based auth at the end of the day).
jwt identity passwordless authentication openid-connect oauth2 oauth2-server asp-net-coreORY Hydra is a hardened, OpenID Certified OAuth 2.0 Server and OpenID Connect Provider optimized for low-latency, high throughput, and low resource consumption. ORY Hydra is not an identity provider (user sign up, user login, password reset flow), but connects to your existing identity provider through a login and consent app. Implementing the login and consent app in a different language is easy, and exemplary consent apps (Go, Node) and SDKs are provided.
docker security identity oauth oauth2 cloud server oauth2-provider authorization sso openid oauth2-server openid-connect oauth-provider openid-provider federation oidc hacktoberfest openid-connect-providerAppAuth for Android is a client SDK for communicating with OAuth 2.0 and OpenID Connect providers. It strives to directly map the requests and responses of those specifications, while following the idiomatic style of the implementation language. In addition to mapping the raw protocol flows, convenience methods are available to assist with common tasks like performing an action with fresh tokens. The library follows the best practices set out in RFC 8252 - OAuth 2.0 for Native Apps, including using Custom Tabs for authorization requests. For this reason, WebView is explicitly not supported due to usability and security reasons.
oauth2 openid-connect android-sdkZITADEL provides you with all the features necessary to build great solutions, without the need of building the login and access management yourself.
authentication user-management auth0-alternative kubernetes security identity jwt oauth2 angular cqrs iam auth event-sourcing sso cloud-native openid-connect oidc identity-provider access-control single-sign-onAppAuth for iOS and macOS is a client SDK for communicating with OAuth 2.0 and OpenID Connect providers. It strives to directly map the requests and responses of those specifications, while following the idiomatic style of the implementation language. In addition to mapping the raw protocol flows, convenience methods are available to assist with common tasks like performing an action with fresh tokens. It follows the best practices set out in RFC 8252 - OAuth 2.0 for Native Apps including using SFAuthenticationSession and SFSafariViewController on iOS for the auth request. UIWebView and WKWebView are explicitly not supported due to the security and usability reasons explained in Section 8.12 of RFC 8252.
oauth2 openid-connect ios-sdkmod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. It can also function as an OAuth 2.0 Resource Server, validating OAuth 2.0 bearer access tokens presented by OAuth 2.0 Clients. This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party (RP) to an OpenID Connect Provider (OP). It authenticates users against an OpenID Connect Provider, receives user identity information from the OP in a so called ID Token and passes on the identity information (a.k.a. claims) in the ID Token to applications hosted and protected by the Apache web server.
apache-httpd openid-connect openidconnect-client oauth2 oauth2-resource-server oauth openidcThe play-pac4j project is an easy and powerful security library for Play framework v2 web applications which supports authentication and authorization, but also logout and advanced features like CSRF protection. It can work with Deadbolt. It's based on Play 2.6 (and Scala 2.11 or Scala 2.12) and on the pac4j security engine v3. It's available under the Apache 2 license. The LogoutController logs out the user from the application.
play-framework security authentication authorization cas oauth saml openid-connect ldap jwt sql mongodb login social-login logout facebook twitterAuthentication Plugin for Caddy v2 implementing Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0, SAML Authentication. The purpose of this plugin is providing authentication only. The plugin issue JWT tokens upon successful authentication. In turn, the authorization of the tokens is being handled by caddy-auth-jwt.
ldap jwt saml oauth2 authentication caddy jwt-tokens facebook-login ldap-authentication openid-connect authentication-backend user-registration caddy-plugin authentication-portal authentication-middleware user-identity github-authentication caddy2 caddy-module ldap-authentication-backendoidc-provider is an OpenID Provider implementation of OpenID Connect. It allows to export a complete mountable or standalone OpenID Provider implementation. This implementation does not dictate a fixed data models or persistence store, instead, you must provide adapters for these. A generic in memory adapter is available to get you started as well as feature-less dev-only views to be able to get off the ground. The following specifications are implemented by oidc-provider. Note that not all features are enabled by default, check the configuration section on how to enable them.
openid oidc openid-provider openid-connect auth authentication certified config connect dynamic express hybrid identity implicit koa oauth oauth2 provider serverASP.NET Core helper library managing user and client access tokens in ASP.NET Core. See here for documentation.
oauth2 aspnetcore identityserver openid-connect identitymodelAll samples use a demo instance of identityserver (https://demo.identityserver.io) - you can see the source code here.
openid-connect oauth2Supported platforms: netstandard14, desktop .NET, UWP, .NET Core, Xamarin iOS & Android. Nuget.Certified OpenID Connect relying party implementation.
openid-connect oauth2This plugin uses the OpenID Connect protocol to make Liferay use external authentication sources like social networks and SSO systems. It is available in the Liferay Marketplace. The OpenID Connect protocol delegates authentication to a so called Provider, and supplies the requesting application (in our case: Liferay) with an access token (like a temporary, restricted password) to request additional user information. With this user information, a Liferay-account is created if it does not exist, and to Liferay the user authentication is confirmed.
liferay-portal openid-connect oauth2 ssoAuthpack is an open-source project that uses User Agents (i.e. browsers), node.js and Open Source Packages to implement the OAuth 2.0 Authorization Protocol as defined by the IETF. Later also OpenID Connect will be added. Authpack can be used as Authentication and Authorization building block for client and server applications.
distributed oauth2 service authorization authentication openid-connectA Native Android Application that demonstrates Secure Mobile Development Practises. For more information, please check the Mobile Security Project.
android security mobile app template openid-connect keystore secure storage client cert authentication keycloak sso access-control certificate-pinning root detection device trustopenid-client is a server side OpenID Relying Party (RP, Client) implementation for Node.js, supports passport. The following client/RP features from OpenID Connect/OAuth2.0 specifications are implemented by openid-client.
oidc openid openid-client openid-connect passport auth authentication certified client config connect dynamic hybrid identity implicit oauth oauth2 party passportjs relying strategy
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.