We have collection of more than 1 Million open source products ranging from Enterprise product to small libraries in all platforms. We aggregate information from all open source repositories. Search and find the best for your needs. Check out projects section.
fosite - Extensible security first OAuth 2.0 and OpenID Connect SDK for Go.
The security first OAuth2 & OpenID Connect framework for Go. Built simple, powerful and extensible. This library implements peer-reviewed IETF RFC6749, counterfeits weaknesses covered in peer-reviewed IETF RFC6819 and countermeasures various database attack scenarios, keeping your application safe when that hacker penetrates or leaks your database. OpenID Connect is implemented according to OpenID Connect Core 1.0 incorporating errata set 1 and includes all flows: code, implicit, hybrid.OAuth2 and OpenID Connect are difficult protocols. If you want quick wins, we strongly encourage you to look at Hydra. Hydra is a secure, high performance, cloud native OAuth2 and OpenID Connect service that integrates with every authentication method imaginable and is built on top of Fosite.
oauth oauth2 library sdk security auth authentication authorization openid-connect oauth2-server oauth2-providerhydra - OAuth2 server with OpenID Connect - cloud native, security-first, open source API security for your infrastructure
ORY Hydra is a hardened OAuth2 and OpenID Connect server optimized for low-latency, high throughput, and low resource consumption. ORY Hydra is not an identity provider (user sign up, user log in, password reset flow), but connects to your existing identity provider through a consent app. Implementing the consent app in a different language is easy, and exemplary consent apps (Go, Node) and SDKs (Go, Node) are provided.Besides mitigating various attack vectors, such as database compromisation and OAuth 2.0 weaknesses, ORY Hydra is able to securely manage JSON Web Keys, and has a sophisticated policy-based access control you can use if you want to. Click here to read more about security.
hydra oauth2 openid-connect docker server security authorization identity federation cloud cloud-native ssoIdentityServer4 - OpenID Connect and OAuth 2.0 Framework for ASP.NET Core
IdentityServer is a free, open source OpenID Connect and OAuth 2.0 framework for ASP.NET Core. Founded and maintained by Dominick Baier and Brock Allen, IdentityServer4 incorporates all the protocol implementations and extensibility points needed to integrate token-based authentication, single-sign-on and API access control in your applications. IdentityServer4 is officially certified by the OpenID Foundation and thus spec-compliant and interoperable. It is part of the .NET Foundation, and operates under their code of conduct. It is licensed under Apache 2 (an OSI approved license).For project documentation, please visit readthedocs.
openid-connect oauth2 aspnet-core security identity identityserver4IdentityServer4.Samples - Samples for IdentityServer4
For issues, use the consolidated IdentityServer4 issue tracker.
identityserver4 openid-connect oauth2 docker aspnet-coreCierge - 🗝️ Passwordless OIDC authentication done right
Cierge is an OpenID Connect server that handles user signup, login, profiles, management, social logins, and more. Instead of storing passwords, Cirege uses magic links/codes and external logins to authenticate your users. Passwords are insecure by default. Cierge does away by the illusion of security passwords give ("forgot password" usually relies upon email-based auth at the end of the day).
jwt identity passwordless authentication openid-connect oauth2 oauth2-server asp-net-coreAppAuth-Android - Android client SDK for communicating with OAuth 2.0 and OpenID Connect providers.
AppAuth for Android is a client SDK for communicating with OAuth 2.0 and OpenID Connect providers. It strives to directly map the requests and responses of those specifications, while following the idiomatic style of the implementation language. In addition to mapping the raw protocol flows, convenience methods are available to assist with common tasks like performing an action with fresh tokens. The library follows the best practices set out in RFC 8252 - OAuth 2.0 for Native Apps, including using Custom Tabs for authorization requests. For this reason, WebView is explicitly not supported due to usability and security reasons.
oauth2 openid-connect android-sdkAppAuth-iOS - iOS and macOS SDK for communicating with OAuth 2.0 and OpenID Connect providers.
AppAuth for iOS and macOS is a client SDK for communicating with OAuth 2.0 and OpenID Connect providers. It strives to directly map the requests and responses of those specifications, while following the idiomatic style of the implementation language. In addition to mapping the raw protocol flows, convenience methods are available to assist with common tasks like performing an action with fresh tokens. It follows the best practices set out in RFC 8252 - OAuth 2.0 for Native Apps including using SFAuthenticationSession and SFSafariViewController on iOS for the auth request. UIWebView and WKWebView are explicitly not supported due to the security and usability reasons explained in Section 8.12 of RFC 8252.
oauth2 openid-connect ios-sdkmod_auth_openidc - OpenID Connect Relying Party and OAuth 2
mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. It can also function as an OAuth 2.0 Resource Server, validating OAuth 2.0 bearer access tokens presented by OAuth 2.0 Clients. This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party (RP) to an OpenID Connect Provider (OP). It authenticates users against an OpenID Connect Provider, receives user identity information from the OP in a so called ID Token and passes on the identity information (a.k.a. claims) in the ID Token to applications hosted and protected by the Apache web server.
apache-httpd openid-connect openidconnect-client oauth2 oauth2-resource-server oauth openidcplay-pac4j - Security library for Play framework 2 in Java and Scala: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT
The play-pac4j project is an easy and powerful security library for Play framework v2 web applications which supports authentication and authorization, but also logout and advanced features like CSRF protection. It can work with Deadbolt. It's based on Play 2.6 (and Scala 2.11 or Scala 2.12) and on the pac4j security engine v3. It's available under the Apache 2 license. The LogoutController logs out the user from the application.
play-framework security authentication authorization cas oauth saml openid-connect ldap jwt sql mongodb login social-login logout facebook twitternode-oidc-provider - OpenID Provider(OP) implementation for node
oidc-provider is an OpenID Provider implementation of OpenID Connect. It allows to export a complete mountable or standalone OpenID Provider implementation. This implementation does not dictate a fixed data models or persistence store, instead, you must provide adapters for these. A generic in memory adapter is available to get you started as well as feature-less dev-only views to be able to get off the ground. The following specifications are implemented by oidc-provider. Note that not all features are enabled by default, check the configuration section on how to enable them.
openid oidc openid-provider openid-connect auth authentication certified config connect dynamic express hybrid identity implicit koa oauth oauth2 provider serverIdentityModel.OidcClient.Samples
All samples use a demo instance of identityserver (https://demo.identityserver.io) - you can see the source code here.
openid-connect oauth2IdentityModel
Supported platforms: netstandard14, desktop .NET, UWP, .NET Core, Xamarin iOS & Android. Nuget.Certified OpenID Connect relying party implementation.
openid-connect oauth2liferay-oidc-plugin - Plugin for Liferay, enabling OpenID Connect authentication
This plugin uses the OpenID Connect protocol to make Liferay use external authentication sources like social networks and SSO systems. It is available in the Liferay Marketplace. The OpenID Connect protocol delegates authentication to a so called Provider, and supplies the requesting application (in our case: Liferay) with an access token (like a temporary, restricted password) to request additional user information. With this user information, a Liferay-account is created if it does not exist, and to Liferay the user authentication is confirmed.
liferay-portal openid-connect oauth2 ssoauthpack - Package of distributed client and server OAuth2 classes
Authpack is an open-source project that uses User Agents (i.e. browsers), node.js and Open Source Packages to implement the OAuth 2.0 Authorization Protocol as defined by the IETF. Later also OpenID Connect will be added. Authpack can be used as Authentication and Authorization building block for client and server applications.
distributed oauth2 service authorization authentication openid-connectmobile-security-android-template - Android Template Application to Demonstrate a number of Best Practises around Mobile Security
A Native Android Application that demonstrates Secure Mobile Development Practises. For more information, please check the Mobile Security Project.
android security mobile app template openid-connect keystore secure storage client cert authentication keycloak sso access-control certificate-pinning root detection device trustnode-openid-client - A Relying Party(RP) implementation for node
openid-client is a server side OpenID Relying Party (RP, Client) implementation for Node.js, supports passport. The following client/RP features from OpenID Connect/OAuth2.0 specifications are implemented by openid-client.
oidc openid openid-client openid-connect passport auth authentication certified client config connect dynamic hybrid identity implicit oauth oauth2 party passportjs relying strategyhaskell-oidc-client - OpenID Connect 1.0 client (RP) library for Haskell
This package supports implementing of an OpenID Connect 1.0 Relying Party. It's written in Haskell. This package uses jose-jwt package for decoding a received tokens.
haskell openid-connectIdentityServer4SignalR - Demo of Authentication SignalR with JWT Tokens via OpenID Connect in DotNet Core
This is an example of how to generate JWT tokens using IdentityServer4 and use them to authenticate users in SignalR via a React/TypeScript Single Page App. It will accompany this blog post. Install Visual Studio 2015 Update 3 and/or DotNet Core 1.1.
signalr openid-connect donet-core identityserver4 typescript reactshibboleth-oidc - OpenID Connect support for the Shibboleth Identity Provider v3
An instance of this codebase is presently running on Heroku. You may need to refresh the page twice to wake up the instance as idle timeouts may cause it to go down. Note that no significant UI enhancements are taken into account. All configuration and changes are directly assumed to be applied to the IdP config without the presence of a web interface to facilitate. This includes administration and management of metadata, authZ codes and more.
saml2 shibboleth-identity-provider openid-connect mitreid authentication federation
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.
