Displaying 1 to 20 from 94 results

fosite - Extensible security first OAuth 2.0 and OpenID Connect SDK for Go.

  •    Go

The security first OAuth2 & OpenID Connect framework for Go. Built simple, powerful and extensible. This library implements peer-reviewed IETF RFC6749, counterfeits weaknesses covered in peer-reviewed IETF RFC6819 and countermeasures various database attack scenarios, keeping your application safe when that hacker penetrates or leaks your database. OpenID Connect is implemented according to OpenID Connect Core 1.0 incorporating errata set 1 and includes all flows: code, implicit, hybrid.OAuth2 and OpenID Connect are difficult protocols. If you want quick wins, we strongly encourage you to look at Hydra. Hydra is a secure, high performance, cloud native OAuth2 and OpenID Connect service that integrates with every authentication method imaginable and is built on top of Fosite.

osin - Golang OAuth2 server library

  •    Go

OSIN is an OAuth2 server library for the Go language, as specified at http://tools.ietf.org/html/rfc6749 and http://tools.ietf.org/html/draft-ietf-oauth-v2-10.It also includes support for PKCE, as specified at https://tools.ietf.org/html/rfc7636, which increases security for code-exchange flows for public OAuth clients.

DotNetOpenAuth - A C# implementation of the OpenID, OAuth protocols

  •    CSharp

The C# implementation of the OpenID, OAuth protocols. Use DotNetOpenAuth to create Identity Providers and Identity Consumers (Relying Parties).




oauth2-server - A spec compliant, secure by default PHP OAuth 2.0 Server

  •    PHP

league/oauth2-server is a standards compliant implementation of an OAuth 2.0 authorization server written in PHP which makes working with OAuth 2.0 trivial. You can easily configure an OAuth 2.0 server to protect your API with access tokens, or allow clients to request new access tokens and refresh them.This library was created by Alex Bilbie. Find him on Twitter at @alexbilbie.

django-oauth-toolkit - OAuth2 goodies for the Djangonauts!

  •    Python

Django OAuth Toolkit can help you providing out of the box all the endpoints, data and logic needed to add OAuth2 capabilities to your Django projects. Django OAuth Toolkit makes extensive use of the excellent OAuthLib, so that everything is rfc-compliant.We love contributions, so please feel free to fix bugs, improve things, provide documentation. Just follow the guidelines and submit a PR.

flask-oauthlib - OAuthlib implementation for Flask.

  •    Python

Flask-OAuthlib is an extension to Flask that allows you to interact with remote OAuth enabled applications. On the client site, it is a replacement for Flask-OAuth. But it does more than that, it also helps you to create OAuth providers.Flask-OAuthlib relies on oauthlib.


Google Authenticator - Two factor authentication

  •    Java

The Google Authenticator project includes implementations of one-time passcode generators for several mobile platforms, as well as a pluggable authentication module (PAM). One-time passcodes are generated using open standards developed by the Initiative for Open Authentication (OATH). These implementations support the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238.

OpenAM - Authentication, Authorization and SSO

  •    Java

OpenAM provides open source Authentication, Authorization, Entitlement and Federation software. OpenAM provides core identity services to simplify the implementation of transparent single sign-on (SSO) as a security component in a network infrastructure. OpenAM provides the foundation for integrating diverse web applications that might typically operate against a disparate set of identity repositories and are hosted on a variety of platforms such as web and application servers.

zxcvbn - Low-Budget Password Strength Estimation

  •    CoffeeScript

zxcvbn is a password strength estimator inspired by password crackers. Through pattern matching and conservative estimation, it recognizes and weighs 30k common passwords, common names and surnames according to US census data, popular English words from Wikipedia and US television and movies, and other common patterns like dates, repeats (aaa), sequences (abcd), keyboard patterns (qwertyuiop), and l33t speak.Consider using zxcvbn as an algorithmic alternative to password composition policy — it is more secure, flexible, and usable when sites require a minimal complexity score in place of annoying rules like "passwords must contain three of {lower, upper, numbers, symbols}".

pac4j - The security engine to protect all your Java web applications

  •    Java

pac4j is a Java security engine to authenticate users, get their profiles and manage their authorizations in order to secure Java web applications. It supports most authentication mechanisms: OAuth (Facebook, Twitter, Google, Yahoo...), CAS, HTTP (form, basic auth...), OpenID, SAML, Google App Engine, OpenID Connect, JWT, LDAP, RDBMS, MongoDB and Stormpath and authorization checks.

twofactorauth - List of sites with two factor auth support which includes SMS, email, phone calls, hardware, and software

  •    HTML

A list of popular sites and whether or not they accept two factor auth. The goal is to build a website (TwoFactorAuth.org) with a comprehensive list of sites that support Two Factor Authentication, as well as the methods that they provide.

SSSD - System Security Services Daemon

  •    C

SSSD is a system daemon. Its primary function is to provide access to identity and authentication remote resource through a common framework that can provide caching and offline support to the system. It provides PAM and NSS modules, and in the future will D-BUS based interfaces for extended user information. It provides also a better database to store local users as well as extended user data.

MITREid Connect - An OpenID Connect reference implementation in Java on the Spring platform

  •    Java

This project contains a certified OpenID Connect reference implementation in Java on the Spring platform, including a functioning server library, deployable server package, client (RP) library, and general utility libraries. The server can be used as an OpenID Connect Identity Provider as well as a general-purpose OAuth 2.0 Authorization Server.

JOSSO - Java Open Single Sign-On

  •    Java

JOSSO is an Open Source Internet SSO solution for rapid and standards-based (SAML) Internet-scale Single Sign-On implementations, allowing secure Internet access to the Web-based applications or services of customers, suppliers, and business partners. It supports Windows authentication, LDAP support.

connect-roles - Provides dynamic roles based authorisation for node.js connect and express servers.

  •    Javascript

Connect roles is designed to work with connect or express. It is an authorisation provider, not an authentication provider. It is designed to support context sensitive roles/abilities, through the use of middleware style authorisation strategies. If you're looking for an authentication system I suggest you check out passport.js, which works perfectly with this module.

OpenPAM - Linux Pluggable Authentication Module

  •    C

OpenPAM is an Pluggable Authentication Module (PAM) library that focuses on simplicity, correctness, and cleanliness. Its aim is to gather the best features of Solaris PAM, ?XSSO and Linux-PAM, plus some innovations of its own. In areas where these implementations disagree, OpenPAM tries to remain compatible with Solaris, at the expense of XSSO conformance and Linux-PAM compatibility.

Apache Shiro - Java Security Framework

  •    Java

Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. With Shiro’s easy-to-understand API, you can quickly and easily secure any JVM-based application – from the smallest mobile applications to the largest web and enterprise applications.