Lib.rs

Authentication
#user-login #oauth #open-id #connect #own #password #identity

bin+lib idcoop

Simple identity server (user login manager) supporting OpenID Connect (OAuth 2.0). Can be used for your own simple SSO system or so you don't have to write a login system for your software. [application crate, not a library]

Owned by reivilibre.

1 unstable release

0.0.1 Jul 7, 2024

#11 in #user-login

AGPL-3.0-or-later

175KB
3.5K SLoC

idCoop

idCoop is a small, lightweight identity provider / user login system. idCoop acts as an OpenID Connect (OAuth 2.0/2.1) provider. You can use it as a Single Sign On (SSO) solution for your home server or to avoid having to roll your own login system for your own service.

idCoop is still experimental and underdeveloped. If you use it, it's at your own risk :-).

Features

  • Support for OAuth 2.1 draft 9 (OAuth 2.1 is essentially a restatement of OAuth 2.0 best practices)
  • OpenID Connect
  • Username and password login (passwords hashed with Argon2)
  • Light requirements: less than 32 MB RAM usage

Future Features

  • E-mail registration
  • E-mail password resets
  • Two-Factor Authentication
  • Registration token/link system for invite-only services
  • Administration interface

Documentation

Documentation is in the docs directory and (TODO) will be available to view on the web.

Please see the documentation for installation instructions.

Licence and Contributing

Copyright © Olivier 'reivilibre' 2024

idCoop is licensed under the AGPL v3 at this time. See the LICENCE file. Unless otherwise stated, all files in this source repository are under this licence.

idCoop is currently a bit early-stage for contributions and I am still unsure about the final licence. However, if desired, please contact me via the e-mail address found in the git commit metadata. Thanks.

Acquiring development tools using the Nix flake

We have a Nix flake available containing all the required tools; either use direnv and direnv allow this repository or use nix develop --impure ./flake-devenv as needed.

Database

You'll need a Postgres database to run idCoop as well as when changing SQL queries in the code.

If using the Nix flake, you can use devenv up to start up a Postgres database (which you can then connect to automatically with the psql command line and the empty-looking postgres: URI for SQLx).

We use SQLx as the database driver and we use its compile-time query checking, but it is worth bearing in mind we support SQLx's 'offline mode'. (We want CI and other people to be able to compile the project without needing a database for query analysis.) What this means is that if you add or change a SQL query, you need to ask SQLx to update the stored query analyses by running cargo sqlx prepare --database-url postgres: and then you need to include the changes in the .sqlx/ directory in your commit.

Generating an RSA key

# Generate keypair part
openssl genrsa -out keypair.pem 2048
# Extract public part
openssl rsa -in keypair.pem -pubout -out publickey.crt

Dependencies

~58–93MB
~1.5M SLoC