README
¶
oidc-server
OpenID Connect development server based on https://github.com/zitadel/oidc/tree/main/example/server.
Setup
Runtime environment variables
ISSUER: fully qualified domain name.DATA_DIR: absolute path to stored mock data. e.g./data.PORT(optional): server port. Default:10001. Expose accordingly if using containers.
Required files
-
${DATA_DIR}/users/*.json: JSON files with key-value pairs of users for easier testing. Keys are ignored. Server will raise errors at login page if duplicated IDs are found for easier debugging. The${DATA_DIR}/usersfolder is continuously watched for changes. Seestorage/user.go'sUserfor available fields. -
${DATA_DIR}/redirect_uris.txt: valid redirect URIs to load at startup.
Examples
See example directory. Run with ./example/run, point to it in your client
app and edit redirect_uris.txt accordingly.
Documentation
¶
Overview ¶
Package oidc_server is a modified version of the example server at https://github.com/zitadel/oidc/tree/main/example/server.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Config ¶
type Config[T storage.User] struct { // SetUserInfoFunc overrides population of userinfo based on scope. // Example: // // const ( // // CustomScope is an example for how to use custom scopes in this library // // (in this scenario, when requested, it will return a custom claim) // CustomScope = "custom_scope" // AuthScope = "auth" // // CustomClaim is an example for how to return custom claims with this library // CustomClaim = "custom_claim" // AuthClaim = "auth" // ) // // // customClaim demonstrates how to return custom claims based on provided information // func customClaim(clientID string) map[string]interface{} { // return map[string]interface{}{ // "client": clientID, // "other": "stuff", // } // } // // func SetUserInfoFunc(user *CustomUser, userInfo *oidc.UserInfo, scope string, clientID string) { // switch scope { // case oidc.ScopeOpenID: // userInfo.Subject = user.ID // case oidc.ScopeEmail: // userInfo.Email = user.Email // userInfo.EmailVerified = oidc.Bool(user.EmailVerified) // case oidc.ScopeProfile: // userInfo.PreferredUsername = user.Username // userInfo.Name = user.FirstName + " " + user.LastName // userInfo.FamilyName = user.LastName // userInfo.GivenName = user.FirstName // userInfo.Locale = oidc.NewLocale(user.PreferredLanguage) // case oidc.ScopePhone: // userInfo.PhoneNumber = user.Phone // userInfo.PhoneNumberVerified = user.PhoneVerified // case AuthScope: // userInfo.AppendClaims(AuthClaim, map[string]interface{}{ // "is_admin": user.IsAdmin, // }) // case CustomScope: // userInfo.AppendClaims(CustomClaim, customClaim(clientID)) // } // } SetUserInfoFunc storage.SetUserInfoFunc[T] // GetPrivateClaimsFromScopesFunc will be called for the creation of a JWT access token to assert claims for custom scopes. // Example: // func getPrivateClaimsFromScopes(ctx context.Context, userID, clientID string, scopes []string) (claims map[string]interface{}, err error) { // for _, scope := range scopes { // switch scope { // case CustomScope: // claims = storage.AppendClaim(claims, CustomClaim, customClaim(clientID)) // } // } // return claims, nil // } GetPrivateClaimsFromScopesFunc storage.GetPrivateClaimsFromScopesFunc // TLS runs the server with the given certificate. TLS *struct { CertFile string KeyFile string } // PathPrefix represents domain subdirectories for the base URL, if any. PathPrefix string }
Config defines OIDC server configuration.
Source Files
Directories