openid-connect: An OpenID Connect library that does all the heavy lifting for you

[ bsd2, library, network ] [ Propose Tags ]

This package provides an OpenID Connect 1.0 compliant interface for clients and some useful types and functions for providers.

The primary goals of this package are security and usability.

To get started, take a look at the OpenID.Connect.Client.Flow.AuthorizationCode module.


[Skip to Readme]
Versions [faq] 0.1.0.0
Change log CHANGES.md
Dependencies aeson (>=1.3 && <1.5), base (>=4.9 && <5.0), blaze-html (>=0.9), bytestring (==0.10.*), case-insensitive (==1.2.*), cookie (==0.4.*), cryptonite (>=0.25 && <1.0), http-client (==0.6.*), http-client-tls (>=0.3), http-types (==0.12.*), jose (==0.8.*), lens (>=4.0 && <5.0), memory (>=0.14 && <1.0), mtl (==2.2.*), network-uri (==2.6.*), openid-connect (>=0.1), optparse-applicative (>=0.14), servant (>=0.16), servant-blaze (>=0.9), servant-server (>=0.16), text (==1.2.*), time (>=1.8 && <2.0), unordered-containers (==0.2.*), warp (>=3.2), warp-tls (>=3.2) [details]
License BSD-2-Clause
Copyright Copyright (c) 2020 Peter Jones
Author Peter Jones <pjones@devalot.com>
Maintainer Peter Jones <pjones@devalot.com>
Category Network
Home page https://github.com/sthenauth/openid-connect
Bug tracker https://github.com/sthenauth/openid-connect/issues
Uploaded by PeterJones at 2020-03-25T23:55:51Z
Distributions NixOS:0.1.0.0
Executables example
Downloads 98 total (18 in the last 30 days)
Rating (no votes yet) [estimated by Bayesian average]
Your Rating
  • λ
  • λ
  • λ
Status Hackage Matrix CI
Docs available [build log]
Last success reported on 2020-03-26 [all 1 reports]

Modules

[Index] [Quick Jump]

Flags

NameDescriptionDefaultType
example

Build the example application

DisabledManual

Use -f <flag> to enable a flag, or -f -<flag> to disable that flag. More info

Downloads

Maintainer's Corner

For package maintainers and hackage trustees


Readme for openid-connect-0.1.0.0

[back to package description]

sthenauth

OpenID Connect 1.0 in Haskell

An OpenID Connect 1.0 compliant library written in Haskell.

The primary goals of this package are security and usability.

Client Features

This library mostly focuses on the client side of the OpenID Connect protocol.

Supported flows:

  • [x] Authorization Code (see OpenID.Connect.Client.Flow.AuthorizationCode) (§3.1)
  • [ ] Implicit (partial implementation, patches welcome) (§3.2)
  • [ ] Hybrid (partial implementation, patches welcome) (§3.3)

Significant features:

  • ID Token validation via the jose library (§2)
  • Additional OIDC claim validation (e.g., nonce, azp, etc.) (§2)
  • Full support for all defined forms of client authentication (§9)
  • Handles session cookie generation and validation (§3.1.2.1, §15.5.2)
  • Dynamic Client Registration 1.0.

Provider Features

Some utility types and functions are available to assist in the writing of an OIDC Provider:

  • Discovery document (OpenID Connect Discovery 1.0 §3)
  • Key generation (simple wrapper around jose)

Certification Status

We plan on fully certifying this implementation using the following profiles:

  • [ ] Basic Relying Party
  • [ ] Implicit Relying Party
  • [ ] Hybrid Relying Party
  • [ ] Relying Party Using Configuration Information
  • [ ] Dynamic Relying Party
  • [ ] Form Post Relying Party

Specifications and RFCs