Table of Contents
Hi guys, a few days ago I was wondering how an OAuth Provider actually works. In order to get a deeper understanding, besides doing research, I decided to create one myself. So this project is for research purposes only. But feel free to look around and have fun :).
- docker
- go version >= 1.18
The Setup is very simple. Just follow the two steps below:
- git clone ...
Pull the project from Github
-
Removing the dist wording from the .env.dist filename
- .env.dist -> .env
- replace the dummy values
-
docker-compose up
Start the Application.
Each person who wants to use the Oauth provider must be a user.
The AccessGroup is responsible for giving each user certain rights in the oauth-provider. For example, there can be two AccessGroups. One for admins and one for normal users. The admin can add new users, add additional resources, manage access rights... while the normal user can only access their own credentials and the resources assigned to them.
Each resource simply represents an endpoint.
With the scope, the user can further restrict the access of external services to individual resources. For example, a service can access a resource but only read it.
Each external service must create credentials. With these credentials, the service can create a token that allows access to the authorised resources.
This section lists the main tech stack I used for this project.
