janekolszak / idp Goto Github PK
View Code? Open in Web Editor NEWIdentity provider for Hydra
License: MIT License
Identity provider for Hydra
License: MIT License
Wouldn't it be better for Provider
to have something similar to WriteError
instead of Respond
. I feel that Respond
means to send a normal response of some sort.
I wanted to quickly highlight this before API matures, while we still have a chance to break the API.
Appreciate what you've done here. It's a huge undertaking. ๐
A major refactoring is getting close.
In order to avoid any build breaks be sure to use release 0.1.0 of idp.
Things that will change:
When trying to login for a second time
securecookie: the value is too long
error occurs.
I'm guessing it's exceeding the cookie size limit.
Placeholder issue for pulling together some discussion/thoughts on this. Couple of thoughts on this at the moment:
HandleChallengeGET()
being registered for both GET & POST on the root endpoint. This relates a little to the discussion in #3 over the Respond()
method - I was thinking that the forms provider would only ever return a form for GET, but I don't want to interfere and take this some direction you don't want.I'm happy to put some work into this.
Hello,
First of all, thanks for providing this library!
Would you be able to point me in the right direction? I do not ask you to solve my issue but just let me know what I should look into...
I am using the form with rethinkdb and get it working within my environment. But I never get the consent request.
From the code I can see that this is because there is no challenge in the request.
challenge, err := h.IDP.NewChallenge(r, user)
if err != nil { <=== err not nil.... Bad request
fmt.Println(err.Error())
h.Provider.WriteError(w, r, err)
return
}
My question is how am I supposed to get it? I am missing something probably silly as I am new to IDP.
Can you give me a hint or a few words about the expected worklflow?
Thanks a lot,
Steve.
^
I tried to sample from the readme:
import (
"github.com/janekolszak/idp"
"github.com/antonlindstrom/pgstore"
"time"
)
func main() {
challengeCookieStore, err = pgstore.NewPGStore("postgres://user:pass@address/dbname", []byte("secret"))
// Return on error
// Create the IDP
IDP := idp.NewIDP(&idp.IDPConfig{
ClusterURL: /* Hydra's address */,
ClientID: /* IDP's client ID */,
ClientSecret: /* IDP's client secret */,
KeyCacheExpiration: time.Duration(/* Key expiration time */) * time.Second,
ClientCacheExpiration: time.Duration(/* Client info expiration */) * time.Second,
CacheCleanupInterval: time.Duration(/* Cache cleanup interval. Eg. 30 */) * time.Second,
ChallengeExpiration: time.Duration(/* Challenge cookie expiration. Eg. 10 */) * time.Minutes,
ChallengeStore: challengeCookieStore,
})
// Connects with Hydra and fills caches
err = IDP.Connect(true /*TLS verification*/)
// Return on error
}
and I got:
panic: oauth2: cannot fetch token: 400 Bad Request
Response: {"error":"invalid_scope","error_description":"The requested scope is invalid, unknown, or malformed","statusCode":400}
I created the client and secret with hydra clients create
.
I started hydra with docker run -d --name my-hydra -p 4444:4444 -e CONSENT_URL=http://<my_ip>:3000 oryd/hydra
.
It would be good if a high-availability configuration was possible. Using go-cache prevents this as it's all in single-process on one machine. However, I do like the simplicity of go-cache for getting started. How about abstracting the cache implementation to an interface which is pushed down from main()? Can provide go-cache as a simple implementation, but it opens the possibility to provide alternative implementations (memcache/groupcache etc)
Happy to do this for you..
PS - I know this is still early-stages, and really appreciate what you're doing with this. ๐
maybe https://github.com/Sirupsen/logrus or https://github.com/spf13/jWalterWeatherman ?
allows easier debug by knowing which file/linenumber it came from, and also changing verbosity levels etc
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.