This project is actually a journey. This is a big evolution of the OAuth2 authorization server developed during my master thesis to an OpenID Connect authentication server. In this new version I expand the initial project in order to use JWT token embracing OpenID Connect protocol, all written in Kotlin based on Spring Boot 3.x and more over to the latest spring based oauth2.1/openid connect framework: spring-authorization-server.

Right now it is based, as said before to the latest version on spring oauth2/open id connect framework spring-authorization-server.

API:

• Client Applications management
• roles management
• account management
• sign up: admin:signup scope is required
• welcome mail: admin:welcome scope is required
• email verification: admin:mail-verify scope is required
• reset password: admin:reset-password scope is required
• access_token/id_token customization via lambda, see here for more details

Storage:

• DynamoDB
• Redis:
  • authorization code
  • distributed session store
  • distributed cache
• RSA key pair are created from KMS Customer Master Key stored on Dynamo, private key encrypted via KMS of course stored on Dynamo.

General Feature:

VAuthenticator implements front_channel single logout openid connect specification session management

In order to make simple the ui assets build for local development take in consideration to enable the following spring configuration properties:

  document:
    engine: file-system
    fs-base-path: dist

in order to be sure to have the asset files in the correct path execute this script:

rm -rf dist

mkdir -p dist/static-asset/content/asset/
mkdir -p dist/mail/templates

cd src/main/frontend
npm install
npm run-script build

cd dist/asset

cp * ../../../../../dist/static-asset/content/asset/

cd ../../../../../communication/default/mail 
cp *  ../../../dist/mail/templates