big-kahuna-burger / f0 Goto Github PK
View Code? Open in Web Editor NEWOIDC Protocol Conforming Identity Provider and a Management Dashboard
Home Page: https://f0-manage.vercel.app
License: MIT License
OIDC Protocol Conforming Identity Provider and a Management Dashboard
Home Page: https://f0-manage.vercel.app
License: MIT License
client_credentials
to grant_types
.Token Endpoint Method is nonsecretive when token_endpoint_auth_method
is one of (private_key_jwt
, none
, tls_client_auth
, self_signed_tls_client_auth
)
Corresponding default grant types: implicit
(?), authorization_code
, refresh_token
Token Endpoint Method is a secretive when token_endpoint_auth_method
is not in above set.
Corresponding default grant types: implicit
(?), authorization_code
, refresh_token
, client_credentials
Right now, there is only single identity connection.
This DB.
So Account,PasswordHash,Identity models are all in single schema.
See the schema layout and disjunct the schema into base schema plus password bound connection/s schemas parts.
Query appropriately.
Ideally N are needed, so something like making/destroying parts of schema for password bound connections on the fly needs to happen with DB server.
A nicer looking light theme.
Right now I just use dark in development, but it should be switchable and also have ability to follow system applied colour scheme.
A Management API token should have permissions built in and enforced at v1/manage router, returning 403 then token has insufficient scope.
Additional context
Consider declarative api like fastify-guard, built in is the preferred way of implementation.
Implement adding jwks
to oidcClient on load by library
storing of n jwks per client when auth method is private_key_jwt
(RSA 2-4K as PEM/JWK formatted, or X509 cert as PEM/JWK formatted)
Translate everything into JWK and show diff format on demand.
Endpoint to accept PEM or JWK for clientId
Render Credentials when private_key_jwt
Credential Actions full cycle
Implement custom connections to other third party OIDCs that expose metadata
0
to N
Connections enabled for a clientGiven this fact:
login
interaction and dynamic plugin mounting the relevant connection configurations, start with Google as first alt example that can be enabled/disabledImplement a connection Tester on connections/iD component
All manage/v1
are lacking param validations
Drop react-scripts
in favour of vite.
Implement Social Connections strategies starting with Google and Github
Implement custom custom connection to other IDPs using SAML protocol and expose SAML IDP federation metadata.
There is no standard auth parameter for connection
property, but rather it needs a support trough a extraParams
prop with oidc-provider library.
See docs
client_id
during GET interaction/:uid
call, the login screen needs to be dynamic based on following:specified connection disabled for a client
Maybe not that useful...
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.