openid-connect: An OpenID Connect library that does all the heavy lifting for you
This is a package candidate release! Here you can preview how this package release will appear once published to the main package index (which can be accomplished via the 'maintain' link below). Please note that once a package has been published to the main package index it cannot be undone! Please consult the package uploading documentation for more information.
This package provides an OpenID Connect 1.0 compliant interface for clients and some useful types and functions for providers.
The primary goals of this package are security and usability.
To get started, take a look at the OpenID.Connect.Client.Flow.AuthorizationCode module.
[Skip to Readme]
Properties
| Versions | 0.1.0.0, 0.1.1, 0.1.1, 0.1.2, 0.2.0 |
|---|---|
| Change log | CHANGES.md |
| Dependencies | aeson (>=1.3 && <1.6), base (>=4.9 && <5.0), blaze-html (>=0.9), bytestring (>=0.10 && <0.12), case-insensitive (>=1.2 && <1.3), cookie (>=0.4 && <0.5), cryptonite (>=0.25 && <1.0), http-client (>=0.6 && <0.8), http-client-tls (>=0.3), http-types (>=0.12 && <0.13), jose (>=0.8 && <0.9), lens (>=4.0 && <5.1), memory (>=0.14 && <1.0), mtl (>=2.2 && <2.3), network-uri (>=2.6 && <2.8), openid-connect, optparse-applicative (>=0.14), servant (>=0.16), servant-blaze (>=0.9), servant-server (>=0.16), text (>=1.2 && <1.3), time (>=1.8 && <2.0), unordered-containers (>=0.2 && <0.3), warp (>=3.2), warp-tls (>=3.2) [details] |
| License | BSD-2-Clause |
| Copyright | Copyright (c) 2020-2021 Peter Jones |
| Author | Peter Jones <pjones@devalot.com> |
| Maintainer | Peter Jones <pjones@devalot.com> |
| Category | Network |
| Home page | https://github.com/pjones/openid-connect |
| Bug tracker | https://github.com/pjones/openid-connect/issues |
| Source repo | head: git clone https://github.com/pjones/openid-connect.git |
| Uploaded | by PeterJones at 2021-05-24T15:46:09Z |
Modules
[Index] [Quick Jump]
Flags
Manual Flags
| Name | Description | Default |
|---|---|---|
| example | Build the example application | Disabled |
Use -f <flag> to enable a flag, or -f -<flag> to disable that flag. More info
Downloads
- openid-connect-0.1.1.tar.gz [browse] (Cabal source package)
- Package description (as included in the package)
Maintainer's Corner
Package maintainers
For package maintainers and hackage trustees
Readme for openid-connect-0.1.1
[back to package description]
OpenID Connect 1.0 in Haskell
An OpenID Connect 1.0 compliant library written in Haskell.
The primary goals of this package are security and usability.
Client Features
This library mostly focuses on the client side of the OpenID Connect protocol.
Supported flows:
- Authorization Code (see
OpenID.Connect.Client.Flow.AuthorizationCode) (§3.1) - Implicit (partial implementation, patches welcome) (§3.2)
- Hybrid (partial implementation, patches welcome) (§3.3)
Significant features:
- ID Token validation via the jose library (§2)
- Additional OIDC claim validation (e.g.,
nonce,azp, etc.) (§2) - Full support for all defined forms of client authentication (§9)
- Handles session cookie generation and validation (§3.1.2.1, §15.5.2)
- Dynamic Client Registration 1.0.
Provider Features
Some utility types and functions are available to assist in the writing of an OIDC Provider:
- Discovery document (OpenID Connect Discovery 1.0 §3)
- Key generation (simple wrapper around jose)
Certification Status
We plan on fully certifying this implementation using the following profiles:
- Basic Relying Party
- Implicit Relying Party
- Hybrid Relying Party
- Relying Party Using Configuration Information
- Dynamic Relying Party
- Form Post Relying Party