Comments (8)
This is a great project and you guys are awesome to open source it.
More examples and documentation will definitely help!
Best,
Le
from oidc.
Hi @duckfly-tw
Thanks for your kind words. I will forward them to @livio-a 😉
During the Christmas season, we take a little longer because many people are on well-deserved vacation. We do our best to complete the examples.
Cheers
from oidc.
Hi, are you open for pull request? I've just started working with your project and I find that the Godoc can be improved in some points. I find myself flipping through go doc, examples and source to find out how to implement the Storage
interfaces. Since I',m already doing the research effort, it should take much to supplement the documentation in the process.
For example,
Lines 11 to 13 in 94871af
- Doesn't tell me the requirements of
AuthStorage
is it a temporary storage to maintain state in the authentication workflow, or does it need persistence? - What does the third argument of type
string
do inCreateAuthRequest
? (same for most of the method)
When digging deeper into the example code, those questions are answered:
1:
oidc/example/server/internal/storage.go
Lines 159 to 163 in 94871af
2:
oidc/example/server/internal/storage.go
Lines 113 to 115 in 94871af
Therefore I would like to propose:
- Add more explicit documentation to the storage related interface types
- Use named arguments in the interface types.
For example, I would do something like:
// AuthStorage maintains states of the authentication processes and active tokens.
// Implementations may purge expired tokens or outdated authentication requests.
type AuthStorage interface {
// CreateAuthRequest stores a new authentication request in the database for the passed userID.
// A unique request ID (primary key) must be assigned by the implementation, for later retrieval.
CreateAuthRequest(ctx context.Context, r *oidc.AuthRequest, userID string) (AuthRequest, error)
// AuthRequestByID retrieves a authentication request by its unique ID.
AuthRequestByID(ctx context.Context, reqID string) (AuthRequest, error)
// DeleteAuthRequest will be called after creating the token response (id and access tokens) for a valid:
//- authentication request (in an implicit flow)
//- token request (in an authorization code flow)
DeleteAuthRequest(ctx context.Context, reqID string) error
Let me know if you're open for PRs and I'll get started ;).
from oidc.
Hi there,
I am in the same situation as muhlemmer. I am trying to implement an OP for development and testing purpose, but even though there is an example, the interfaces to implement lack some documentations and comments. Moreover, I have the feeling they are a bit bloated, e.g. there are too many methods in each Storage and some interfaces seem to have several responsibilities. This makes the implementation quite difficult.
from oidc.
Will close this issue for now, if we see new stuff popping up we will create dedicated issues for it.
from oidc.
Hi @raydeng83 thank you very much. @livio-a is doing a great job. Feedback like yours is why we are doing it. It makes working a pleasure 😊
If you have any suggestions please share them with us.
from oidc.
Hey @muhlemmer and @Adirelle
We're certainly open for PRs 😃 and would appreciate any help. And there's certainly lots of improvement possible on documentation. 😉
We started this project as we needed an OP for out own product (https://github.com/zitadel/zitadel) and wanted to separate the functionality into a package. We tried to abstract it as good as possible, but I'm sure there's room for improvement, too. If there are any suggestions on this, we can of course discuss this as well.
from oidc.
I think that what @muhlemmer proposes would be a good start to improve the documentation.
As for the interfaces, I think what is missing is some documentation about the entity-relation model used by the OP, and how entities are used. This could allow to write services and repository interfaces, which are easier to reason about and to implement. They could come as a separate package, with adapters to keep the compatibility with existing interfaces.
from oidc.
Related Issues (20)
- PKCE support is not enough HOT 1
- use trace id of external service HOT 2
- Allow custom forwarded header HOT 2
- [Bug]: client invalid signature when OIDC server is restarted HOT 2
- The automated release is failing 🚨
- [Bug]: nil pointer dereference in `crypto.BytesToPrivateKey` HOT 3
- Access to auto discovery configuration HOT 3
- Allow empty nonce from ID Tokens issued from Refresh Tokens HOT 10
- Support form_post OIDC response mode HOT 4
- Do not ignore all JWKS parsing errors HOT 2
- [Bug]: nil pointer dereference when not setting unauthorized handler HOT 2
- Switch to `log/slog` HOT 2
- [Bug]: The behavior of response_mode does not adhere to the guidelines HOT 2
- Support ``verification_url`` mispelling in the device auth response HOT 6
- Set IDTokenSigningAlgValuesSupported of DiscoveryConfiguration obtained by Discover when initializing RelyingParty. HOT 3
- Update to go-jose/v4 HOT 4
- add prometheus metrics for apis HOT 2
- JWT Profile Grant: return id_token if openid scope is set HOT 11
- I want to increase the defaults for signature algorithm. HOT 2
- Question about licensing HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oidc.