OpenID Connect

Last modified by Thomas Mortagne on 2017/09/26 16:49

Various tools to manipulate OpenID Connect protocol in XWiki

Description

This project has two main goals:

  1. make as easy as possible to use an XWiki instance as identity provider for another XWiki instance
  2. make XWiki support what is becoming the most standard identity protocol on Internet both as a provider for other applications and as a client of reference identity providers

License: GNU Lesser General Public License 2.1
Sources: https://github.com/xwiki-contrib/oidc/
Issues: https://jira.xwiki.org/browse/OIDC

OpenID Connect

From http://openid.net/connect/:

OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner.

OpenID Connect allows clients of all types, including Web-based, mobile, and JavaScript clients, to request and receive information about authenticated sessions and end-users. The specification suite is extensible, allowing participants to use optional features such as encryption of identity data, discovery of OpenID Providers, and session management, when it makes sense for them.

See http://openid.net/connect/faq/ for a set of answers to Frequently Asked Questions about OpenID Connect.

This project is relying on Nimbus OAuth 2.0 SDK with OpenID Connect extensions for its implementation which among other things offers parsers and processors for OpenID Connect request/responses in Java.

The modules

Release Notes

All release notes

1.6.3

  • Closed OIDC-43 Provider sometime find consent coming from a different user

1.6.2

  • Closed OIDC-42 OpenID Connect clients might be wrongly recognized as simple OAuth2 clients

1.6.1

  • Closed OIDC-40 No mail information sent with OAuth2 client

1.6

  • Closed OIDC-39 Add support for OAuth 2 in the provider

1.5

  • Closed OIDC-37 Remove the workaround for XWIKI-13456
Tags:
Created by Thomas Mortagne on 2016/06/03 16:45
    

Get Connected