|Project Name||Stars||Downloads||Repos Using This||Packages Using This||Most Recent Commit||Total Releases||Latest Release||Open Issues||License||Language|
|Api Security Checklist||20,661||4 days ago||12||mit|
|Checklist of the most important security countermeasures when designing, testing, and releasing your API|
|Hydra||13,878||8||a day ago||1||May 08, 2019||75||apache-2.0||Go|
|OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.|
|Identityserver4||8,944||314||359||3 months ago||99||March 18, 2021||apache-2.0||C#|
|OpenID Connect and OAuth 2.0 Framework for ASP.NET Core|
|Socialite||5,232||4,775||476||a month ago||77||February 01, 2022||mit||PHP|
|Laravel wrapper around OAuth 1 & OAuth 2 libraries.|
|Flask Appbuilder||4,100||301||23||5 days ago||276||July 06, 2022||127||bsd-3-clause||Python|
|Simple and rapid application development framework, built on top of Flask. includes detailed security, auto CRUD generation for your models, google charts and much more. Demo (login with guest/welcome) - http://flaskappbuilder.pythonanywhere.com/|
|Authentik||3,436||1||2 days ago||214||September 23, 2022||287||mit||Python|
|The authentication glue you need.|
|Passport||3,113||2,564||481||8 days ago||112||January 25, 2022||mit||PHP|
|Laravel Passport provides OAuth2 server support to Laravel.|
|Sso||2,981||3 months ago||1||July 06, 2021||87||mit||Go|
|sso, aka S.S.Octopus, aka octoboi, is a single sign-on solution for securing internal services|
|Cli||2,931||78||3 days ago||265||September 13, 2022||120||apache-2.0||Go|
|🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.|
|A microservices API Gateway built on top of Express.js|
I've just announced a new course, dedicated on exploring the new OAuth2 stack in Spring Security 5 - Learn Spring Security OAuth: http://bit.ly/github-lsso
mvn clean install
This project contains a number of modules, here is a quick description of what each module contains:
oauth-rest- Authorization Server (Keycloak), Resource Server and Angular App based on the new Spring Security 5 stack
oauth-jwt- Authorization Server (Keycloak), Resource Server and Angular App based on the new Spring Security 5 stack, focused on JWT support
oauth-jws-jwk-legacy- Authorization Server and Resource Server for JWS + JWK in a Spring Security OAuth2 Application
oauth-legacy- Authorization Server, Resource Server, Angular and AngularJS Apps for legacy Spring Security OAuth2
You can run any sub-module using command line:
If you're using Spring STS, you can also import them and run them directly, via the Boot Dashboard
You can then access the UI application - for example the module using the Password Grant - like this:
You can login using these credentials, username:john and password:123
mvn clean install
And run the command to download the dependencies:
The clients-SPA-legacy/clients-js-only-react-legacy project includes a very simple Spring Boot Application serving a couple of separate Single-Page-Applications developed in React.
It includes two pages:
The Step-By-Step guide supports using different providers (Authorization Servers) by just adding (or uncommenting) the corresponding entries in the static/spa/js/configs.js.
After running the Spring Boot Application (a simple mvn spring-boot:run command will be enough), we can browse to http://localhost:8080/pkce-stepbystep/index.html and follow the steps to find out what it takes to obtain an access token using the Authorization Code with PKCE Flow.
When prompted the login form, we might need to create a user for our Application first.
To use all the features contained in the http://localhost:8080/pkce-realcase/index.html page, we'll need to first start the resource server (clients-SPA-legacy/oauth-resource-server-auth0-legacy).
In this page, we can: