Comments (10)
Ping me.
from doorkeeper-openid_connect.
@toupeira I will provide a support for this gem (as doorkeeper maintainer), like some bugfixes and improvements, but not new features. Could you please check if I have permissions to push to rubygems? I have something more to merge soon, and we need to release a new version with a fixes to support latest Doorkeeper (5.4).
from doorkeeper-openid_connect.
@nbulaj thanks! 👍
And yes you should have permission:
$ gem owner doorkeeper-openid_connect
Owners for gem: doorkeeper-openid_connect
- nikita_bulai
- [email protected]
- [email protected]
from doorkeeper-openid_connect.
and working with OAuth / OIDC is just generally causing me a lot of headaches 😛
Out of curiosity (as we embark on a buy-vs-build decision at our company) could you elaborate on these headaches?!
from doorkeeper-openid_connect.
@mecampbellsoup well, just take a look at the length and complexity of these specs 😁
- https://tools.ietf.org/html/rfc6749
- https://openid.net/specs/openid-connect-core-1_0.html
- https://openid.net/specs/openid-connect-discovery-1_0.html
But joking aside, I originally started extending this gem so we could support OIDC in GitLab, so it's used quite widely (especially at Siemens, who originally sponsored that contribution), and @nbulaj and me are still around now and then to look after bugfixes and other small improvements.
And really most of the heavy lifting is done in the main Doorkeeper gem, so if you're tied to Rails I don't think there's a good reason to start from scratch 🙂 You might be interested in https://github.com/nov/openid_connect though, if you're looking for more of a library rather than a Railsy framework solution.
from doorkeeper-openid_connect.
@mecampbellsoup well, just take a look at the length and complexity of these specs 😁
- tools.ietf.org/html/rfc6749
- openid.net/specs/openid-connect-core-1_0.html
- openid.net/specs/openid-connect-discovery-1_0.html
But joking aside, I originally started extending this gem so we could support OIDC in GitLab, so it's used quite widely (especially at Siemens, who originally sponsored that contribution), and @nbulaj and me are still around now and then to look after bugfixes and other small improvements.
And really most of the heavy lifting is done in the main Doorkeeper gem, so if you're tied to Rails I don't think there's a good reason to start from scratch 🙂 You might be interested in nov/openid_connect though, if you're looking for more of a library rather than a Railsy framework solution.
To be sure, we would use this library if we went with Ruby. However we are more likely to use Python due to ... well, other concerns not related to this conversation.
I was more curious whether you were suggesting that:
- you are a "buy" proponent in the build-vs-buy debate (e.g. Auth0, Okta); or
- you are opposed to OIDC whatsoever (on the IdP side, i.e. should my company's auth server be a full-fledged OIDC IdP, or is it sufficient to simply issue opaque tokens and do session management like the good old days)
from doorkeeper-openid_connect.
@mecampbellsoup I'm not opposed to OIDC at all, it seems perfectly fine if you want to build your own SSO, and OAuth2 will probably crop up anyway if you want to integrate with other services.
Regarding hosted SSOs, I don't have much experience with them and zero knowledge about your business so I can't really give you any advice 😉 But I do know that Auth0 and Okta also offer OIDC and are certified providers: https://openid.net/certification/
from doorkeeper-openid_connect.
@toupeira Do you think you could add me here?
from doorkeeper-openid_connect.
@stanhu oh hey, sorry for the delay! Turns out the notifications for this repository were still getting sent to my old gitlab.com address 😅
I haven't been active here in a while, so I'll leave this decision to @nbulaj who's taken over the helm (:pray:). For context, Stan works at GitLab and I trust him fully, and I myself have left GitLab earlier this year :slightly_smiling_face:
from doorkeeper-openid_connect.
Oh, @stanhu do you still interested in helping maintaining the gem? Just let me know please 🙏 Sorry didn't have enough time to read all the discussions.
from doorkeeper-openid_connect.
Related Issues (20)
- Overriding AuthorizationsController in Development Mode HOT 2
- Can `.well-known/openid-configuration` return an alternate uri for `jwks_uri` HOT 1
- fix issuer {} for `.well-known/openid-configuration` using blocks HOT 1
- Is it possible to configure and use Authentication Context Class References?
- `/.well-known/openid-configuration` crashes when `Doorkeeper.config.allow_token_introspection` is false HOT 1
- Shouldn't controllers inherit `Doorkeeper::ApplicationMetalController`? HOT 1
- Using `root_url` in `#webfinger_response` can violate specification
- `access_grant_class` is broken. HOT 7
- Possible to disable `client_secret_basic` for `token_endpoint_auth_methods_supported`?
- RP-initiated logout post_logout_redirect_uri is not validatable
- Broken with Doorkeeper v5.6.3
- uninitialized constant Doorkeeper::JWT::JWK in 1.8.4 HOT 8
- OpenID working with rails app HOT 5
- Support for sessions and session_state HOT 1
- Support multiple devise models
- `kid` value in headers in different format after upgrading from 1.8.3 to 1.8.5 HOT 2
- Missing v1.8.5 tag HOT 2
- NameError: uninitialized constant Doorkeeper::JWT::JWK HOT 6
- kid is different for different versions of doorkeeper-openid_connect HOT 1
- Certificate verify failed from SSL
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from doorkeeper-openid_connect.