Flight Passport OAuth Server
A OAuth provider focused on UTM / U-Space that can be self hosted and used to issue JWT tokens for software UTM software like DSS, Registries, Remote ID Display providers (e.g. Flight Spotlight) etc.
The upcoming standards being developed at ASTM, EuroCAE etc. on drones use JWT / OAuth 2.0 based tokens to exchange credentials and permissions. There are many open and closed sourced solutions available for issuing tokens. However, based on my work / research there are a few limitations to the current offerings:
- National Entities may or may not be interested in using private commercial companies for authentication and identity. Since this can be / is a national function, they would prefer to host the platform locally.
- OAuth / OpenID / Open ID Connect stack are a “general purpose” authentication and identity standard and the commerical solutions available price it very differently. Some charge by number of users, some charge by number of tokens / clients etc. All of this is not really suitable for UTM / U-Space operations.
- The Remote ID standard and demos use the
audclaim in a specific way that a number of commercial solutions do not support out-of-the-box. e.g. Azure does not support “scope” in Client Credentials grant, this is required per the Remote ID standard.
- On the open source side, a number of them are not totally ready or have very complex installation procedures or have too many features that make it bulky: e.g. user management. These make them unsuitable / overkill for the specific use-cases.
This is a Django project that uses Django and other opensource libraries.
1. Install Dependencies
Python 3 is required for this and install dependencies using
pip install -r requirements.txt.
2. Create Initial Database
python manage.py migrate to create the initial database tables locally. It will use the default SQLLite.
3. Create a Django administrator
python manage.py createsuperuser to create a administrator.
4. Create a .env file
.env and fill in appropriately. You might have to create new key. Follow instructions here for example.
6. Set site name and domain
python manage.py initialize_db
5. Start Server
python manage.py runserver
7. Login to Administration interface and create a client
http://localhost:8000/admin and login to the Django Admin inter
8. Make a Client Credentials request
Use a API client such as Postman or Insomnia to run a
9. Authorization Code request
Once a Application has been created, you can run the Sample Client to run the Authorization Code grant.