Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
img
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

dev-IdPServer-phpOIDC

This server is adapted from Nat Sakumura PhPOIDC implementation. A demo application to register a new client and to use the IdP for a client application is provided (folder demo).

Installation guide

There are two ways to install this server. One manually, using the original recommandations, the other one is using docker-compose.

Docker installation

Dependency/Requirements

Install git, docker, docker-compose.

Setup

Clone the current repository.
Edit the .env file to fix the mysql parameters (db name and password), then enter those commands (Linux):

cd dev-IdPServer-phpOIDC
docker-compose up -d --build
This will build two containers and a specific network (172.18.0.0/16). One container is hosting mysql (IP 172.18.0.2) and phpODIC and demo (IP 172.18.0.3).
The demo application can use the phpOIDC to authenticate. This distribution is supposed to be exposed behind a reverse proxy in HTTPS.

Manual installation

Dependency/Requirements

The requirements are the same than the original phpOIDC server (see https://bitbucket.org/PEOFIAMP/phpoidc)

  • Apache Web Server with SSL
  • MySQL
  • PHP 5.3 + PHP Modules:
    MDB2
    MDB2_Driver_mysql
    Doctrine ORM 1.2.4
    PHPSecLib

Setup

Install all dependencies, mysql and create a database and its user with a password.


    % sudo apt-get install mysql-server  
% mysql -p mysql> create database `phpOidc`; mysql> grant all on phpOidc.* to phpOidc identified by 'new_password'; mysql> quit;

Follow the instruction that appears at the end of the installation (Configure apache for SSL if it were not previously.)
There are two directories/folders: phpOp, and phpRp. They are the source code for OpenID Connect Provider and OpenID Connect Relying Party respecitively.
Restart apache.

##Test This IdP OIDC is conform to the Nat Sakimura reference implementation in which we added an IdPProxy in conformance with the WebRTC Security Architecture.
The path to the IdP Proxy must be DOMAIN + /.well-known/idp-proxy/ + PROTOCOL
The IdPProxy is accessible on the URL .well-known/idp-proxy/rethink-oidc-ns

##Version note An initial version of the server is published (accessible here: https://oidc-ns.kermit.orange-labs.fr/phpOp/index.php, see also testbed description). Lots of points still require polish and some functionnalities have not been tested (multiple user declaring a proxy). A demo service has been provided and is published on this URL: https://oidc-ns.kermit.orange-labs.fr/demo/index.php, as well as a client registration UI (https://oidc-ns.kermit.orange-labs.fr/phpOp/register.php). Contribution to the original OpenIDConnect project should be made to ensure consistency.

About

Nat Sakumura OIDC implementation

Resources

License

Releases

No releases published

Packages

No packages published