Skip to content

web3-login/aleph-zero-login

Repository files navigation

🌟 aleph-zero-login

Online Build Status MIT licensed

πŸ” OpenId Connect server for Azero ID.

πŸš€ This is an experimental project to explore the possibilities of the Azero ID protocol. Do not use this in production.

πŸ›  It is an adoption of my NFT Login project to the Azero ID NFT.

🌐 The server is online at azero.web3-login.net.

Video

πŸ’‘ Motivation

πŸ’Ž Non fungible tokens are a proof of digital ownership. This ownership can be used to give access to any digital resource or service.

πŸ“š How it works

πŸ” The server is an OpenId Connect server. It uses the Azero ID NFT as a proof of ownership. The user can login with the Azero ID NFT. The server verifies the signature of the token and returns a JWT token. The JWT token can be used to authenticate the user.

πŸ”‘ The server can be configured to use RSA or EDDSA keys. The keys are used to sign the JWT token. The public keys can be viewed at the /jwk endpoint.

πŸ“ The server can be configured with a config.yml file. The config.yml file can be used to configure the keys and the OpenId Connect endpoints.

Flow

🌈 Features

  • βœ… Azero ID
  • βœ… OpenId Connect
  • πŸ”œ OAuth2

πŸ— Build on top of

πŸš€ Quick Start

trunk build
cargo run --bin server

πŸ§ͺ Test

cargo test -- --nocapture

βš™οΈ Configuration

πŸ“œ Contracts

πŸ”§ The contracts are generated with ink-wrapper from the Metadata.

ink-wrapper -m assets/azero_router_metadata.json | rustfmt --edition 2021 > src/azero/router_contract.rs
ink-wrapper -m assets/tzero_router_metadata.json | rustfmt --edition 2021 > src/tzero/router_contract.rs

🌐 Polkadot Node Metadata

πŸ” The metadata can be fetched from the node.

cargo install subxt-cli
subxt metadata --output-file azero-testnet-metadata.scale --url wss://ws.test.azero.dev:443

πŸ”‘ Generate Keys

πŸ” We can generate keys with openssl. They are used to sign the tokens. The generated public keys can be viewed at /jwk endpoint.

openssl genpkey -algorithm ed25519 -out private_eddsa.pem
openssl genrsa --traditional -out private_rsa.pem 1024

πŸ“ Copy the content into the config.yml as rsa_pem or eddsa_pem or add the path to the file as rsa_pem_file.

🌍 Build frontend

trunk build

πŸ— Build backend

cargo build

πŸ–₯ Develop frontend

cd frontend && trunk serve

πŸš€ Run backend

cargo run --bin server

🐳 Run backend with docker

docker-compose up

πŸ“‹ TODO

  • Add tests
  • Add documentation
  • Add OAuth2
  • ⚠️ Critical: The signature relies on the nonce, the user brings with the request. This is not secure. The id to signature should be generated by the server.

πŸ“œ License

MIT

⚠️ Warning

πŸ”’ This is experimental software. Use at your own risk. One security risk is, that the server does not verify the client id and client secret of a server that wants to authenticate a user. This means that any server can fetch information of a user token if the user has logged in to the server before. The token is a uuid v4 and can hardly be guessed. Just saying.

🚫 Disclaimer

πŸ€– This is not an official Azero ID project. I am not affiliated with the Azero ID team. Use at your own risk.

πŸ“š Resources

Dall-E generated icon

Icon

Prompt: Design a modern and sleek icon representing an OpenID Connect server integrated with Aleph Zero blockchain technology. The icon should symbolize secure digital identity verification and blockchain features. It should include visual elements like a shield for security, a key to represent access, and blockchain motifs like connected blocks or nodes. The color scheme should be a blend of blues and greens, conveying a sense of trust, security, and technology. The overall look should be futuristic and professional, suitable for a tech-focused audience.

Dall-E generated banner

Banner

Prompt: Create a banner for a hackathon project page, featuring the concept of 'Azero Web3-Login'. The banner should visually represent the integration of a crypto wallet with the OpenID Connect server. Include imagery that symbolizes secure digital identity verification, such as a shield and a digital wallet. The design should incorporate blockchain elements like connected blocks or nodes and include the text 'Azero Web3-Login' prominently. The color scheme should be a blend of blues and greens, portraying trust, security, and a connection to blockchain technology. The style should be modern, professional, and appealing to a tech-savvy audience.