Skip to content
OAuth 2.0 Resource Server module for the Apache HTTPd web server
M4 C Makefile Shell
Branch: master
Clone or download
zandbelt depend on liboauth2 1.1.1 with log encapsulation changes
bump to 3.0.2

Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>
Latest commit d566243 Jul 4, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
m4 initial import of version 3.0.0 Mar 22, 2019
src
.clang-format initial import of version 3.0.0 Mar 22, 2019
.cproject initial import of version 3.0.0 Mar 22, 2019
.gitignore initial import of version 3.0.0 Mar 22, 2019
.project initial import of version 3.0.0 Mar 22, 2019
AUTHORS initial import of version 3.0.0 Mar 22, 2019
ChangeLog depend on liboauth2 1.1.1 with log encapsulation changes Jul 4, 2019
LICENSE Initial commit Mar 22, 2019
Makefile.am documentation and packaging Apr 8, 2019
README.md indentation correction Apr 8, 2019
autogen.sh initial import of version 3.0.0 Mar 22, 2019
configure.ac depend on liboauth2 1.1.1 with log encapsulation changes Jul 4, 2019
oauth2.conf documentation and packaging Apr 8, 2019

README.md

mod_oauth2

A module for Apache HTTP Server 2.x that makes the Apache web server operate as a OAuth 2.0 Resource Server, validating OAuth 2.0 bearer access tokens and setting headers/environment variables based on the validation results.

Quickstart

Reference Bearer Access Token validation using RFC7662 based introspection:

OAuth2TokenVerify introspect https://pingfed:9031/as/introspect.oauth2 introspect.ssl_verify=false&introspect.auth=client_secret_basic&client_id=rs0&client_secret=2Federate

JWT Bearer Access Token validation using a set of JWKs published on a jwks_uri:

OAuth2TokenVerify jwks_uri https://pingfed:9031/ext/one jwks_uri.ssl_verify=false

For a detailed overview of configuration options see the oauth2.conf Apache configuration file in this directory.

Features

As provided by the liboauth2 dependency, including:

  • per-directory configuration over per-virtual host
  • flexible cache configuration per cached element type
  • specify multiple token verification options, tried sequentially (allow for key/algo rollover)
  • etc.

Support

Community Support

For generic questions, see the Wiki pages with Frequently Asked Questions at:
https://github.com/zmartzone/mod_oauth2/wiki
Any questions/issues should go to issues tracker.

Commercial Services

For commercial Support contracts, Professional Services, Training and use-case specific support you can contact:
sales@zmartzone.eu

Disclaimer

This software is open sourced by ZmartZone IAM. For commercial support you can contact ZmartZone IAM as described above in the Support section.

You can’t perform that action at this time.