Skip to content

reTHINK-project/dev-IdPServer-phpOIDC

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

55 Commits

GUID-demo

GUID-demo

 
 

demo

demo

 
 

img

img

 
 

phpOp

phpOp

 
 

phpRp

phpRp

 
 

.env

.env

 
 

.gitignore

.gitignore

 
 

.htaccess

.htaccess

 
 

Dockerfile

Dockerfile

 
 

Dockerfile_mysql

Dockerfile_mysql

 
 

IdPProxy_test.html

IdPProxy_test.html

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

docker-compose.yml

docker-compose.yml

 
 

index.php

index.php

 
 

start.sh

start.sh

 
 

Repository files navigation

dev-IdPServer-phpOIDC

This server is adapted from Nat Sakumura PhPOIDC implementation. A demo application to register a new client and to use the IdP for a client application is provided (folder demo).

Installation guide

There are two ways to install this server. One manually, using the original recommandations, the other one is using docker-compose.

Docker installation

Dependency/Requirements

Install git, docker, docker-compose.

Setup

Clone the current repository.
Edit the .env file to fix the mysql parameters (db name and password), then enter those commands (Linux):

cd dev-IdPServer-phpOIDC
docker-compose up -d --build
This will build two containers and a specific network (172.18.0.0/16). One container is hosting mysql (IP 172.18.0.2) and phpODIC and demo (IP 172.18.0.3).
The demo application can use the phpOIDC to authenticate. This distribution is supposed to be exposed behind a reverse proxy in HTTPS.

Manual installation

Dependency/Requirements

The requirements are the same than the original phpOIDC server (see https://bitbucket.org/PEOFIAMP/phpoidc)

  • Apache Web Server with SSL
  • MySQL
  • PHP 5.3 + PHP Modules:
    MDB2
    MDB2_Driver_mysql
    Doctrine ORM 1.2.4
    PHPSecLib

Setup

Install all dependencies, mysql and create a database and its user with a password.


    % sudo apt-get install mysql-server  

    % mysql -p  
    mysql> create database `phpOidc`;  
    mysql> grant all on phpOidc.* to phpOidc identified by 'new_password';  
    mysql> quit;

Follow the instruction that appears at the end of the installation (Configure apache for SSL if it were not previously.)
There are two directories/folders: phpOp, and phpRp. They are the source code for OpenID Connect Provider and OpenID Connect Relying Party respecitively.
Restart apache.

##Test This IdP OIDC is conform to the Nat Sakimura reference implementation in which we added an IdPProxy in conformance with the WebRTC Security Architecture.
The path to the IdP Proxy must be DOMAIN + /.well-known/idp-proxy/ + PROTOCOL
The IdPProxy is accessible on the URL .well-known/idp-proxy/rethink-oidc-ns

##Version note An initial version of the server is published (accessible here: https://oidc-ns.kermit.orange-labs.fr/phpOp/index.php, see also testbed description). Lots of points still require polish and some functionnalities have not been tested (multiple user declaring a proxy). A demo service has been provided and is published on this URL: https://oidc-ns.kermit.orange-labs.fr/demo/index.php, as well as a client registration UI (https://oidc-ns.kermit.orange-labs.fr/phpOp/register.php). Contribution to the original OpenIDConnect project should be made to ensure consistency.

About

Nat Sakumura OIDC implementation

Resources

Readme

License

View license
Activity
Custom properties

Stars

2 stars

Watchers

35 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages