GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → aaronpk → Device-Flow-Proxy-Server

aaronpk / Device-Flow-Proxy-Server

Licence: other
Add the OAuth 2.0 Device Flow to any OAuth server

Programming Languages

PHP
23972 projects - #3 most used programming language
CSS
56736 projects

Labels

oauthoauth2device-flow

Projects that are alternatives of or similar to Device-Flow-Proxy-Server

Login With
Stateless login-with microservice for OAuth
Stars: ✭ 2,301 (+3495.31%)
Mutual labels:  oauth
Spring Security Pac4j
pac4j security library for Spring Security: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Stars: ✭ 231 (+260.94%)
Mutual labels:  oauth
Bus
Bus 是一个基础框架、服务套件,它基于Java8编写,参考、借鉴了大量已有框架、组件的设计,可以作为后端服务的开发基础中间件。代码简洁,架构清晰,非常适合学习使用。
Stars: ✭ 253 (+295.31%)
Mutual labels:  oauth
Express Starter
It's a hackathon-starter fork, but designed to use PostgreSQL by default (or MySQL)
Stars: ✭ 215 (+235.94%)
Mutual labels:  oauth
Identityserver
An open-source, standards-compliant, and flexible OpenID Connect and OAuth 2.x framework for ASP.NET Core
Stars: ✭ 223 (+248.44%)
Mutual labels:  oauth
Pow assent
Multi-provider authentication for your Pow enabled app
Stars: ✭ 236 (+268.75%)
Mutual labels:  oauth
Oauthlib
A generic, spec-compliant, thorough implementation of the OAuth request-signing logic
Stars: ✭ 2,323 (+3529.69%)
Mutual labels:  oauth
undertow-pac4j
Security library for Undertow: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Stars: ✭ 35 (-45.31%)
Mutual labels:  oauth
Angularmaterialfirebase
🔥 Full stack starter app with Angular 8, Material Design and Firebase (+ demo)
Stars: ✭ 229 (+257.81%)
Mutual labels:  oauth
Authing
🔥Authing - IDaaS/IAM solution that can Auth to web and mobile applications.
Stars: ✭ 247 (+285.94%)
Mutual labels:  oauth
Authlib
The ultimate Python library in building OAuth, OpenID Connect clients and servers. JWS,JWE,JWK,JWA,JWT included.
Stars: ✭ 2,854 (+4359.38%)
Mutual labels:  oauth
Praw
PRAW, an acronym for "Python Reddit API Wrapper", is a python package that allows for simple access to Reddit's API.
Stars: ✭ 2,675 (+4079.69%)
Mutual labels:  oauth
Gocialite
Social oAuth login in Go has never been so easy
Stars: ✭ 237 (+270.31%)
Mutual labels:  oauth
Twitch4j
Modular Async/Sync/Reactive Twitch API Client / IRC Client
Stars: ✭ 209 (+226.56%)
Mutual labels:  oauth
Apijam
GitHub repo for API Jam Workshop
Stars: ✭ 254 (+296.88%)
Mutual labels:  oauth
Awesome Iam
👤 Identity and Access Management Knowledge for Cloud Platforms
Stars: ✭ 186 (+190.63%)
Mutual labels:  oauth
Sso
sso, aka S.S.Octopus, aka octoboi, is a single sign-on solution for securing internal services
Stars: ✭ 2,835 (+4329.69%)
Mutual labels:  oauth
ada-security
Ada Security - OAuth 2.0 client and server framework to secure web applications
Stars: ✭ 18 (-71.87%)
Mutual labels:  oauth
react-linkedin-login-oauth2
Easily get Authorization Code from Linked In to log in without redirecting.
Stars: ✭ 83 (+29.69%)
Mutual labels:  oauth
Golang Url Shortener
URL Shortener written in Golang using Bolt DB or Redis. Provides features such as Deletion, Expiration, OAuth and is of course Dockerizable.
Stars: ✭ 240 (+275%)
Mutual labels:  oauth
View All Similar Projects ➔

OAuth 2.0 Device Flow Proxy Server

A demonstration of the OAuth 2.0 Device Code flow for devices without a browser or with limited keyboard entry.

This service acts as an OAuth server that implements the device code flow, proxying to a real OAuth server behind the scenes.

Installation

composer install
cp .env.example .env

In the .env file, fill out the required variables.

You will need to install Redis if it is not already on your system, or point to an existing redis server in the config file.

Define your OAuth server's authorization endpoint and token endpoint URL.

Heroku Deploy

To deploy this in Heroku, you'll need to do the following:

Create a new Heroku application, and take note of the name.

Define environment variables in Heroku's admin interface based on the values from .env.example with the exception of REDIS_URL.

Heroku Config

# Log in to your Heroku account
heroku login

# Define the Heroku upstream git repo from your app name
heroku git:remote -a oauth-device-flow-demo

# Enable Redis for your application
heroku addons:create heroku-redis:hobby-dev

# Deploy to Heroku
git push heroku master

Usage

The device will need to register an application at the OAuth server to get a client ID. You'll need to set the proxy's URL as the callback URL in the OAuth application registration:

http://localhost:8080/auth/redirect

The device can begin the flow by making a POST request to this proxy:

curl http://localhost:8080/device/code -d client_id=1234567890

The response will contain the URL the user should visit and the code they should enter, as well as a long device code.

{
    "device_code": "5cb3a6029c967a7b04f642a5b92b5cca237ec19d41853f55dcce98a4d2aa528f",
    "user_code": "248707",
    "verification_uri": "http://localhost:8080/device",
    "expires_in": 300,
    "interval": 5
}

The device should instruct the user to visit the URL and enter the code, or can provide a full link that pre-fills the code for the user in case the device is displaying a QR code.

http://localhost:8080/device?code=248707

The device should then poll the token endpoint at the interval provided, making a POST request like the below:

curl http://localhost:8080/device/token -d grant_type=urn:ietf:params:oauth:grant-type:device_code \
  -d client_id=1234567890 \
  -d device_code=5cb3a6029c967a7b04f642a5b92b5cca237ec19d41853f55dcce98a4d2aa528f

While the user is busy logging in, the response will be

{"error":"authorization_pending"}

Once the user has finished logging in and granting access to the application, the response will contain an access token.

{
  "access_token": "FmcTZiYmJzeWpoeTdUSTBoNyIsInVpZCI6IjAwdWJ1NG1",
  "token_type": "Bearer",
  "expires_in": 7200
}
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].