This project is in alpha state. It can AND will continue breaking until version 1.0.0 is released
This project is a easy to use client and server implementation for the OIDC
(Open ID Connect) standard written for Go
.
Whenever possible we tried to reuse / extend existing packages like OAuth2 for Go
.
TBD
Code Flow | Implicit Flow | Hybrid Flow | Discovery | PKCE | Token Exchange | mTLS | |
---|---|---|---|---|---|---|---|
Relaying Party | yes | yes | not yet | yes | yes | partial | not yet |
Origin Party | yes | yes | not yet | yes | yes | not yet | not yet |
For your convinience you can find the relevant standards linked below.
- OpenID Connect Core 1.0 incorporating errata set 1
- Proof Key for Code Exchange by OAuth Public Clients
- OAuth 2.0 Token Exchange
- OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens
Version | Supported |
---|---|
<1.11 | ❌ |
1.11 | ✅ |
1.12 | ✅ |
1.13 | ✅ |
1.14 | ✅ |
As of 2020 there are not a lot of OIDC
librarys in Go
which can handle server and client implementations. CAOS is strongly commited to the general field of IAM (Identity and Access Management) and as such, we need solid frameworks to implement services.
The full functionality of this library is and stays open source and free to use for everyone. Visit our website and get in touch.
See the exact licensing terms here
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.