Login Cidadão

This is an Digital Identity (DI) solution for Open Government, Networked Democracy and Colaborative Citizenship. Technically it's a federated OAuth2 and OpenID provider.

It's aimed at easy install while retaining a high level of user-control over the use of their data and the applications that have access to it.

Deployed since 2014 in Rio Grande do Sul (BR) it has today more than 500k users and has prooved to be a central tool to ease out citizen/government interactions providing SSO with preserved privacy and security for all government services

Screenshot

Requirements

Running an Identity Provider is not an easy task. If you plan to maintain one yourself, you MUST:

FULLY understand:

• RFC 7231 - Response Status Codes
• OpenID Connect Core 1.0 - TLS Requirements
• RFC 6749 - Ensuring Endpoint Authenticity
• How to debug a REST API
• How to debug PHP code
• You SHOULD NOT be using plain OAuth 2.0

Have at least a very good understanding of:

• OpenID Connect Core 1.0
• OpenID Connect Discovery 1.0
• OpenID Connect Dynamic Client Registration 1.0
• RFC 6749

To perform customizations you MUST have a good understanding of:

• The Symfony Book
• The Symfony Cookbook

If you fail to comply with the aforementioned requirements you and your users are very likely going to get hurt

OS Dependencies

• PHP >=5.4
• composer
• node.js
• memcached

PHP Extensions

• php5-curl
• php5-intl
• php5-mysql or php5-pgsql or your preferred driver
• php5-memcache (you can use php5-memcached instead, just remember to change the Memcache classes to Memcached)

System Configuration

• php timezone (example: date.timezone = America/Sao_Paulo)
• write permission to app/cache, app/logs and web/uploads

Docs (Portuguese)

• Sobre o Login Cidadão
• Instalação
  • Instruções detalhadas
  • Passo-a-passo para Debian
  • Troubleshooting
• Configuração
  • Arquivo parameters.yml
• Gerenciamento da Instalação
  • Atualizando o Login Cidadão
  • Gerenciamento de Usuários
  • Comandos do Symfony
• Uso do Login Cidadão
  • Usando OpenID Connect
  • Deslogando usuários "remotamente"
  • Documentação da API
  • Migração/Importação de Usuários

Você pode utilizar o visualizador em doc/index.html para exibir a documentação com uma formatação amigável em um browser iniciando um servidor built-in do PHP com o seguinte comando:

composer lc-docs <porta desejada>