lua-resty-openidc
lua-resty-openidc copied to clipboard
zmartzone
OpenID Connect Relying Party and OAuth 2.0 Resource Server implementation in Lua for NGINX / OpenResty
Currently lua-resty-openidc supports for authentication to the IDP `["client_secret_basic" | "client_secret_post" | "private_key_jwt" | "client_secret_jwt"]`. Is there any way to extend or implement a hook to support `tls_client_auth_subject_dn` as authentication...
###### Environment - lua-resty-openidc version (e.g. 1.7.2) - OpenID Connect provider OpenAM (ForgeRock) - Kubernetes ingress-nginx 0.34.0 ###### Expected behaviour According to this spec : https://openid.net/specs/openid-connect-core-1_0.html#UserInfo in the point 5.3.2,...
In my application I have list of cards - with some information about our customers. When user click on any card then starts authentication - fires authentication function of openidc....
###### Environment - lua-resty-openidc version 1.7.0 - OpenID Connect provider: Keycloak ###### Expected behaviour Support for mutual TLS (MTLS) client authentication according to the draft https://tools.ietf.org/html/draft-ietf-oauth-mtls-13 E.g. Keycloak already supports...
Hi, is it possible to run lua-resty-oidc as resource server so that it first authenticates clients presenting a session cookie (issued by another lua-resty-oidc acting as relying party) but if...
Session strategy to support revocation of sessions for front-channel and back-channel logout scenarios. This strategy adds the ability to revoke logged in sessions. It will wrap another existing strategy just...
Hi, We are planning to use NGINX Plus in a cluster setup. We'd like to share Lua-resty-openidc state (jwks, discovery, introspection) across the cluster. To do that, NGINX Plus provides...
Hello, please comment on this issue... Case reproduces on Firefox browser, on Chrome works OK. ###### Scenario: User logs in then logs out. The user changes clock on machine back...
ADFS does not set the kid so when there are multiple keys openidc does not know which key to use. If we can use x5t to id the key that...
Hey guys, Just wanted to know if there's plans for supporting backchannel logout. Is there a way of performing that at the moment? Thanks a lot, Kind regards.
