2020-08-31 12:10:32 +00:00
|
|
|
⚠ OpenID Connect LDAP Bridge is under development. Do not use in production yet. ⚠
|
|
|
|
|
|
2020-08-14 11:15:52 +00:00
|
|
|
# OpenID Connect LDAP Bridge
|
|
|
|
|
|
2020-08-14 11:21:01 +00:00
|
|
|
oidc-ldap-bridge is a simple OpenID Connect provider based upon OpenLDAP.
|
|
|
|
|
|
2020-08-19 12:13:10 +00:00
|
|
|
It aims to be very light, simple to install and simple to maintain. Its main features are :
|
2020-08-27 14:08:26 +00:00
|
|
|
- OAuth/OpenID Connect support;
|
|
|
|
|
- Authentication against a LDAP directory;
|
|
|
|
|
- No additional database required. Everything is stored in your OpenLDAP server;
|
|
|
|
|
- The code is easy to read and easy to edit in case you want to write a patch.
|
2020-08-18 15:39:34 +00:00
|
|
|
|
2020-08-19 12:01:33 +00:00
|
|
|
## Install
|
|
|
|
|
|
2020-08-19 12:02:08 +00:00
|
|
|
First you need to install the schemas into your LDAP server. There are several ways to achieve this:
|
2020-08-19 12:01:33 +00:00
|
|
|
|
2020-08-31 11:57:04 +00:00
|
|
|
### LDAP schemas
|
|
|
|
|
|
|
|
|
|
#### Option 1: Add the schema into your filesystem
|
2020-08-19 12:01:33 +00:00
|
|
|
|
|
|
|
|
```bash
|
2020-08-26 10:05:35 +00:00
|
|
|
test -d /etc/openldap/schema && sudo cp schema/* /etc/openldap/schema
|
|
|
|
|
test -d /etc/ldap/schema && sudo cp schema/* /etc/ldap/schema
|
2020-08-19 12:01:33 +00:00
|
|
|
sudo service slapd restart
|
|
|
|
|
```
|
|
|
|
|
|
2020-08-31 11:57:04 +00:00
|
|
|
#### Option 2: Use slapadd
|
2020-08-19 12:01:33 +00:00
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
sudo slapadd -n0 -l schema/*.ldif
|
|
|
|
|
```
|
|
|
|
|
|
2020-08-31 11:57:04 +00:00
|
|
|
### Web interface
|
|
|
|
|
|
2020-08-31 09:23:50 +00:00
|
|
|
Then you can deploy the code either by copying the git repository or installing the pip package:
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
pip install oidc_ldap_bridge
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
Finally you have to run the website in a WSGI server:
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
pip install gunicorn
|
|
|
|
|
gunicorn "oidc_ldap_bridge:create_app()"
|
|
|
|
|
```
|
2020-08-19 12:01:33 +00:00
|
|
|
|
2020-08-18 15:39:34 +00:00
|
|
|
## Contribute
|
|
|
|
|
|
|
|
|
|
Contributions are welcome!
|
|
|
|
|
To run the tests, you just need to run `tox`.
|
|
|
|
|
|
|
|
|
|
To try a development environment, you can run the docker image and then open https://127.0.0.1:5000
|
|
|
|
|
|
|
|
|
|
```bash
|
2020-08-31 09:23:50 +00:00
|
|
|
cp oidc_ldap_bridge/conf/config.sample.toml oidc_ldap_bridge/conf/config.toml
|
|
|
|
|
cp oidc_ldap_bridge/conf/oauth-authorization-server.sample.json oidc_ldap_bridge/conf/oauth-authorization-server.json
|
|
|
|
|
cp oidc_ldap_bridge/conf/openid-configuration.sample.json oidc_ldap_bridge/conf/openid-configuration.json
|
2020-08-18 15:39:34 +00:00
|
|
|
docker-compose up
|
|
|
|
|
```
|
