add standard files

2017-11-10 15:43:10 -07:00 · 2017-11-10 15:43:10 -07:00 · ef41473e79
commit ef41473e79
3 changed files with 156 additions and 0 deletions
--- a/5
+++ b/5
@ -0,0 +1,5 @@
+v1.0.0 Document OAuth3 Issuer Reference Server Setup
+  * Resource Password Owner
+  * Implicit Grant
+  * Public/Private Device Key syncing
+  * Application Scope Grant syncing
--- a/41
+++ b/41
@ -0,0 +1,41 @@
+Copyright 2017 OAuth3
+
+This is open source software; you can redistribute it and/or modify it under the
+terms of either:
+
+   a) the "MIT License"
+   b) the "Apache-2.0 License"
+
+MIT License
+
+   Permission is hereby granted, free of charge, to any person obtaining a copy
+   of this software and associated documentation files (the "Software"), to deal
+   in the Software without restriction, including without limitation the rights
+   to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+   copies of the Software, and to permit persons to whom the Software is
+   furnished to do so, subject to the following conditions:
+
+   The above copyright notice and this permission notice shall be included in all
+   copies or substantial portions of the Software.
+
+   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+   IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+   FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+   AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+   LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+   OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+   SOFTWARE.
+
+Apache-2.0 License Summary
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
--- a/README.md
+++ b/README.md
@ -0,0 +1,110 @@
+OAuth3 Issuer Implementation
+============================
+
+| [oauth3.js](https://git.oauth3.org/OAuth3/oauth3.js)
+| [issuer.html](https://git.oauth3.org/OAuth3/issuer.html)
+| [issuer.rest.walnut.js](https://git.oauth3.org/OAuth3/issuer.rest.walnut.js)
+| *issuer.srv*
+| Sponsored by [Daplie](https://daplie.com)
+
+This is a reference implementation of an OAuth3 identity issuer.
+
+Instructions
+------------
+
+Boot up a Digital Ocean VPS or a Docker or an Ubuntu or whatever it is that you do and then do this:
+
+Install the Goldilocks Net Server (for automatic HTTPS via ACME):
+
+```bash
+curl https://git.daplie.com/Daplie/goldilocks.js/raw/v1.1/installer/get.sh | bash
+```
+
+Use the sample goldilocks config file and replace "example.com" with whatever domain you want to use:
+
+`/etc/goldilocks/goldilocks.yml`:
+```yml
+socks5:
+  enabled: false
+mdns:
+  disabled: true
+  port: 5353
+  broadcast: 224.0.0.251
+  ttl: 300
+domains:
+  - names:
+      - www.example.com
+      - example.com
+      - api.example.com
+      - assets.example.com
+      - webhooks.example.com
+      - ssh.example.com
+      - vpn.example.com
+    modules:
+      http:
+        - type: proxy
+          port: 3000
+      tls:
+        - type: acme
+          email: coolaj86@gmail.com
+      tcp: []
+udp:
+  bind: []
+tcp:
+  modules:
+    - domains:
+        - ssh.example.com
+      port: 22
+      type: proxy
+    - domains:
+        - vpn.example.com
+      port: 1194
+      type: proxy
+  bind:
+    - 80
+    - 443
+http:
+  modules: []
+tls:
+  modules: []
+ddns:
+  modules: []
+```
+
+Go update your DNS records for those domains to point to this server. However you do that...
+
+Install the WALNUT application server:
+
+```bash
+curl https://git.daplie.com/Daplie/walnut.js/raw/v1.2/installer/get.sh | bash
+```
+
+Then update the walnut grants to allow your site to use the specified APIs and packages:
+
+```bash
+echo "issuer@oauth3.org" >> /opt/walnut/etc/client-api-grants/example.com
+echo "issuer@oauth3.org" >> /opt/walnut/var/sites/example.com
+```
+
+Get a mailgun account, verify your domain, and add your API keys:
+
+```bash
+# example.com will work for specific hard-coded subdomains (api., assets., webhooks.)
+mkdir -p /opt/walnut/var/example.com/
+```
+
+`/opt/walnut/var/example.com/config.json`:
+```js
+{ "mailgun.org": {
+    "apiKey": "key-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
+   , "auth": {
+      "user": "mailer@example.com"
+    , "pass": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
+    , "api_key": "key-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
+    , "domain": "example.com"
+    }
+  }
+}
+```
+
+Change the email address used to send in `/opt/walnut/packages/rest/issuer@oauth3.org/accounts.js` (make it match your mailgun.org account).