coolaj86
/
issuer.srv
1
0
Bifurcation 0
Code Tickets Demandes d'ajout Versions Wiki Activité
Issuer server reference implementation in node.js.
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
2 Révisions
3 Branches
0 Tag
32 KiB
Branche: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Créer la branche ${ searchTerm }
de 'master'
${ noResults }
AJ ONeal cd6bceb068
update links 		il y a 6 ans
CHANGELOG add standard files il y a 7 ans
LICENSE add standard files il y a 7 ans
README.md update links il y a 6 ans

README.md

OAuth3 Issuer Implementation

| oauth3.js | issuer.html | issuer.rest.walnut.js | issuer.srv | Sponsored by ppl

This is a reference implementation of an OAuth3 identity issuer.

Instructions

Boot up a Digital Ocean VPS or a Docker or an Ubuntu or whatever it is that you do and then do this:

Install the Goldilocks Net Server (for automatic HTTPS via ACME):

curl https://git.coolaj86.com/coolaj86/goldilocks.js/raw/v1.1/installer/get.sh | bash

Use the sample goldilocks config file and replace "example.com" with whatever domain you want to use:

/etc/goldilocks/goldilocks.yml:

socks5:
  enabled: false
mdns:
  disabled: true
  port: 5353
  broadcast: 224.0.0.251
  ttl: 300
domains:
  - names:
      - www.example.com
      - example.com
      - api.example.com
      - assets.example.com
      - webhooks.example.com
      - ssh.example.com
      - vpn.example.com
    modules:
      http:
        - type: proxy
          port: 3000
      tls:
        - type: acme
          email: coolaj86@gmail.com
      tcp: []
udp:
  bind: []
tcp:
  modules:
    - domains:
        - ssh.example.com
      port: 22
      type: proxy
    - domains:
        - vpn.example.com
      port: 1194
      type: proxy
  bind:
    - 80
    - 443
http:
  modules: []
tls:
  modules: []
ddns:
  modules: []

Go update your DNS records for those domains to point to this server. However you do that...

Install the WALNUT application server:

curl https://git.coolaj86.com/coolaj86/walnut.js/raw/v1.2/installer/get.sh | bash

Then update the walnut grants to allow your site to use the specified APIs and packages:

echo "issuer@oauth3.org" >> /opt/walnut/etc/client-api-grants/example.com
echo "issuer@oauth3.org" >> /opt/walnut/var/sites/example.com

Get a mailgun account, verify your domain, and add your API keys:

# example.com will work for specific hard-coded subdomains (api., assets., webhooks.)
mkdir -p /opt/walnut/var/example.com/

/opt/walnut/var/example.com/config.json:

{ "mailgun.org": {
    "apiKey": "key-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
   , "auth": {
      "user": "mailer@example.com"
    , "pass": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
    , "api_key": "key-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
    , "domain": "example.com"
    }
  }
}

Change the email address used to send in /opt/walnut/packages/rest/issuer@oauth3.org/accounts.js (make it match your mailgun.org account).