Nathan Woodburn
a7c6c34f1c
All checks were successful
Build Docker / Build Docker (push) Successful in 26s
57 lines
1.6 KiB
Markdown
57 lines
1.6 KiB
Markdown
# varo-openid
|
|
|
|
## Add a client
|
|
Go to /create-client and add a new client.
|
|
|
|
Set the following parameters:
|
|
|
|
Allowed Scope: `profile`
|
|
Allowed Grant Types: `authorization_code`
|
|
Allowed Response Types: `code`
|
|
Token Endpoint Authentication Method: `client_secret_post`
|
|
|
|
## Client settings
|
|
Set the following parameters:
|
|
`Client ID`: Given by the previous step
|
|
`Client Secret`: Given by the previous step
|
|
`Authorization URL`: `https://login.hns.au/oauth/authorize`
|
|
`Token URL`: `https://login.hns.au/oauth/token`
|
|
`Userinfo URL`: `https://login.hns.au/api/me`
|
|
|
|
|
|
|
|
## Regular auth flow
|
|
1. Redirect the user to `https://login.hns.au/auth?return=<return-url>`
|
|
2. User logs in and will be returned to `https://<return-url>?username=<username>&token=<token>`
|
|
3. Use the token to authenticate the user with `https://login.hns.au/auth/user?token=<token>`
|
|
This will return the following json:
|
|
```json
|
|
{
|
|
"displayName": "Nathan.Woodburn/",
|
|
"email": "contact@nathan.woodburn.au",
|
|
"email_verified": false,
|
|
"family_name": "nathan.woodburn",
|
|
"given_name": "nathan.woodburn",
|
|
"id": 1,
|
|
"links": "https://woodburn",
|
|
"name": "Nathan.Woodburn/",
|
|
"nickname": "Nathan.Woodburn/",
|
|
"picture": "https://nathan.woodburn.au/assets/img/profile.png",
|
|
"preferred_username": "nathan.woodburn",
|
|
"profile": "https://login.hns.au/u/nathan.woodburn",
|
|
"sub": 1,
|
|
"uid": 1,
|
|
"username": "nathan.woodburn",
|
|
"website": "https://nathan.woodburn"
|
|
}
|
|
```
|
|
|
|
|
|
## Deploy your own instance
|
|
|
|
```bash
|
|
docker volume create hns-login
|
|
docker run -d -p 9090:9090 --name hns-login -v hns-login:/app/instance git.woodburn.au/nathanwoodburn/hns-login:latest
|
|
```
|
|
|