OpenID Connect authentication server
OAuthSD is an authentication server that implements OAuth 2.0 and OpenID Connect plus some useful extensions.
OAuthSD offers you the best: to ensure not only Single Sign On (SSO), but also Single Sign-In (SLI) on multiple applications, silent re-authentication (Silent Re-Authentication, SRA) and Single Sign Out (SLO). See: SLI, SLO and SRA are in a boat: OAuthSD. While most implementations require developments on the side of client applications, OAUthSD offers you these features without any modification of them.
OAuthSD also allows end users to monitor and manage the OpenID Connect session.
A web interface allows administrators to manage client applications and track the activity of the OIDC server. An HTTP Rest API allows (for example) an external application to create and administrate the users and give them permissions on applications by the mean of scopes or extra JWT payload.
It appears that the OIDC server is not the hardest to mount. The tricky point is the transformation of applications to delegate authentication with the OIDC protocol. Developers will find on this site examples of plugins or extensions as well as code for the management of the OIDC session.
This repository displays the code of oa.dnc.global website that implements a demonstrator of OAuthSD. OAuthSD uses /bdegoy/oauthsd-php (included ionCube-encrypted) and bshaffer/oauth2-server-php. The /web part of the server is developped with SPIP v3.2. It uses SPIP dedicated plugins that can be found in /bdegoy/oauthsd_spip_plugins.
This demonstator is in continual development; the server may be unavailable and the data deleted at any time. Use at your own risk, DnC offers no guarantee.
If you are interested in a production version of OAuthSD, on a private server of your property, or want to adapt your applications to OIDC, please contact DnC.