waaseyaa/oidc

OpenID Connect issuer for Waaseyaa — ecosystem-wide single sign-on

Maintainers

Package info

github.com/waaseyaa/oidc

pkg:composer/waaseyaa/oidc

Statistics

Installs: 357

Dependents: 2

Suggesters: 0

Stars: 0

Open Issues: 0

Security

Advisories: 0

Aikido package health analysis

v0.1.0-alpha.188 2026-05-21 02:01 UTC

Requires

Requires (Dev)

GPL-2.0-or-later 4a9f89153283d28da17c01cc93a033d9f79f7132

This package is auto-updated.

Last update: 2026-05-21 02:03:33 UTC

README

OpenID Connect issuer for the Waaseyaa ecosystem.

This package provides the authorization-server primitives used by a dedicated IdP app to act as the single sign-on provider for every Waaseyaa app (Giiken, Minoo, OIATC, NorthOps, etc.). Consumer apps do not install this package — they federate to the IdP via waaseyaa/oauth-provider's GenericOidcProvider.

Scope

  • Authorization endpoint (/authorize)
  • Token endpoint (/token)
  • UserInfo endpoint (/userinfo)
  • Discovery (/.well-known/openid-configuration)
  • JWKS (/.well-known/jwks.json)
  • Revocation (/revoke)
  • RP-initiated logout (/end_session)
  • Signing-key storage + rotation

Non-goals (v1)

  • Multi-tenant realms
  • Dynamic client registration (RFC 7591)
  • SCIM provisioning
  • Federation chaining

See ADR-006 for full context, invariants, and migration plan.

Status

Scaffold only. Implementation lands in follow-up PRs, TDD order per ADR-006 §7: discovery → JWKS → authorization code flow → token → userinfo → revocation → logout.

Stack

License

GPL-2.0-or-later.