A OAuth2 Server, sometimes also referred to as an OAuth 2.0 Server, OAuth Server, Authorization Server, is a software system that implements network protocol flows that allow a client software application to act on behalf of a user.
Authority is a OpenID OAuth 2.0 Server and OpenID Connect Provider written in Crystal optimized for low-latency, high throughput, and low resource consumption. Authority has a built in identity provider user login.
Authority is an open source API security for your infrastructure.
Implementing and using OAuth2 without understanding the whole specification is challenging and prone to errors, even when SDKs are being used. The primary goal of Authority is to make OAuth 2.0 and OpenID Connect 1.0 better accessible.
The Authority implements five grants for acquiring an access token:
- Authorization code Grant
- Implicit Grant
- Resource owner credentials Grant
- Client credentials Grant
- Refresh token Grant
- Device Token Grant
The following RFCs are implemented:
- RFC6749 "OAuth 2.0"
- RFC6750 " The OAuth 2.0 Authorization Framework: Bearer Token Usage"
- RFC7519 "JSON Web Token (JWT)"
- RFC7636 "Proof Key for Code Exchange by OAuth Public Clients"
Please refer to the project documentation to get started
- Fork it (https://github.com/azutoolkit/authority/fork)
- Create your feature branch (
git checkout -b my-new-feature
) - Commit your changes (
git commit -am 'Add some feature'
) - Push to the branch (
git push origin my-new-feature
) - Create a new Pull Request
- Elias Perez - creator and maintainer