[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Discussing Successor of Debian SSO Service

Hi,

I am Himanshu Shekhar [1], an undergrad from IIIT-Allahabad, India.
I am studying Information Technology, am a polyglot programmer (prefers Python, Golang and _javascript_) and have interned at SocialCops[2] (a data-intelligence company) as a backend engineer last summer.

I've been going through ideas proposed for GSOC'18 and stepped on this one.

My institute requires me to use LDAP for authenticating on all sorts of portals required. Being one of the mentors and coordinators at the technical society of the institute, there are times where I have to integrate some kind of portal to LDAP which I personally find horrible because it is not HTTP and has a lot of restrictions from the campus proxy server and firewall.

As a result of this, I have been wanting to develop a generic SSO server which can be deployed at website/premise without any hassle, something which takes a config file for user database structure, some parameters and does rest of the work over HTTP.

** What I pictured is an *open-source replica of Google Login* [3], with same features - a central service which you have configured with the information to collect for users who sign up and provide and applications can use the service to authenticate and get the user's basic information. The authorization part - scoping, limitations, is up to the client application. The SSO server does authentication, and authorization is up to the application server.

Also, as a hobby project, I've been developing an API using Go and Gin where I have implemented auth using JWT tokens [4] (both access and refresh tokens), which is extremely simple in structure.
It does just one work - authenticating the required user from it's database.

Talking about the GSOC project, there are certain Oauth2 libraries for Python, Golang, _javascript_ which can be used to create the required service over the top of it. I have listed the required links [5]  at the end of this email.

Is this similar to what you have pictured for Debian and this GSOC?
Please let me know. I would be really happy to work on something which I have been passionately wanting to make.

References:

[5] Oauth2 libraries :
      Python : https://github.com/oauthlib/oauthlib
       has implementations for Flask, Django, Bottle, Pyramid (mentioned in Readme).

      Golang :
        Hydra : https://github.com/ory/hydra
        Osin : https://github.com/RangelReale/osin

[1] Himanshu Shekhar
      Github: https://github.com/himanshub16
      LinkedIn : https://linkedin.com/in/himanshub16

[2] SocialCops : https://socialcops.com

[3] Google Login : https://developers.google.com/identity/sign-in/web/sign-in

[4] JWT : https://jwt.io

Regards,
Himanshu Shekhar
Reply to: