OpenID Connect Identity Provider for Sign-In with Ethereum.
Go to file
2021-12-15 15:13:26 +00:00
js/ui Initial commit 2021-12-13 16:35:10 +00:00
src Initial commit 2021-12-13 16:35:10 +00:00
static Initial commit 2021-12-13 16:35:10 +00:00
.dockerignore Initial commit 2021-12-13 16:35:10 +00:00
.gitignore Initial commit 2021-12-13 16:35:10 +00:00
Cargo.lock Initial commit 2021-12-13 16:35:10 +00:00
Cargo.toml Add README (#1) 2021-12-15 15:13:26 +00:00
docker-compose.yml Add README (#1) 2021-12-15 15:13:26 +00:00
Dockerfile Add README (#1) 2021-12-15 15:13:26 +00:00
LICENSE-APACHE Add README (#1) 2021-12-15 15:13:26 +00:00
LICENSE-MIT Add README (#1) 2021-12-15 15:13:26 +00:00
README.md Add README (#1) 2021-12-15 15:13:26 +00:00
siwe-oidc.toml Initial commit 2021-12-13 16:35:10 +00:00

OpenID Connect Identity Provider for Sign-In with Ethereum

Getting Started

Dependencies

Redis, or a Redis compatible database (e.g. MemoryDB in AWS), is required.

Starting the IdP

The Docker image is available at ghcr.io/spruceid/siwe_oidc:0.1.0. Here is an example usage:

docker run -p 8000:8000 -e SIWEOIDC_ADDRESS="0.0.0.0" -e SIWEOIDC_REDIS_URL="redis://redis" ghcr.io/spruceid/siwe_oidc:latest

It can be configured either with the siwe-oidc.toml configuration file, or through environment variables:

  • SIWEOIDC_ADDRESS is the IP address to bind to.
  • SIWEOIDC_REDIS_URL is the URL to the Redis instance.
  • SIWEOIDC_BASE_URL is the URL you want to advertise in the OIDC configuration (e.g. https://oidc.example.com).
  • SIWEOIDC_RSA_PEM is the signing key, in PEM format. One will be generated if none is provided.

OIDC Functionalities

The current flow is very basic -- after the user is authenticated you will receive an Ethereum address as the subject (sub field).

For the core OIDC information, it is available under /.well-known/openid-configuration.

TODO Items

  • Additional information, from native projects (e.g. ENS domains), to more traditional ones (e.g. email).

Development

A Docker Compose is available to test the IdP locally with Keycloak.

  1. You will first need to run:
docker-compose up -d
  1. And then edit your /etc/hosts to have siwe-oidc point to 127.0.0.1. This is so both your browser, and Keycloak, can access the IdP.

  2. In Keycloak, you will need to create a new IdP. You can use http://siwe-oidc:8000/.well-known/openid-configuration to fill the settings automatically. As for the client ID/secret, you can use sdf/sdf.