An OAuth 2.0 compatible authorization service written in Go.
- Implements the implicit flow as described in RFC6749 section 4.2
- Uses JSON Web Keys (RFC7517) for key management
- Creates JSON Web Tokens (RFC7519) using HMAC or ECDSA (HS256, HS384, HS512, ES256, ES384, ES512)
- Provides interfaces for identity providers, state storage (with implementations for single node in-memory storage and Redis), authorization providers (to map users to scopes) and client registries.
For more information on how to use, check out the GitHub repository: Amsterdam/authz or the Documentation on GoDoc.
Alongside the Authz service we created an Admin backend (GitHub repository: Amsterdam/authz_admin) to map OAuth 2.0 scopes to profiles that map to roles provided by your Identity Provider.
The Gopher OAuth illustration is based on the Go Gopher by Takuya Ueda (CC-BY) and the OAuth logo by Chris Messina (CC-BY-SA).