Skip to content
Snippets Groups Projects
Select Git revision
  • main default
  • 139-remove-part-of-the-helm-chart-that-is-moved-to-the-dashboard-helmchart
  • 122-admin-logins-should-gain-admin-privileges
  • 116-allow-password-change-without-ssl-public-endpoint-in-startup-job
  • 114-create-development-scripts-for-reverse-proxy-solution
  • 110-enable-hydra-maester
  • 82-pylint-job-broken-2
  • 93-0.2.11
  • master protected
  • update-hydra
  • spike-use-kratos-as-identity-manager
  • merge_master_into_0.2
  • 56-fix-link-in-the-readme
  • 0.2
  • 40-replace-flask-oauth-with-oauthlib-in-test-login_logout
  • 45-update-user-panel-to-fix-jobs
  • 41-make-oauth2-client-data-persistent
  • force-https
  • 42-ldap-support
  • 33-wordpress-sso-admin-login-doesn-t-work
  • 0.8.0
  • 0.7.7
  • 0.7.6
  • 0.7.4
  • 0.7.1
  • 0.5.2
  • 0.5.0
  • 0.4.3
  • 0.4.2
  • 0.4.1
  • 0.4.0
  • 0.2.11
  • 0.2.10
  • 0.2.9
  • 0.2.8
  • 0.2.7
  • 0.2.6
  • 0.2.5
  • 0.2.4
  • 0.2.3
40 results
Compare History
Mark's avatar
Add bold values
Mark authored
c3765482
Name Last commit Last update
consent_provider
helmchart/single-sign-on
login_provider
test
user-panel @ f500daff
.gitignore
.gitlab-ci.yml
.gitmodules
README.md
docker-compose.yml
README.md

Install

Installation should be done via the helm using the helmchart contained in ./helmchart. Make sure to edit the values in ./helmchart/single-sign-on/values.yaml according to your needs

For Details on how to configure the chart. Refer to ./helmchart/single-sign-on/README.md

Using SSO

To use OpenID Connect or oAuth you need to set up an oAuth Client for every application that needs to authenticate it's users. You can leverage the Hydra Admin API to create oAuth clients. As a starting point, you can have a look at the script provided in test/.

To use SSO configure your oAuth client (for example netxtcloud) and create a new oAuth client object. Refer to https://sso.oas.example.net/.well-known/openid-configuration as a reference on how to configure your openID Connect or oAuth client

Testing

In order to run tests locally, you can start the environment via docker-compose. To make the test setup work on your machine, install docker and docker-compose and edit the docker-compose.yml file. Make sure all of the URLS listed in the environment of the hydra service are accessible by your agent (usually your browser) and the application that will act as an oAuth / OpenID Connect client (for example nextcloud).

Notice that you need to create users and applications before being able to login. You can use the scripts located in user-panel/utils to create users for testing.

If you don't have a test application yourself, you can use the small OpeinID Connect test application located at test/login_logout/

Also refer to .gitlab-ci.yaml to get an idea on how to run all of the tests that are contained in this repository.