Finally managed to get #OIDC post-login redirects to specific "URLs" (well, #libadwaita `NavigationView` tags, to be precise) to work. That was quite a bit more complex than I expected it to be!
#oidc
0 posts0 participants0 posts today
For the AlekSIS project, a very active open source school information system, we are looking for a freelance #Python and #Django developer with knowledge about #OAuth and #OIDC.
The task is to implement several features in django-oauth-toolkit.
If you think you might be that person, please ping me and @hansegucker!
For those who attend, #FOSDEM will be a good opportunity to meet if you are interested, but that's by no means a requirement.
Replied in thread
Ⓥ
I could buy this if #TailScale was being promoted on, say, #LinuxUnplugged. On a show specifically about self hosting though, promoting something that runs everyone's logins through #Google/#Microsoft/#Apple is hypocritical.
#OIDC is at least self-hostable, but setting that up wipes out the main claimed benefit, namely that it will be up and running "within minutes". So they're making claims on a show literally called "SelfHosting" that are only met by using #GAFAM accounts.
I've got to say, I'm disappointed with my first look into @tailscale . It was promoted heavily by The #SelfHosted Show on #JupiterBroadcasting as "installs on any device in minutes".
Well, #Tailscale needs an account.
Fine.
The only options though are #Google, #Microsoft, #Github, #Apple or #OIDC. Only one doesn't report to #GAFAM's #surveillance, and that definitely won't be up and running "in minutes".
...and is the server software (not #HeadScale ) #proprietary?
What am I missing here?
Je viens de publier un cours intitulé "Identité et méthodes d'authentification" sous licence CC-BY : https://broken-by-design.fr/posts/cours-id-authn/
Ce cours s'adresse aux personnes de niveau M2 et aux professionnel.les débutant.es, même si les plus expérimenté.es pourraient y trouver des informations intéressantes.
Il comprend une introduction aux différents types de référentiels d'identités, avant de plonger dans l'authentification, sous des angles juridiques et techniques. Authentification multifacteur, forte, résistante au phishing, assurant de bonnes garanties de vie privée ! Authentification à l'état de l'art ! Vous pourrez en apprendre plus à ces sujets grâce à ce cours.
Et ce n'est que la première partie ! Ce mois-ci, une seconde partie sera publiée, sur le sujet de l'autorisation, avec un TP de mise en place de #Keycloak pour une authentification fédérée avec OpenID Connect! À suivre !
broken-by-design.frIdentité et méthodes d'authentification | Broken by DesignUn cours de niveau M2 sur l'identité et les méthodes d'authentification
This is the official Mastodon account for LemonLDAP::NG, a Web Single Sign On free software compatible with many open standards like CAS, SAML and OpenID Connect.
We will publish here information about releases and new features. Please follow us!
See also our official website: https://www.lemonldap-ng.org
www.lemonldap-ng.orgLemonLDAP::NG - Web Single Sign On and Access Management Free SoftwareLemonLDAP::NG is a free software to provide WebSSO, Access Management and Identity Federation
Replied in thread
@utopify_org@veganism.social with #oidc it seems possible, at least I try to use it on a regional platform, one login for several services !
We are working on OIDC support, and exploring IndieAuth!
The Sign-in with Mastodon feature uses Mastodon specific APIs and is a temporary measure until we get OIDC in place and other platforms support it!
Just dropped our paper on eprint: OpenPubkey. I welcome any questions/feedback replies
#OpenPubkey adds user-held public keys into OpenID Connect without breaking compatibility. This means users can create digital signatures on the web that are associated with their ID Tokens. Fully signed APIs here we come.
Our protocol is so compatible with existing IDPs that not only have we been using it in production with Google, Okta, and Microsoft IDPs for over a year, but that IDPs can't even tell that OpenPubkey is being used!
