[ANN] OpenID connect

I recently released a OpenID connect library to opam named oidc. And today I got it certified by the openid foundation which proves that it’s up to par with the specification. At least for the 2(3) profiles that I certified.

I also created a higher level library oidc-client that used the excellent Piaf library under the hood to make it easy to build a client. I can’t publish that on opam since it uses unreleased libraries by @anmonteiro but I try to maintain the opam files even though I mainly use esy.
This should allow anyone to create websites with simple login with Facebook/Apple/Microsoft/Google.

This has been quite a ride for me, I built and published JOSE to work with JWTs and JWKs and cookie to have the implementation be less ad-hoc.
I also built a web framework that I used in the certification process.

Docs: https://ulrikstrid.github.io/ocaml-oidc/

20 Likes

This is just perfect timing; I was just looking into integrating OpenID on a website redesign I’m doing, and here you are! Thank you for working on and publishing this.

2 Likes

Let me know if I can help or if you feel like anything is missing. The documentation tries to describe the flow and where you should use what but it can always be better.

1 Like

Thanks for these great libraries! I’ve added them to ocamlverse. Feel free to suggest clarifications.

Any chance of bringing morph to opam?

Morph is also based on Piaf which is not on opam. But if @anmonteiro can figure out a way to get his awesome libraries to opam I would gladly publish the things I built on top as well.

I try to maintain the opam files so it should be possible to pin them at least.

2 Likes

Congrats @ulrikstrid. This is huge news.

2 Likes

This sounds really useful.

You might take interest in webauthn, at a later point.

I think this could be used in a OpenID Connect provider but I’m not 100% sure how it should work.
But very interesting!