[ANN] OpenID connect

I recently released a OpenID connect library to opam named oidc. And today I got it certified by the openid foundation which proves that it’s up to par with the specification. At least for the 2(3) profiles that I certified.

I also created a higher level library oidc-client that used the excellent Piaf library under the hood to make it easy to build a client. I can’t publish that on opam since it uses unreleased libraries by @anmonteiro but I try to maintain the opam files even though I mainly use esy.
This should allow anyone to create websites with simple login with Facebook/Apple/Microsoft/Google.

This has been quite a ride for me, I built and published JOSE to work with JWTs and JWKs and cookie to have the implementation be less ad-hoc.
I also built a web framework that I used in the certification process.

Docs: https://ulrikstrid.github.io/ocaml-oidc/

21 Likes

This is just perfect timing; I was just looking into integrating OpenID on a website redesign I’m doing, and here you are! Thank you for working on and publishing this.

2 Likes

Let me know if I can help or if you feel like anything is missing. The documentation tries to describe the flow and where you should use what but it can always be better.

1 Like

Thanks for these great libraries! I’ve added them to ocamlverse. Feel free to suggest clarifications.

Any chance of bringing morph to opam?

1 Like

Morph is also based on Piaf which is not on opam. But if @anmonteiro can figure out a way to get his awesome libraries to opam I would gladly publish the things I built on top as well.

I try to maintain the opam files so it should be possible to pin them at least.

2 Likes

Congrats @ulrikstrid. This is huge news.

2 Likes

This sounds really useful.

You might take interest in webauthn, at a later point.

I think this could be used in a OpenID Connect provider but I’m not 100% sure how it should work.
But very interesting!