Deprecated as part of fulgens nucleus (https://git.ailur.dev/ailur/fulgens)
This repository has been archived on 2024-09-28. You can view files and clone it, but cannot push or open issues or pull requests.
Go to file
Tracker-Friendly 7758c8f2a6 Move from RSA to Ed25519. This breaks backwards compatibility and therefore a new semantic release. 2024-08-05 19:56:29 +01:00
static Fix variable typo in login.js 2024-07-28 14:21:12 +01:00
templates a message doesn't cover this one. just read the code. it speaks for itself. 2024-07-26 19:25:41 +01:00
.gitignore Updated gitignore, fixed openid uri 2024-05-04 17:41:43 +01:00
ERRORS.md a message doesn't cover this one. just read the code. it speaks for itself. 2024-07-26 19:25:41 +01:00
LICENSE.md Open source and release to the public 2024-04-26 20:12:56 +00:00
README.md Added example configuration, updated README.md, updated background image to Public Domain image, updated styles to be in accordance with the New Burgerware Design, fixed pages displaying poorly on phones, fixed server panics being caused by incorrect JSON, made it clear AESKeyShare is not in working order, made the application not hard-code the URL, made the application not hard-code the app name, updated the CAPTCHA module to the newest version and URL, removed crypto-js, removed unneeded broken code left over from Burgernotes, removed unneeded CSS left over from Burgernotes, made page titles consistant, changed some formatting to be using camel instead of snake case, fixed various JS bad-practices, used a really long commit message. 2024-07-10 18:43:17 +01:00
config.ini.example a message doesn't cover this one. just read the code. it speaks for itself. 2024-07-26 19:25:41 +01:00
go.mod Updated JWT to maintained fork 2024-08-04 14:47:21 +01:00
go.sum Updated JWT to maintained fork 2024-08-04 14:47:21 +01:00
keyExchangeRdir.html a message doesn't cover this one. just read the code. it speaks for itself. 2024-07-26 19:25:41 +01:00
main.go Move from RSA to Ed25519. This breaks backwards compatibility and therefore a new semantic release. 2024-08-05 19:56:29 +01:00
schema.sql a message doesn't cover this one. just read the code. it speaks for itself. 2024-07-26 19:25:41 +01:00

README.md

Burgerauth

Burgerauth is a free-and-open-source OAuth2/OIDC (or as I've taken to calling it, OAuth2 + OIDC) server.

Ok, that's great, how do I host my own instance?

First, replace the domains in the source code and templates with your own (a domain is required, not just an IP).

Second, copy config.ini.example to config.ini then tweak to your liking, making sure to point to a valid path for where you are going to generate your RSA keypair.

Third, run go build.

Fourth, generate a RSA keypair using openssl genpkey -algorithm RSA -out private.pem -pkeyopt rsa_keygen_bits:2048 openssl rsa -pubout -in private.pem -out public.pem

Fifth, run ./burgerauth. Read ERRORS.md to see how to handle server errors.

What if I am a developer?

The OAuth2 protocol should be fairly standard. Burgerauth comes with OpenID Connect discovery, and you should use that to find out the URL endpoints for the instance you are targeting, and you shouldn't really touch anything else. Burgerauth provides only authorization and not resource-delegation, and so doesn't issue refresh tokens.

How long did this take to make?

Yes.

What do you mean "OAuth2 + OIDC"?

OIDC is not a protocol in of itself, but rather an extension on top of a fully working OAuth2 system, made useful by the OAuth2 protocol and JWK token protocol.