# idCoop idCoop is a small, lightweight identity provider / user login system. idCoop acts as an OpenID Connect (OAuth 2.0/2.1) provider. You can use it as a Single Sign On (SSO) solution for your home server or to avoid having to roll your own login system for your own service. **idCoop is still experimental and underdeveloped. If you use it, it's at your own risk :-).** ## Features - Support for [OAuth 2.1 draft 9](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-09) (OAuth 2.1 is essentially a restatement of OAuth 2.0 best practices) - OpenID Connect - Username and password login (passwords hashed with Argon2) - Light requirements: less than 32 MB RAM usage ### Future Features - E-mail registration - E-mail password resets - Two-Factor Authentication - Registration token/link system for invite-only services - Administration interface ## Documentation Documentation is in the `docs` directory and (TODO) will be available to view on the web. Please see the documentation for installation instructions. ## Licence and Contributing Copyright © Olivier 'reivilibre' 2024 idCoop is licensed under the AGPL v3 at this time. See [the LICENCE file](LICENCE). Unless otherwise stated, all files in this source repository are under this licence. idCoop is currently a bit early-stage for contributions and I am still unsure about the final licence. However, if desired, please contact me via the e-mail address found in the git commit metadata. Thanks. ### Acquiring development tools using the Nix flake We have a Nix flake available containing all the required tools; either use direnv and `direnv allow` this repository or use `nix develop --impure ./flake-devenv` as needed. ### Database You'll need a Postgres database to run idCoop as well as when changing SQL queries in the code. If using the Nix flake, you can use `devenv up` to start up a Postgres database (which you can then connect to automatically with the `psql` command line and the empty-looking `postgres:` URI for SQLx). We use SQLx as the database driver and we use its compile-time query checking, but it is worth bearing in mind we support SQLx's 'offline mode'. (We want CI and other people to be able to compile the project without needing a database for query analysis.) What this means is that **if you add or change a SQL query**, you need to ask SQLx to update the stored query analyses by running `cargo sqlx prepare --database-url postgres:` *and then you need to include the changes in the `.sqlx/` directory in your commit*. ### Generating an RSA key ```shell-commands # Generate keypair part openssl genrsa -out keypair.pem 2048 # Extract public part openssl rsa -in keypair.pem -pubout -out publickey.crt ```