An Identity Provider for ORY Hydra over LDAP

https://github.com/i-core/werther

2019-06-17 · 1 min · word · Me

php swoole

https://github.com/i-core/werther

2019-06-16 · 1 min · word · Me

OpenID hydra docker-compose STOP

https://github.com/ory/examples/blob/master/full-stack/docker-compose.yml Maybe use 5 min quickstart.yml better.

2019-06-13 · 1 min · 7 words · Me

OpenID hydra SSL problem Finish!

1、use docker-machine create vm get ip: 192.168.99.100 2、deploy https://www.ory.sh/docs/next/hydra/configure-deploy docker network create hydraguide docker run \ --network hydraguide \ --name ory-hydra-example--postgres \ -e POSTGRES_USER=hydra \ -e POSTGRES_PASSWORD=secret \ -e POSTGRES_DB=hydra \ -d postgres:9.6 export SECRETS_SYSTEM=this_needs_to_be_the_same_always_and_also_very_$3cuR3-._ export DSN=postgres://hydra:secret@ory-hydra-example--postgres:5432/hydra?sslmode=disable docker pull oryd/hydra:latest docker run -it --rm \ --network hydraguide \ oryd/hydra:latest \ migrate sql --yes $DSN =====creat ssl cert and key==== !!注意!! 產生方式改用 https://sueboy.blogspot.com/2019/08/openssl-self-signed-certificate.html 較為保險,不容易發生 ERR_SSL_VERSION_OR_CIPHER_MISMATCH 錯誤! create two cert. 1. t.tt 2. openid.hydra In vm openssl genrsa -out t.tt.key 2048 openssl ecparam -genkey -name secp384r1 -out t.tt.key openssl req -new -x509 -sha256 -key t.tt.key -out t.tt.crt -days 3650 Important!! t.tt.crt step: Common Name (e.g. server FQDN or YOUR name) []: t.tt openssl genrsa -out openid.hydra.key 2048 openssl ecparam -genkey -name secp384r1 -out openid.hydra.key openssl req -new -x509 -sha256 -key openid.hydra.key -out openid.hydra.crt -days 3650 Important!! openid.hydra.crt step: Common Name (e.g. server FQDN or YOUR name) []: openid.hydra Use openid.hydra.key and openid.hydra.crt to base64 code https://www.base64encode.org/ ...

2019-06-12 · 5 min · 974 words · Me

OpenID grant_type

https://blog.yorkxin.org/2013/09/30/oauth2-3-endpoints.html Grant Type Grant Type 透過 grant_type 參數來指定,其值定義如下: 值 意義 authorization_code 用 Authorization Code 求 Access Token (Authorization Code Grant Flow)。 password 用 Resorce Owner Password Credentials 求 Access Token (Resource Owner Password Credentials Grant Flow)。 client_credentials 用 Client Credentials 求 Access Token (Client Credentials Grant Flow)。 refresh_token 用 Refresh Token 換發 Access Token。

2019-06-12 · 1 min · 54 words · Me