pub/oidc-test-client
1
0
Fork 0
Code Activity
OIDC Client for end-to-end and unittesting
166 commits 1 branch 11 tags 600 KiB
Find a file
Exact
Tommy Skaug 558dbc9a36 chore(deps): add renovate config and update Go dependencies 
- Add renovate.json with Go modules support and automerge
- Update Go 1.23 to 1.25
- Update go-oidc to v3.17.0, cobra to v1.10.2
- Remove unused beryju.io/oidc-test-client dependency
2025-12-11 21:24:39 +01:00
.github Bump goreleaser/goreleaser-action from 6.1.0 to 6.2.1 (#129) 2025-02-11 12:51:01 +01:00
cmd add raw id_token in output 2024-05-08 23:24:42 +02:00
pkg bump to oidc v3 2024-09-10 14:55:52 +02:00
src chore(deps): add renovate config and update Go dependencies 2025-12-11 21:24:39 +01:00
.gitignore use goreleaser to push docker and also homebrew 2022-09-12 14:35:28 +02:00
.goreleaser.yml add raw id_token in output 2024-05-08 23:24:42 +02:00
Dockerfile migrate healthcheck to go 2024-01-01 23:56:32 +01:00
go.mod Bump github.com/coreos/go-oidc/v3 from 3.12.0 to 3.13.0 (#136) 2025-03-14 14:30:29 +01:00
go.sum Bump github.com/coreos/go-oidc/v3 from 3.12.0 to 3.13.0 (#136) 2025-03-14 14:30:29 +01:00
LICENSE add license 2020-12-24 15:56:35 +01:00
main.go update module path 2023-02-09 14:05:51 +01:00
README.md improve subdirectory support 2023-07-29 22:03:59 +02:00
renovate.json chore(deps): add renovate config and update Go dependencies 2025-12-11 21:24:39 +01:00

README.md

OIDC-test-client

GitHub Workflow Status

This is a small, golang-based OIDC Client, to be used in End-to-end or other testing. It uses the github.com/coreos/go-oidc Library for the actual OIDC Logic.

This tool can be used to test the traditional Authorization Code Flow. It also tests OIDC Token Introspection, if your provider supports it.

This tool is full configured using environment variables.

URLs

  • http://localhost:9009/health: Healthcheck URL, used by the docker healtcheck.
  • http://localhost:9009/auth/callback: OAuth Callback URL
  • http://localhost:9009/: Test URL, initiated OAuth Code flow
  • http://localhost:9009/implicit/: Tests an Implicit OIDC flow using id_token token

Configuration

  • OIDC_BIND: Which address and port to bind to. (defaults 0.0.0.0:9009).

  • OIDC_CLIENT_ID: OAuth2 Client ID to use.

  • OIDC_CLIENT_SECRET: OAuth2 Client Secret to use. Can be set to an empty string when only implicit flow is tested.

  • OIDC_ROOT_URL: URL under which you access this Client. (default http://localhost:9009)

    When using in a subdirectory, make sure to leave out any trailing slashes

  • OIDC_PROVIDER: Optional URL that metadata is fetched from. The metadata is fetched on the first request to /

  • OIDC_SCOPES: Scopes to request from the provider. Defaults to "openid,offline_access,profile,email"

  • OIDC_DO_REFRESH: Whether refresh-token related checks are enabled (don't ask for a refresh token) (default: true)

  • OIDC_DO_INTROSPECTION: Whether introspection related checks are enabled (don't call introspection endpoint) (default: true)

  • OIDC_DO_USER_INFO: Whether user-info related checks are enabled (don't use userinfo endpoint) (default: true)

  • OIDC_TLS_VERIFY: Whether to verify TLS certicates (set to "false" for self-signed) (default: true)

Running

This service is intended to run in a docker container

# beryju.org is a vanity URL for ghcr.io/beryju
docker pull ghcr.io/beryju/oidc-test-client:
docke run -d --rm \
    -p 9009:9009 \
    -e OIDC_CLIENT_ID=test-id \
    -e OIDC_CLIENT_SECRET=test-secret \
    -e OIDC_PROVIDER=http://id.beryju.io/... \
    ghcr.io/beryju/oidc-test-client:

Or if you want to use docker-compose, use this in your docker-compose.yaml.

version: '3.5'

services:
  oidc-test-client:
    image: ghcr.io/beryju/oidc-test-client:
    ports:
      - 9009:9009
    environment:
      OIDC_CLIENT_ID: test-id
      OIDC_CLIENT_SECRET: test-secret
      OIDC_PROVIDER: https://some.issuer.tld/