simple-sso | Single sign on service with authorization capabilities | Authentication library

simple-sso is a Go library typically used in Security, Authentication applications. simple-sso has no bugs, it has no vulnerabilities, it has a Permissive License and it has low support. You can download it from GitHub.

simple-sso is an SSO service with support for roles based authorization written in the Go programming language. For browser based applications the service exposes the /sso handler which sets the sso cookie for a given domain. For instance if the login service runs as login.example.com, the sso cookie domain could be configured as example.com. That way any application running under a subdomain of example.com will be able to leverage the sso service (see rfc6265). The value of the sso cookie is a jwt token signed by the rsa private key of the simple-sso service. To use this service the application needs to have the corresponding public key in order to decrypt the cookie. The app checks for the presence of the sso cookie and in the absence of that it redirects to the /sso handler of the sample-sso service setting the s_url parameter to its url. The login service is expected to redirect the user back to s_url post authentication. See the code under example_app directory. simple-sso exposes /auth_token handler which can be used to download the encrypted jwt token. The downloaded token can potentially be passed via Authorization headers by client applications to server apps hopefully using ssl. simple-sso also has a form of authorization capabilities. It can optionally pack in the roles (e.g openldap groups) information in the cookie/jwt based on a config environment variables.. They say a picture is thousand times more effective, so here is a diagram which shows traffic flow with simple-sso.