OAuth 2.0 and OpenID Connect libraries for C

Just about 5 years ago I started to develop an OpenID Connect plugin for the Apache web server.  Over the years it has become a pretty popular project and lots and lots of input from real world experience has come along to improve it. As with all software, there comes a time to revisit the initial idea, the design choices and the scope of the project and that is exactly what I have done over the last 6 months.

I found that a lot of existing code could be refactored into a generic OAuth/OIDC library for C and that that library could then conveniently be used to build C-based plugins for various web servers and reverse proxies, not just Apache. This is similar to the approach that mod_security version 3 took. Today marks the announcement of such libraries for OAuth 2.0 / OpenID Connect and the availability some of these plugins. Here’s what I came up with so far:

And here is the first batch of plugins built on those libraries:

Note that over the course of 2019 I will rewrite mod_auth_openidc into version 3 that leverages liboauth2 and at the same time develop a native plugin (called ngx_openidc_module) for NGINX.

Please reach out to me if you want to be an early adopter of the new stuff and are willing to provide feedback.

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s