Document implementations

solid / solid-oidc

The repository for the Solid OIDC authentication specification.

https://solid.github.io/solid-oidc/

MIT License

19 stars 13 forks source link

Document implementations #19

Open csarven opened 3 years ago

csarven commented 3 years ago

We can document existing, ongoing, or planned implementations. It will serve to advance this panel's specs. This issue is not intended to be the canonical location for implementations or to replace implementation reports made against test suite.

Update table criteria as needed.

Solid-OIDC implementations

URL	License	Maintainer	Notes
https://github.com/solid/solid-auth-fetcher	MIT?	Solid Project	Client library
solid-client-authn	MIT?	Inrupt	Client library
Inrupt OIDC broker	Commercial	Inrupt	Solid-OIDC server implementation. Supports `webid` claim and DPoP. Supports client identifiers. Can be used with any existing OIDC-conforming identity provider.
sai-authentication-java	MIT	Janeiro Digital	Client library
Community Solid Server	MIT	Inrupt and imec	OpenID Provider and Resource Server
Inrupt Java Client Library	MIT	Inrupt	Client Library

elf-pavlik commented 3 years ago

Maybe we can just include this table in README.md ?

michielbdejong commented 3 years ago

I think the main difference is that ISCAJ keeps its credentials inside a closure, which makes it more secure in some situations, and solid-auth-fetcher exposes them to the calling code, which makes it more versatile in other situations.

jeff-zucker commented 3 years ago

There are now client implementations in Perl and Rust so they might belong here.

jeff-zucker commented 3 years ago

I'm a bit unclear what should be included on this list. Should it have low-level stuff like oidc-op? How about higher-level libraries which make use of the stack (e.g. Inrupt's solid-client-authn-* or solid-node-client)?

acoburn commented 3 years ago

The list should include libraries/applications that implement or intend to implement the specifications defined by this panel. At present, that includes Solid-OIDC.

elf-pavlik commented 3 years ago

During call we noticed that we need conformance section which will prescribe which roles (IdP, RS, client) have to implement what.

csarven commented 3 years ago

Solid OIDC Conformance Classes: https://github.com/solid/authentication-panel/issues/133

jeff-zucker commented 3 years ago

It would be nice if a) we also had data for NSS and CSS and the other implementations b) the notes mentioned whether the OIDC flow is supported both in the browser and out of the browser as several implementations have supported the first without supporting the second c) there were a date showing how recent the information is (or more likely isn't).

elf-pavlik commented 2 years ago

I updated table above adding sai-authentication-java developed by @justinwb

I'm going to move that table into README so that everyone can make PR to update it.