{"id":13563090,"url":"https://github.com/ManuelBerrueta/FlowAnalyzer","last_synced_at":"2025-04-03T19:32:19.660Z","repository":{"id":251202103,"uuid":"825780387","full_name":"ManuelBerrueta/FlowAnalyzer","owner":"ManuelBerrueta","description":"FlowAnalyzer is a tool to help in testing and analyzing OAuth 2.0 Flows, including OpenID Connect (OIDC).","archived":false,"fork":false,"pushed_at":"2024-07-08T14:32:40.000Z","size":37,"stargazers_count":173,"open_issues_count":0,"forks_count":10,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-11-04T15:52:20.387Z","etag":null,"topics":["appsec","identity","oauth","oauth2","oidc","openid","openid-connect","redteam","security","security-tools"],"latest_commit_sha":null,"homepage":"","language":"Jupyter Notebook","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ManuelBerrueta.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-07-08T13:35:37.000Z","updated_at":"2024-10-28T11:00:37.000Z","dependencies_parsed_at":"2024-08-01T13:40:34.787Z","dependency_job_id":null,"html_url":"https://github.com/ManuelBerrueta/FlowAnalyzer","commit_stats":null,"previous_names":["manuelberrueta/flowanalyzer"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ManuelBerrueta%2FFlowAnalyzer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ManuelBerrueta%2FFlowAnalyzer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ManuelBerrueta%2FFlowAnalyzer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ManuelBerrueta%2FFlowAnalyzer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ManuelBerrueta","download_url":"https://codeload.github.com/ManuelBerrueta/FlowAnalyzer/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247065406,"owners_count":20877768,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["appsec","identity","oauth","oauth2","oidc","openid","openid-connect","redteam","security","security-tools"],"created_at":"2024-08-01T13:01:15.076Z","updated_at":"2025-04-03T19:32:19.361Z","avatar_url":"https://github.com/ManuelBerrueta.png","language":"Jupyter Notebook","funding_links":[],"categories":["Jupyter Notebook"],"sub_categories":[],"readme":"![FlowAnalyzer](FlowAnalyzer.png)\n## Flow Analyzer\n**Flow Analyzer** is designed for helping in low level understanding and testing of OAuth 2.0 Grants/Flows.\n\nAlthough my use cases are from the security side of things, it can be beneficial from an engineer's point of view as well 😊     \n- You'll find the notebooks to execute the flows under the `/Flows` directory and a brief explanation of each flow in `/Flows/Flows.md`.\n    - The flows themselves are separated in their corresponding directory, in my attempt to keep things tidy!\n- If you are interested in playing around with certificate authentication, check out the `/Cert_Setup` directory for details on how to do it and set it up.\n  \n### Setup:\nTo get started please see `SETUP.md` as for a tiny bit of setup to get everything working 😊.\n    \n\u003e [!WARNING] ⚠ The code here is not meant to be used to do any formal AuthN or AuthZ checks in **Production** applications. These are meant for **testing** ONLY! Believe me there are a lot of things that can go wrong here!\n\u003e Please use the [Microsoft identity platform authentication libraries](https://learn.microsoft.com/en-us/entra/identity-platform/reference-v2-libraries) for production code.  \n\u003e You can also take a look at [Libraries for Token Signing/Verification @ JWT.io](https://jwt.io/libraries)\n\n---     \n### OpenID Connect (OIDC)\nOAuth 2.0 was designed for authorization. OpenID Connect (OIDC) extends the OAuth 2.0 functionality to provide authentication. To find out more about OIDC, check the `/OpenID_Connect-OIDC` directory.\n\n---     \n### JSON Web Tokens aka JWT(s) \nIf we are talking about OAuth and modern authentication we can't skip talking about JWTs, as these are the type of tokens we will be working with.\nFor further insights, please see `/JWT/JWT.md`.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FManuelBerrueta%2FFlowAnalyzer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FManuelBerrueta%2FFlowAnalyzer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FManuelBerrueta%2FFlowAnalyzer/lists"}