{"id":24839522,"url":"https://github.com/OpenIDC/liboauth2","last_synced_at":"2025-10-14T13:30:54.771Z","repository":{"id":39912862,"uuid":"177150688","full_name":"OpenIDC/liboauth2","owner":"OpenIDC","description":"OAuth 2.x and OpenID Connect C library","archived":false,"fork":false,"pushed_at":"2025-08-08T09:06:14.000Z","size":669,"stargazers_count":116,"open_issues_count":3,"forks_count":27,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-08-08T10:30:37.836Z","etag":null,"topics":["c","oauth","oauth2","openid-connect"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/OpenIDC.png","metadata":{"files":{"readme":"README.md","changelog":"ChangeLog","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":"OpenIDC"}},"created_at":"2019-03-22T14:03:06.000Z","updated_at":"2025-08-08T08:57:36.000Z","dependencies_parsed_at":"2024-08-02T12:05:16.043Z","dependency_job_id":"99b290de-0f64-417b-bbbb-ad65f1ad7340","html_url":"https://github.com/OpenIDC/liboauth2","commit_stats":null,"previous_names":[],"tags_count":32,"template":false,"template_full_name":null,"purl":"pkg:github/OpenIDC/liboauth2","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenIDC%2Fliboauth2","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenIDC%2Fliboauth2/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenIDC%2Fliboauth2/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenIDC%2Fliboauth2/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/OpenIDC","download_url":"https://codeload.github.com/OpenIDC/liboauth2/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenIDC%2Fliboauth2/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279018715,"owners_count":26086609,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-14T02:00:06.444Z","response_time":60,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["c","oauth","oauth2","openid-connect"],"created_at":"2025-01-31T06:48:43.982Z","updated_at":"2025-10-14T13:30:54.172Z","avatar_url":"https://github.com/OpenIDC.png","language":"C","funding_links":["https://github.com/sponsors/OpenIDC"],"categories":["Relying Parties (RP) Libraries"],"sub_categories":["C"],"readme":"[![Build Status](https://github.com/OpenIDC/liboauth2/actions/workflows/build.yml/badge.svg)](https://github.com/OpenIDC/liboauth2/actions/workflows/build.yml)\n[![Architectures Status](https://github.com/OpenIDC/liboauth2/actions/workflows/archs.yml/badge.svg)](https://github.com/OpenIDC/liboauth2/actions/workflows/archs.yml)\n[![CodeQL Analysis](https://github.com/OpenIDC/liboauth2/actions/workflows/codeql-analysis.yml/badge.svg)](https://github.com/OpenIDC/liboauth2/actions/workflows/codeql-analysis.yml)\n\n# liboauth2\nGeneric library to build C-based OAuth 2.x and OpenID Connect servers and clients e.g. web-server plugins.\n\n## Overview\n- extends [cjose](https://github.com/OpenIDC/cjose) into OAuth 2.x and OpenID Connect specific claims, secrets, and hashes\n- adds OAuth 2.x and OpenID Connect protocols by abstracting HTTP requests and responses from web server implementation specifics\n- reusable code across other OAuth 2.x and REST related protocols\n  e.g. token exchange with endpoint authentication, source token retrieval, target pass settings etc.\n- generic code with plugins for Apache, NGINX, and possibly more (e.g. Envoy, HA Proxy, IIS)\n- configurable cache backend/size/options per cache element type\n- cookie-based session management (i.e. enforce inactivity timeout, expiry)\n\n## Features\n- [OpenID Connect 1.0](https://openid.net/specs/openid-connect-core-1_0.html)\n- OAuth 2.0 Resource Owner Password Credentials ([RFC 6749](https://tools.ietf.org/html/rfc6749#section-4.3))\n- OAuth 2.0 Token Introspection ([RFC 7662](https://tools.ietf.org/html/rfc7662))\n- JWT bearer token validation using JWK, JWKS URI, shared symmetric key, X.509 cert, and RSA public key ([RFC 6750](https://tools.ietf.org/html/rfc6750))\n- OAuth 2.0 Authorization Server Metadata ([RFC 8414](https://tools.ietf.org/html/rfc8414))\n- Proof Key for Code Exchange (PKCE) by OAuth Public Clients ([RFC 7636](https://tools.ietf.org/html/rfc7636))\n- OAuth 2.0 Mutual-TLS (MTLS) Certificate-Bound Access Tokens ([RFC 8705](https://tools.ietf.org/html/rfc8705))\n- OAuth 2.0 Demonstrating Proof of Possession (DPoP) ([RFC9449](https://tools.ietf.org/html/rfc9449))\n- Amazon ALB [EC key URL based `x-amzn-oidc-data` JWT verification](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-authenticate-users.html)\n- endpoint authentication methods: `client_secret_basic`, `client_secret_post`, [`client_secret_jwt`, `private_key_jwt`](https://tools.ietf.org/html/rfc7523), [TLS client certificate](https://tools.ietf.org/id/draft-ietf-oauth-mtls), and HTTP basic authentication\n- configurable cache backends: shared memory, file-based, memcache, and Redis\n- retrieving a token from a header, a query parameter, a post parameter, or a cookie\n- setting a token as a header, a query parameter, a post parameter, or a cookie\n- Apache and NGINX bindings\n\n## Dependencies\n\nliboauth2 depends on the following libraries:\n- [`openssl`](https://www.openssl.org/) for SSL and crypto support\n- [`libcurl`](https://curl.haxx.se/libcurl/) for HTTP client support\n- [`jansson`](http://www.digip.org/jansson/) for JSON parsing\n- [`cjose`](https://github.com/OpenIDC/cjose) for JSON Object Signing and Encryption (JOSE) support\n- (optional) [`libmemcached`](https://libmemcached.org) for memcache cache backend support\n- (optional) [`libhiredis`](https://github.com/redis/hiredis) for Redis cache backend support\n- (optional) [`Apache 2.x`](https://httpd.apache.org/) for Apache 2.x bindings support\n- (optional) [`NGINX`](https://nginx.org) for NGINX bindings support\n- (optional, build time only) [`check`](https://libcheck.github.io/check/) for unit test support\n\n## Support\n\n### Community Support\nSee [Frequently Asked Questions](https://github.com/OpenIDC/liboauth2/wiki) on the Wiki.  \nAsk questions in the [Discussions](https://github.com/OpenIDC/liboauth2/discussions) tracker.\n\n### Commercial Support\nFor commercial support contracts, professional services, training, and use-case specific support, contact [OpenIDC](https://www.openidc.com) at:\n[sales@openidc.com](mailto:sales@openidc.com)\n\nDisclaimer\n----------\n*This software is open sourced by OpenIDC. For commercial support\nyou can contact [OpenIDC](https://www.openidc.com) as described above in the [Support](#support) section.*\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FOpenIDC%2Fliboauth2","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FOpenIDC%2Fliboauth2","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FOpenIDC%2Fliboauth2/lists"}