{"id":22268112,"url":"https://github.com/curityio/device-secret-authenticator","last_synced_at":"2025-03-25T14:45:10.479Z","repository":{"id":74437447,"uuid":"571643912","full_name":"curityio/device-secret-authenticator","owner":"curityio","description":"An authenticator accepting a nonce issued from the token profile to achieve SSO functionality","archived":false,"fork":false,"pushed_at":"2023-08-31T11:25:00.000Z","size":26,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-01-30T13:29:56.334Z","etag":null,"topics":["authenticator","device-secret","nonce","plugin"],"latest_commit_sha":null,"homepage":"","language":"Kotlin","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/curityio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-11-28T15:19:03.000Z","updated_at":"2023-04-27T09:22:02.000Z","dependencies_parsed_at":"2024-12-03T11:11:13.380Z","dependency_job_id":"31fab2a2-26a1-4016-976d-c7abcaa9612d","html_url":"https://github.com/curityio/device-secret-authenticator","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fdevice-secret-authenticator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fdevice-secret-authenticator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fdevice-secret-authenticator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fdevice-secret-authenticator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/curityio","download_url":"https://codeload.github.com/curityio/device-secret-authenticator/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245485811,"owners_count":20623238,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authenticator","device-secret","nonce","plugin"],"created_at":"2024-12-03T11:11:11.646Z","updated_at":"2025-03-25T14:45:05.467Z","avatar_url":"https://github.com/curityio.png","language":"Kotlin","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Device Secret Authenticator Plugin\n\n\n[![Quality](https://img.shields.io/badge/quality-demo-red)](https://curity.io/resources/code-examples/status/)\n[![Availability](https://img.shields.io/badge/availability-source-blue)](https://curity.io/resources/code-examples/status/)\n\nAn authenticator accepting a nonce issued by the token profile for the purpose of native SSO. It is made to work similar to [OpenID Connect Native SSO](https://openid.net/specs/openid-connect-native-sso-1_0.html), but using the Hypermedia Authentication API instead of token exchange. \n\nThis is just a demo of the capability and is not production ready.\n\n## Configuration\n\nConfigure the token endpoint to issue a nonce together with the issued tokens. Similar to following:\n\n```javascript\nvar nonceIssuer = context.getNonceTokenIssuer('default');\nvar nonceAttributes = {};\nnonceAttributes.subject = context.subjectAttributes();\nnonceAttributes.context = context.contextAttributes();\nnonceAttributes.created = accessTokenData.iat;\nnonceAttributes.expires = refreshTokenData.exp;\n```\n\n## Building the Plugin\n\nYou can build the plugin by issue the command `./gradlew packageJar`. This will produce a folder in the `build` directory with the plugin JAR file and all the dependencies needed called `authenticators.device-secret`, which can be installed.\n\n## Installing the Plugin\n\nTo install the plugin, copy the contents of the `authenticators.device-secret` folder into `${IDSVR_HOME}/usr/share/plugins` on each node, including the admin node. For more information about installing plugins, refer to the [curity.io/plugins](https://support.curity.io/docs/latest/developer-guide/plugins/index.html#plugin-installation). \nIf you are installing on the same machine, make sure that `IDSVR_HOME` is correctly exported in your shell, and iss `./gradlew deploy` to build and copy the correct files.\n\n## More Information\n\nPlease visit [curity.io](https://curity.io/) for more information about the Curity Identity Server.\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Fdevice-secret-authenticator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcurityio%2Fdevice-secret-authenticator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Fdevice-secret-authenticator/lists"}