{"id":22268088,"url":"https://github.com/curityio/example-python-openid-connect-client","last_synced_at":"2025-04-05T19:10:14.573Z","repository":{"id":37431521,"uuid":"71468087","full_name":"curityio/example-python-openid-connect-client","owner":"curityio","description":"An example website that implements OAuth 2.0 and OpenID Connect in Python","archived":false,"fork":false,"pushed_at":"2025-03-06T04:23:03.000Z","size":694,"stargazers_count":68,"open_issues_count":6,"forks_count":43,"subscribers_count":7,"default_branch":"master","last_synced_at":"2025-03-29T18:06:10.015Z","etag":null,"topics":["code-example","oauth2","openid-connect","website"],"latest_commit_sha":null,"homepage":"https://curity.io/resources/learn/python-openid-connect-client/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/curityio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-10-20T13:51:11.000Z","updated_at":"2025-03-11T17:59:51.000Z","dependencies_parsed_at":"2024-11-07T09:24:08.333Z","dependency_job_id":"737e3700-b6ca-4522-84da-a7e5ac1112bf","html_url":"https://github.com/curityio/example-python-openid-connect-client","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fexample-python-openid-connect-client","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fexample-python-openid-connect-client/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fexample-python-openid-connect-client/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fexample-python-openid-connect-client/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/curityio","download_url":"https://codeload.github.com/curityio/example-python-openid-connect-client/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247386262,"owners_count":20930619,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["code-example","oauth2","openid-connect","website"],"created_at":"2024-12-03T11:11:02.749Z","updated_at":"2025-04-05T19:10:14.536Z","avatar_url":"https://github.com/curityio.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# OpenID Connect Demo\n\n[![Quality](https://img.shields.io/badge/quality-demo-red)](https://curity.io/resources/code-examples/status/)\n[![Availability](https://img.shields.io/badge/availability-source-blue)](https://curity.io/resources/code-examples/status/)\n\nThis is a demo application to explain how the OpenID Connect code flow is implemented.\n\n## Usage\n\n```bash\n$ python app.py\n```\n\nFlask will start a web server listening on all interfaces that can be used for demo purposes. The webserver will use HTTPS with a certificate for localhost.\nBrowse to https://localhost:5443 to see the app.\n\n## Dependencies\n\n**python 3.x** (tested with python 3.9.1)\n\n**OpenSSL 1.0** to be able to do modern TLS versions. Python together with 0.9.x has a bug that makes it impossible to select protocol in the handshake, so it cannot connect to servers that have disabled SSLv2.\n\nPython dependencies can be installed by using PIP: `pip install -r requirements.txt`\n\n## settings.json\nSettings.json is used as a configuration file for the example app. Change the values to match your system.\n\nName                | Type    | Default  | Description\n--------------------| ------- | -------- | :---------------\n`issuer`            | string  |          | The ID of the token issuer. This is used for both OpenID Connect Discovery, and validating a ID Token. Mandatory for discovery\n`client_id`         | string  |          | The ID for the client. Used to authenticate the client against the authorization server endpoint.\n`client_secret`     | string  |          | The shared secret to use for authentication against the token endpoint.\n`dcr_client_id`     | string  |          | The client ID of the client for to use for registration.\n`dcr_client_secret` | string  |          | The client secret of the client for to use for registration.\n`scope`             | string  | `openid` | The scopes to ask for.\n`verify_ssl_server` | boolean | `true`   | Set to false to disable certificate checks.\n`debug`             | boolean | `false`  | If set to true, Flask will be in debug mode and write stacktraces if an error occurs. Some extra logging is also printed.\n`port`              | number  | `5443`   | The port that the Flask server should listen to\n`disable_https`     | boolean | `false`  | Set to true to run on http\n`base_url`          | string  |          | base url to be added to internal redirects. If this is not configured, the base url will be extracted from the first request to the index page\n`send_parameters_via`|string  | `query_string`|How request parameters should be sent to the authorization endpoint. Valid values are `query_string`, `request_object` or `request_uri`.\n`request_object_keys`|JSON object|       | The JSON Web Key (JWK) used to sign JWTs used when sending authorization request parameters by-value in a request object or by reference in a request URI. For example:\u003cbr\u003e`{`\u003cbr\u003e`\"kty\":\"RSA\",`\u003cbr\u003e`\"n\":\"0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw\",`\u003cbr\u003e`\"e\":\"AQAB\",`\u003cbr\u003e`\"d\":\"X4cTteJY_gn4FYPsXB8rdXix5vwsg1FLN5E3EaG6RJoVH-HLLKD9M7dx5oo7GURknchnrRweUkC7hT5fJLM0WbFAKNLWY2vv7B6NqXSzUvxT0_YSfqijwp3RTzlBaCxWp4doFk5N2o8Gy_nHNKroADIkJ46pRUohsXywbReAdYaMwFs9tv8d_cPVY3i07a3t8MN6TNwm0dSawm9v47UiCl3Sk5ZiG7xojPLu4sbg1U2jx4IBTNBznbJSzFHK66jT8bgkuqsk0GjskDJk19Z4qwjwbsnn4j2WBii3RL-Us2lGVkY8fkFzme1z0HbIkfz0Y6mqnOYtqc0X4jfcKoAC8Q\",`\u003cbr\u003e`\"p\":\"83i-7IvMGXoMXCskv73TKr8637FiO7Z27zv8oj6pbWUQyLPQBQxtPVnwD20R-60eTDmD2ujnMt5PoqMrm8RfmNhVWDtjjMmCMjOpSXicFHj7XOuVIYQyqVWlWEh6dN36GVZYk93N8Bc9vY41xy8B9RzzOGVQzXvNEvn7O0nVbfs\",`\u003cbr\u003e`\"q\":\"3dfOR9cuYq-0S-mkFLzgItgMEfFzB2q3hWehMuG0oCuqnb3vobLyumqjVZQO1dIrdwgTnCdpYzBcOfW5r370AFXjiWft_NGEiovonizhKpo9VVS78TzFgxkIdrecRezsZ-1kYd_s1qDbxtkDEgfAITAG9LUnADun4vIcb6yelxk\",`\u003cbr\u003e`\"dp\":\"G4sPXkc6Ya9y8oJW9_ILj4xuppu0lzi_H7VTkS8xj5SdX3coE0oimYwxIi2emTAue0UOa5dpgFGyBJ4c8tQ2VF402XRugKDTP8akYhFo5tAA77Qe_NmtuYZc3C3m3I24G2GvR5sSDxUyAN2zq8Lfn9EUms6rY3Ob8YeiKkTiBj0\",`\u003cbr\u003e`\"dq\":\"s9lAH9fggBsoFR8Oac2R_E2gw282rT2kGOAhvIllETE1efrA6huUUvMfBcMpn8lqeW6vzznYY5SSQF7pMdC_agI3nG8Ibp1BUb0JUiraRNqUfLhcQb_d9GF4Dh7e74WbRsobRonujTYN1xCaP6TO61jvWrX-L18txXw494Q_cgk\",`\u003cbr\u003e`\"qi\":\"GyM_p6JrXySiz1toFgKbWV-JdI3jQ4ypu9rbMWx3rQJBfmt0FoYzgUIZEVFEcOqwemRN81zoDAaa-Bk0KWNGDjJHZDdDmFhW3AN7lI-puxk_mHZGJ11rxyR8O55XLSe3SPmRfKwZI6yU24ZxvQKFYItdldUKGzO6Ia6zTKhAVRU\",`\u003cbr\u003e`\"alg\":\"RS256\",`\u003cbr\u003e`\"kid\":\"2011-04-29\"`\u003cbr\u003e`}`\n\n### Mandatory parameters if discovery is not available\nName                     | Type |  Description\n-------------------------|------|-------------\n`jwks_uri`               | URL  |  The URL that points to the JWK set. Mandatory if the openid scope is requested.\n`authorization_endpoint` |      |  The URL to the authorization endpoint.\n`token_endpoint`         | URL  |  The URL to the token endpoint.\n`registration_endpoint`  | URL  |  The URL to the registration endpoint.\n\n## Docker\nTo run the example in a Docker container, build an image and run a container like this.:\n\n```bash\n$ docker build -t curityio/openid-python-example .\n$ docker run -ti curityio/openid-python-example\n\n```\nAll setting can be set using an environment variable with uppercase letters. Example:\n```bash\n$ docker build -t curityio/openid-python-example\n$ docker run -e DEBUG=true -e ISSUER=se.curity -ti curityio/openid-python-example\n```\n## Docker Compose\nIn the root of the repository, there is a `docker-compose.yml`. Customize the settings using environment variables with uppercase letters.\n\n```bash\n$ docker-compose up\n```\n\n## Questions and Support\n\nFor questions and support, contact Curity AB:\n\n\u003e Curity AB\n\u003e\n\u003e info@curity.io\n\u003e https://curity.io\n\n\nCopyright (C) 2016 Curity AB.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Fexample-python-openid-connect-client","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcurityio%2Fexample-python-openid-connect-client","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Fexample-python-openid-connect-client/lists"}