https://github.com/authlib/example-oidc-server
Example for OpenID Connect 1.0 Server for Authlib.
https://github.com/authlib/example-oidc-server
Last synced: 6 months ago
JSON representation
Example for OpenID Connect 1.0 Server for Authlib.
- Host: GitHub
- URL: https://github.com/authlib/example-oidc-server
- Owner: authlib
- Created: 2019-08-11T05:52:15.000Z (over 6 years ago)
- Default Branch: master
- Last Pushed: 2025-04-30T08:34:53.000Z (9 months ago)
- Last Synced: 2025-06-27T00:40:23.767Z (7 months ago)
- Language: Python
- Homepage: https://authlib.org/
- Size: 12.7 KB
- Stars: 63
- Watchers: 1
- Forks: 35
- Open Issues: 12
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Example of OpenID Connect 1.0 Provider
This is an example of OpenID Connect 1.0 server in Flask and [Authlib](https://authlib.org/).
- Documentation:
- Authlib Repo:
---
## Take a quick look
This is a ready to run example, let's take a quick experience at first. To
run the example, we need to install all the dependencies:
$ pip install -r requirements.txt
Set Flask and Authlib environment variables:
# disable check https (DO NOT SET THIS IN PRODUCTION)
$ export AUTHLIB_INSECURE_TRANSPORT=1
Create Database and run the development server:
$ flask initdb
$ flask run
Now, you can open your browser with `http://127.0.0.1:5000/`, login with any
name you want.
Before testing, we need to create a client:
**NOTE: YOU MUST ADD `openid` SCOPE IN YOUR CLIENT**
Let's take `authorization_code` grant type as an example. Visit:
```
http://127.0.0.1:5000/oauth/authorize?client_id=${CLIENT_ID}&scope=openid+profile&response_type=code&nonce=abc
```
After that, you will be redirect to a URL. For instance:
```
https://example.com/?code=RSv6j745Ri0DhBSvi2RQu5JKpIVvLm8SFd5ObjOZZSijohe0
```
Copy the code value, use `curl` to get the access token:
```
curl -u "${CLIENT_ID}:${CLIENT_SECRET}" -XPOST http://127.0.0.1:5000/oauth/token -F grant_type=authorization_code -F code=RSv6j745Ri0DhBSvi2RQu5JKpIVvLm8SFd5ObjOZZSijohe0
```
Now you can access the userinfo endpoint:
```bash
$ curl -H "Authorization: Bearer ${access_token}" http://127.0.0.1:5000/oauth/userinfo
```