Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/shimt/pam-exec-oauth2

Allows Linux user authentication to OAuth2 via pam_exec
https://github.com/shimt/pam-exec-oauth2

go linux oauth2 pam

Last synced: 10 days ago
JSON representation

Allows Linux user authentication to OAuth2 via pam_exec

Awesome Lists containing this project

README

        

# pam-exec-oauth2

**This repository is no longer maintained.**

## Install

```bash
go get github.com/shimt/pam-exec-oauth2

PREFIX=/opt/pam-exec-oauth2

sudo mkdir $PREFIX
sudo cp go/bin/pam-exec-oauth2 $PREFIX/pam-exec-oauth2
sudo touch $PREFIX/pam-exec-oauth2.yaml
sudo chmod 755 $PREFIX/pam-exec-oauth2
sudo chmod 600 $PREFIX/pam-exec-oauth2.yaml
```

## Configuration

### PAM

add the following lines to `/etc/pam.d/common-auth`.

```
auth sufficient pam_exec.so expose_authtok /opt/pam-exec-oauth2/pam-exec-oauth2
```

### pam-exec-oauth2.yaml

edit `/opt/pam-exec-oauth2/pam-exec-oauth2.yaml`

#### Azure AD

```yaml
{
client-id: "xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
client-secret: "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
redirect-url: "urn:ietf:wg:oauth:2.0:oob",
scopes: ["email"],
endpoint-auth-url: "https://login.windows.net/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/oauth2/authorize",
endpoint-token-url: "https://login.windows.net/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/oauth2/token",
extra-parameters: {
resource: "https://graph.windows.net/"
},
username-format: "%[email protected]",
}
```