Doorkeeper is an OAuth 2 authorization server and provider for Ruby on Rails and Grape applications. It provides the necessary framework to build an authorization server that issues and validates security tokens for third-party applications, effectively acting as a security middleware to protect API endpoints. The project integrates an identity layer via OpenID Connect to verify user identities and retrieve profile information. It supports a variety of security patterns, including the implementation of the PKCE flow for public clients and the issuance of stateless JSON Web Tokens. Its broade
Hydra is a headless identity server that functions as a certified OAuth2 and OpenID Connect provider. It is designed as an authentication engine that manages authorization handshakes and token lifecycles while remaining decoupled from the user interface. The project distinguishes itself through a headless architecture, allowing external management of login and consent flows. It provides specialized capabilities for dynamic client registration, JSON Web Token issuance, and a system for rotating encryption secrets without service downtime. The system covers a broad range of identity operations
This is a JSON Web Token authentication package for the Django REST Framework that manages stateless user identities. It serves as an authentication provider and token manager used to issue and validate signed tokens to maintain user sessions across multiple requests. The project implements a dual-token lifecycle, issuing short-lived access tokens and long-lived refresh tokens to balance security with session persistence. It features token rotation to prevent replay attacks and a blacklisting system to invalidate compromised credentials. Additionally, it supports sliding-window expiration to
Pig is a microservice-based RBAC permission management platform built on Spring Cloud and Spring Boot, with OAuth2 authentication and authorization at its core. It provides a dedicated authorization server that issues access and refresh tokens using authorization code, password, and refresh token grant types, while embedding role and permission checks into each microservice to secure API endpoints. The platform distinguishes itself through a comprehensive set of integrated capabilities, including automatic CRUD code generation from database schemas that produces controller, service, mapper, a