Home
Softono
auth-server

auth-server

Open source MIT JavaScript
Website GitHub
18
Stars
0
Forks
3
Issues
1
Watchers
1 week
Last Commit
SSO & Authentication

About auth-server

auth-server is a self-hosted authentication server currently under active development. It provides authentication support for various fediverse platforms, handling both OAuth (Mastodon, Friendica, Pleroma, Akkoma, GoToSocial) and MiAuth (Misskey, Calckey, Firefish) protocols. Users are redirected to the auth-server with parameters specifying the method, instance domain, required scopes, and the app to authenticate with. The server then returns the user to the app's redirect URL along with an access token. An automatic fediverse mode detects the appropriate protocol based on the instance domain, falling back with an error parameter if the platform is unsupported. Configuration is managed through environment variables, including an encryption key, and through modules/apps.js where developers define their apps and redirect behavior. Apps can either redirect users back to their service with the token appended to the URL or display the token directly in the browser for manual copying. The server is designed to sim

Platforms

Web Self-hosted

Languages

JavaScript

Links

Website Source Code
s
Published by
stefanbohacek
Visit View Profile

README.md

View on GitHub

Authentication server

This project is currently under active development and is intended to be self-hosted.

How to use

Redirect your user to your authentication server while passing the following variables:

  • method:
    • fediverse: automatically detect the correct method (oauth or miauth) based on the domain
    • oauth: tested with Mastodon, Friendica, Pleroma, Akkoma, and GoToSocial
    • miauth: tested with Misskey and Calckey/Firefish
  • instance: domain name of the server your user needs to authenticate with (eg. mastodon.social)
  • scope: required scopes (eg: scope=read:accounts+read:follows)
  • app: id of your app the user will be redirected to (see modules/apps.js)

Example URL:

https://authserver.com/?method=fediverse&instance=mastodon.social&scope=read:accounts+read:follows&app=myapp

Example URL for fediverse platforms that support OAuth:

https://authserver.com/?method=oauth&instance=mastodon.social&scope=read:accounts+read:follows&app=myapp

Example URL for fediverse platforms that use MiAuth:

https://authserver.com/?method=miauth&instance=calckey.social&scope=read:account+read:following&app=myapp

Your users will be redirect to the app's redirect_url (from modules/apps.js) with the instance and token parameters passed in the URL.

https://myapp.com?instance=mastodon.social&token=ABCDE12345

If you're using the automatic fediverse method and an error occurs, the user will be instead redirected to redirect_url_fail and an error parameter will be passed.

Here's an example for when an instance that uses an unsuported fediverse platform is passed:

https://myapp.com?error=platform_not_supported

Development

  1. Install dependencies with npm install.
  2. Rename .env-copy to .env and update the contents of this file.
ENCRYPTION_KEY="random text here to be used as your encryption key"
  1. Update modules/apps.js.

You can either redirect the user to your app that requires an authentication token:

"my-app-1": {
    "name": "This is my app #1",
    "redirect_url": `https://myapp1.com/?instance=${options.instance}&token=${options.access_token}`
}

Or you can display the token in the browser for the user to copy:

"my-app-2": {
    "name": "This is my app #2",
    "showToken": true
}
  1. Run the authentication server locally:
npm run dev