tiny-is : A fun project where I'm building a light-weight framework that provides implementations of the OAuth 2.1 and OpenID Connect 1.0 specifications and other related specifications. The framework follows the OAuth 2.0 Security Best Current Practice
- Golang
- SQLite
- HTMX
- Create sqlite database
make create_db- Generate Keys
make generate_jwt_key
make generate_server_keypair- Run the server
make run- Authorization Code Grant with PKCE
- Only support with PKCE for better security
- Refresh Token Grant
- Client Credentials Grant
- Authorization Server Metadata
- JWT access and refresh tokens (EdDSA)
- Token revocation
- Add users
- Basic user authentication
- Basic application management (client_id, client_secret, redirect_uris, grant_types)
- in-memory session storage