Skip to content

Latest commit

 

History

History
86 lines (66 loc) · 2.86 KB

README.md

File metadata and controls

86 lines (66 loc) · 2.86 KB

osmhydra 🐉

OSM/Hydra is an example of using OSM as an identity provider to Ory Hydra.

  • The example app in app/manage is an OAuth2 provider that uses OSM as a login.
  • The example client uses an access token and secret to read profile data created by a user in app/manage.

Installation

Requirements

  • Postgresql. On macOS, the easiest is to install Postgres.app.
  • NodeJS v8+
  • Docker & Docker Compose

Build the images:

docker-compose build

Setting up Hydra

  1. Create the database for tokens
createdb osmhydra

For the rest of this documentation, we will assume that the database location is postgres://postgres@localhost/osmhydra?sslmode=disable on your local machine. Inside docker, that location is postgres://postgres@host.docker.internal/osmhydra?sslmode=disable

  1. Create a a docker.env file with the following entries. OSM_CONSUMER_KEY and OSM_CONSUMER_SECRET are values obtained by creating a new OAuth app on openstreetmap.org
OSM_CONSUMER_KEY=<osm-hydra-app>
OSM_CONSUMER_SECRET=<osm-hydra-app-secret>
DSN=postgres://postgres@host.docker.internal/osmhydra?sslmode=disable
SECRETS_SYSTEM=<random-guid>
  1. Migrate the database
docker-compose run --rm hydra migrate sql --yes postgres://postgres@host.docker.internal/osmhydra?sslmode=disable
  1. Start Hydra and the server
docker-compose up

This will start hydra where the token issuer is at http://localhost:4444 and the admin interface is at http://localhost:4445. This also sets up the consent and login interface at http://localhost:8989 (where we will create a first-party oauth app)

Starting the first party app

Create the first party "manage" app

docker-compose exec hydra hydra clients create --endpoint http://localhost:4445 \
  --id manage \
  --secret manage-secret \
  --response-types code,id_token \
  --grant-types refresh_token,authorization_code \
  --scope openid,offline,clients \
  --callbacks http://localhost:8989/login/accept

✨ You can now login to the app at http://localhost:8989

Running the example

The example app authenticates using an access token minted by app/manage, so first we need to create a key pair.

  1. Go to http://localhost:8989/clients
  2. Create an app with the following inputs:
Name:
example-client

Callback URL:
http://localhost:9090/callback
  1. Click on "Add new app"
  2. Record the client_id and client_secret

Then, start the example-client:

npm install 
npm run example-client

When you navigate to http://localhost:9090 it will ask you for a key pair. After you enter your id and secret, you will be redirected to an example app.

This app uses the profile information in http://localhost:8989/profile to call OSMOSE. Try adding new places in your profile and see them displayed in the example client! Then try building your own client!.