OIDC-Agent: Managing OpenID Connect Tokens on the Command Line
dc.contributor.author | Zachmann, Gabriel | |
dc.contributor.editor | Becker, Michael | |
dc.date.accessioned | 2019-10-14T11:50:17Z | |
dc.date.available | 2019-10-14T11:50:17Z | |
dc.date.issued | 2018 | |
dc.description.abstract | OpenID Connect is widely used in Authentication and Authorization Infrastructures including the infrastructures of multiple EU projects like INDIGO -DataCloud, the Human Brain Project or the European Open Science Cloud. Due to their nature, OpenID Connect Access Tokens are currently not straightforward to use from the command line. They have a high character count and are short lived. Therefore, they de facto have to be copied from a source providing the access token, most likely a web service. Considering this insufficient usability from the command line, our goal was to overcome this by developing a tool to manage OpenID Connect tokens. We present the design of this tool named oidc-agent and possible usages. The design is oriented at the ssh-agent, providing the user a familiar way to handle OpenID Connect tokens. By splitting the whole service into multiple components we also ensure privilege separation. We implemented a daemon to manage OpenID Connect tokens (oidc-agent), a tool for generating agent account conĄgurations (oidc-gen) and a tool for loading and unloading these configurations from the agent (oidc-add). Additionally, we provide application programming interfaces for agent clients through C and UNIX domain sockets. We also provide an example agent client (oidc-token) that can be used to easily get an access token from oidc-agent using the command line. Therefore, users do not need to handle long, unhandy access tokens, but the application can obtain an access-token through oidc-agent when needed. All components can be freely used and are available on GitHub under the MIT license. | en |
dc.identifier.isbn | 978-3-88579-448-6 | |
dc.identifier.pissn | 1614-3213 | |
dc.identifier.uri | https://dl.gi.de/handle/20.500.12116/28972 | |
dc.language.iso | en | |
dc.publisher | Gesellschaft für Informatik e.V. | |
dc.relation.ispartof | SKILL 2018 - Studierendenkonferenz Informatik | |
dc.relation.ispartofseries | Lecture Notes in Informatics (LNI) - Seminars, Volume S-14 | |
dc.subject | OpenID Connect | |
dc.subject | OIDC | |
dc.subject | oidc-agent | |
dc.subject | authorization | |
dc.subject | authentication | |
dc.subject | security | |
dc.subject | command line | |
dc.title | OIDC-Agent: Managing OpenID Connect Tokens on the Command Line | en |
dc.type | Text/Conference Paper | |
gi.citation.endPage | 21 | |
gi.citation.publisherPlace | Bonn | |
gi.citation.startPage | 11 | |
gi.conference.date | 26.-27. September 2018 | |
gi.conference.location | Berlin | |
gi.conference.sessiontitle | Informatik Grundlagen |
Dateien
Originalbündel
1 - 1 von 1