Toker is a bridge between Shibboleth (SAML) and OAuth 2.0.
The administration GUI is available under /admin.
- Authorization end point
/authorize - Token end point
/exchange - Introspection end point
/introspect
The only supported method is authorization code grant. PKCE is mandatory for public clients and optional for confidential.
Scopes are, for now, unused by Toker itself but may be used by specific resource servers.
Run sbt and then ~dev/Jetty/debug.
This will run the application on port 8080 with remote JVM debugging available on port 8888.
All sources will be live reloaded.
dev/Jetty/stop to stop the application.
- Java
- SBT
- MariaDB
Needs to have a database called oauth accessible by the user oauth with the password oauth.
See jetty.xml for exact details.
There is a compose file available that will run everything for you, including MariaDB.
Run docker compose -f compose-local.yml up.
Application available on port 8080 and remote JVM debugging on 8888.
All sources will be live reloaded.
- Docker environment
To help use this when developing other services the test environment allows you,
with the right entitlements configured in SUKAT, to issue arbitrary tickets.
The entitlement required is (fully qualified) urn:mace:swami.se:gmai:dsv-user:toker-test.