KrakenD VS Doorkeeper

KrakenD and Lura https://github.com/krakendio/krakend-ce https://github.com/luraproject/lura

I was trying to look up the license for that project and the repo linked from the footer of their website is https://github.com/krakendio/krakend-ce#readme (Apache 2), but because I just did a web search for krakend there is also https://github.com/luraproject/lura#readme which says it's from the Linux Foundation (also Apache 2)

Is KrakenD some kind of generic term, or does that project just have a complex history?

https://github.com/luraproject/lura api gateway framework

Thanks for the pointer to Express API Gateway.

A took a look at Krakend a while back, and it didn't seem to support it either [1]

[1] https://github.com/devopsfaith/krakend/issues/274

The doorkeeper gem.

Take a look at doorkeeper.

Disclosure: I work for FusionAuth.

Depends on what you are looking for.

If you want a standalone auth server, you can use FusionAuth in docker/docker-compose: https://fusionauth.io/docs/v1/tech/installation-guide/docker

You can also package up a library; most major languages have one or more OAuth/OIDC libraries: https://github.com/doorkeeper-gem/doorkeeper for Ruby, https://spring.io/projects/spring-security for Spring/Java, https://oauth2.thephpleague.com/ for PHP, https://pypi.org/project/oauthlib/ for Python.

https://oauth.net/code/ has a further selection of libraries in a variety of languages.

Are there any code examples to implement the PKCE flow in Doorkeeper? I am a bit confused on how to implement it here: https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-PKCE-flow

For authorization we use Doorkeeper gem with PKCE flow.

One thing that is missing from this list is open source language specific libraries. Projects such as https://oauthlib.readthedocs.io/en/latest/oauth2/server.html and https://github.com/doorkeeper-gem/doorkeeper

Depending on your use case, for example if you only have one application, you might be better off running something embedded in your app, or independent but using the same runtime/deployment environment. Then, when you are ready to add another app or integration, you should be able to introduce a standalone auth system more easily if appropriate (because all your auth interactions should be relatively standardized). I'm a big fan of standalone auth systems as a way to simplify access control and give a single view of a user/customer, but you can also succeed using open source embedded libraries.

When the moment comes to introduce a standalone system, you should consider a few dimensions (this list pulled from a previous comment of mine: https://news.ycombinator.com/item?id=26360048 ):

   * open source or not