#Authentication and OAuth

Open-source projects categorized as Authentication and OAuth
Language filter: + Ruby + Go + Java

Top 23 Authentication and OAuth Open-Source Projects

  • GitHub repo Devise

    Flexible authentication solution for Rails with Warden.

    Project mention: Ruby through the lens of Go | dev.to | 2021-04-16

    One of the things I love the most about Ruby is that it tends to coalesce around one or two really popular libraries. Rails is the big one obviously, but over time you see libraries designed for a particular purpose "winning" over other things. This includes things like linting/code analysis (Rubocop), authentication (Devise), testing (RSpec and Minitest) and more. The emphasis is on making something good great rather than making a lot of different good things.

  • GitHub repo jwt-go

    Golang implementation of JSON Web Tokens (JWT)

    Project mention: JWT and Go. How to integrate them with security requirements | dev.to | 2021-04-13

    The boilerplate application uses the dgrijalva / jwt-go library to work with JWTs. Besides the standard set of claims fields, this library allows you to describe additional fields. In the application, this makes it possible to write to the token the ID of the user to whom it was issued. The library supports the NewWithClaims () and Parse () functions used in the AuthHandler application to create and validate tokens. Also, the Echo framework has a JWT middleware that uses the specified library to validate tokens. This middleware is hooked up in the ConfigureRoutes () function of the template application that declares the routing.

  • GitHub repo casbin

    An authorization library that supports access control models like ACL, RBAC, ABAC in Golang

    Project mention: Casbin: An authorization library that supports access control models like ACL, RBAC, ABAC in Golang | reddit.com/r/golang | 2021-04-08
  • GitHub repo OmniAuth

    OmniAuth is a flexible authentication system utilizing Rack middleware.

    Project mention: Unsolicited Advice After My First Rails Project | dev.to | 2021-03-25

    For example, I wanted my users to be able to log in through Google, but I was having trouble getting Omniauth to work properly. Maybe it was interacting weirdly with some other part of my code and having a more simplified set up that looks the same would make it easier to spot the bad interaction, or maybe I just needed to start fresh because I missed something in the setup. Either way, perfect candidate for the sandbox! But even when I got it figured out there, I still couldn't get it to transfer over to my real project...

  • GitHub repo authelia

    The Single Sign-On Multi-Factor portal for web apps

    Project mention: Single Sign-On Solutions? | reddit.com/r/selfhosted | 2021-04-19

    Surprised no one has suggested Authelia, it’s pretty successful at balancing simple to use vs powerful. And supports LDAP. I’m pretty happy with it

  • GitHub repo Doorkeeper

    Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape.

    Project mention: Authelia is an open-source authentication/authorization server with 2FA/SSO | news.ycombinator.com | 2021-03-10

    One thing that is missing from this list is open source language specific libraries. Projects such as https://oauthlib.readthedocs.io/en/latest/oauth2/server.html and https://github.com/doorkeeper-gem/doorkeeper

    Depending on your use case, for example if you only have one application, you might be better off running something embedded in your app, or independent but using the same runtime/deployment environment. Then, when you are ready to add another app or integration, you should be able to introduce a standalone auth system more easily if appropriate (because all your auth interactions should be relatively standardized). I'm a big fan of standalone auth systems as a way to simplify access control and give a single view of a user/customer, but you can also succeed using open source embedded libraries.

    When the moment comes to introduce a standalone system, you should consider a few dimensions (this list pulled from a previous comment of mine: https://news.ycombinator.com/item?id=26360048 ):

       * open source or not

  • GitHub repo Authlogic

    A simple ruby authentication solution.

  • GitHub repo aws-doc-sdk-examples

    Welcome to the AWS Code Examples Repository. This repo contains code examples used in the AWS documentation, AWS SDK Developer Guides, and more. For more information, see the Readme.rst file below.

    Project mention: AWS SDK for .NET now supports Blazor WebAssembly!!! | reddit.com/r/dotnet | 2021-01-21

    /u/andyhoppatamazon any chance we can see some examples? There is nothing here https://github.com/awsdocs/aws-doc-sdk-examples

  • GitHub repo oauth2

    Go OAuth2

    Project mention: Handling authentication in Transport - is it good or bad? | reddit.com/r/golang | 2021-02-03

    Handling auth in a Transport is a common pattern, that's what x/oauth2 does for example: https://github.com/golang/oauth2/blob/master/transport.go#L20

  • GitHub repo Clearance

    Rails authentication with email & password.

    Project mention: Why am I having such a bad time with Rails? | reddit.com/r/rails | 2021-02-18

    ...because some folks prefer clearance to devise! :-D

  • GitHub repo goth

    Package goth provides a simple, clean, and idiomatic way to write authentication packages for Go web applications.

  • GitHub repo Devise Token Auth

    Token based authentication for Rails JSON APIs. Designed to work with jToker and ng-token-auth.

    Project mention: Devise, The Swiss Army Knife of Rails User Authentication. | dev.to | 2021-02-04

    As a side note, also check out devise_token_auth here

  • GitHub repo JWT

    A ruby implementation of the RFC 7519 OAuth JSON Web Token (JWT) standard.

    Project mention: Ruby Gem JWT Version 2.2.3 Released | news.ycombinator.com | 2021-04-20
  • GitHub repo authboss

    The boss of http auth.

  • GitHub repo warden

    General Rack Authentication Framework

    Project mention: Devise only allow one session per user at the same time | reddit.com/r/ruby | 2021-01-19

    Despite this approach works, it's polluting the controller with authentication logic. Given that Devise uses Warden under the hood, the same can be achieved by taking advantage of warden callbacks that will always get executed when a meaningful event is triggered.

  • GitHub repo OAuth2

    A Ruby wrapper for the OAuth 2.0 protocol. (by oauth-xx)

  • GitHub repo loginsrv

    JWT login microservice with plugable backends such as OAuth2, Google, Github, htpasswd, osiam, ..

  • GitHub repo go-jose

    An implementation of JOSE standards (JWE, JWS, JWT) in Go

  • GitHub repo go-oauth2-server

    A standalone, specification-compliant, OAuth2 server written in Golang.

  • GitHub repo gologin

    Go login handlers for authentication providers (OAuth1, OAuth2)

  • GitHub repo gorbac

    goRBAC provides a lightweight role-based access control (RBAC) implementation in Golang.

  • GitHub repo Sorcery

    Magical Authentication (by Sorcery)

    Project mention: Easy has_secure_password API authentication | dev.to | 2021-01-21


  • GitHub repo Rodauth

    Ruby's Most Advanced Authentication Framework

    Project mention: Behind The Scenes: Devise | reddit.com/r/ruby | 2021-02-04

    Another user who replied to you mentioned Rodauth, and I haven't tried it in my own applications yet but I would absolutely be willing to sink the time/energy into learning it over configuring Devise again.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2021-04-20.


What are some of the best open-source Authentication and OAuth projects? This list will help you:

Project Stars
1 Devise 21,580
2 jwt-go 9,414
3 casbin 9,061
4 OmniAuth 7,351
5 authelia 5,930
6 Doorkeeper 4,786
7 Authlogic 4,223
8 aws-doc-sdk-examples 3,637
9 oauth2 3,599
10 Clearance 3,396
11 goth 3,138
12 Devise Token Auth 3,135
13 JWT 3,056
14 authboss 2,631
15 warden 2,323
16 OAuth2 2,009
17 loginsrv 1,773
18 go-jose 1,750
19 go-oauth2-server 1,734
20 gologin 1,369
21 gorbac 1,160
22 Sorcery 1,014
23 Rodauth 955