Top 23 Authorization Open-Source Projects
OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Compatible with MITREid.Project mention: User account over Internet | reddit.com/r/linuxadmin | 2021-05-10
If you just have some services/users at a remote location that you want to authenticate/authorize using your existing user directory, I’d recommend using OAuth2/OpenID Connect over https. This has the added benefit of enabling users to enroll multi-factor, federating with other identity providers (if you want), is more future proof (LDAP isn’t cloud native/friendly), and can be exposed to the Internet without the need of a VPN relatively safely. Another benefit is support for remote users and SaaS - for example, enabling users working from home to authenticate to SaaS applications using their directory login (without SSL/agent-VPNs or punching holes in firewall). Examples include: Okta(free tier permits 2000 monthly active users), Keycloak,Dex,ory.sh.
An authorization library that supports access control models like ACL, RBAC, ABAC in GolangProject mention: Permissions, PermissionGroups and GraphQL | reddit.com/r/graphql | 2021-05-30
Scout APM - Leading-edge performance monitoring starting at $39/month. Scout APM uses tracing logic that ties bottlenecks to source code so you know the exact line of code causing performance issues and can get back to building a great product faster.
Minimal authorization through OO design and pure Ruby classesProject mention: Gnarly Learnings from May | dev.to | 2021-06-01
Strong parameter assignment via Pundit
An open source, general-purpose policy engine.Project mention: Expose Open Policy Agent/Gatekeeper Constraint Violations for Kubernetes Applications with Prometheus and Grafana | dev.to | 2021-06-18
Open Policy Agent (OPA) and its Kubernetes targeting component Gatekeeper gives you means to enforce policies on Kubernetes clusters. What we mean by policies here, is a formal definition of rules & best practices & behavior that you want to see in your company's Kubernetes clusters. When using OPA, you use a Domain Specific Language called Rego to write policies. By doing this, you leave no room for misinterpretations that would occur if you tried to explain a policy in free text on your company's internal wiki.
The authorization Gem for Ruby on Rails.Project mention: Motor Admin - a modern Admin UI and Business Intelligence Rails engine | reddit.com/r/ruby | 2021-06-03
I am using cancancan I will check it out when it's done thx!
Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape.Project mention: Authelia is an open-source authentication/authorization server with 2FA/SSO | news.ycombinator.com | 2021-03-10
One thing that is missing from this list is open source language specific libraries. Projects such as https://oauthlib.readthedocs.io/en/latest/oauth2/server.html and https://github.com/doorkeeper-gem/doorkeeper
Depending on your use case, for example if you only have one application, you might be better off running something embedded in your app, or independent but using the same runtime/deployment environment. Then, when you are ready to add another app or integration, you should be able to introduce a standalone auth system more easily if appropriate (because all your auth interactions should be relatively standardized). I'm a big fan of standalone auth systems as a way to simplify access control and give a single view of a user/customer, but you can also succeed using open source embedded libraries.
When the moment comes to introduce a standalone system, you should consider a few dimensions (this list pulled from a previous comment of mine: https://news.ycombinator.com/item?id=26360048 ):
* open source or not
A binary authorization system for macOSProject mention: Does anyone use Google Santa for whitelisting? | reddit.com/r/macsysadmin | 2021-05-20
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
You can use casl to limit actions in Vue.
Role management library with resource scoping
Eloquent roles and abilities.Project mention: What Laravel permission package do you usually use? Does anyone come with Laravel Gate and Policy? | reddit.com/r/laravel | 2021-05-16
A generic, spec-compliant, thorough implementation of the OAuth request-signing logic
Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Node.js rate limit requests by key with atomic increments in single process or distributed environment.Project mention: How to rate limit a login route in Express using node-rate-limiter-flexible and Redis | dev.to | 2021-05-31
Rate limiting is a method used for controlling network traffic. It limits the number of actions a user can make per unit of time 1. In this tutorial, we will rate limit a login route to help protect it from brute force attacks. This limits the number of password guesses that can be made by an attacker. We'll use the npm package node-rate-limiter-flexible to count and limit the number of login attempts by key. Each key will have a points value that will count the number of failed login attempts. The keys will expire after a set amount of time. The key-value pairs will be stored in Redis, which is an open-source in-memory data structure store. It has many different use cases. We will use it as a simple database. Redis is simple to use and it is very fast. We'll create an online instance of Redis, connect it to an express application, and then use the Redis command-line interface (redis-cli) to view the database. A prerequisite for this tutorial is an ExpressJS application with a login route and user authentication.
Extensible security first OAuth 2.0 and OpenID Connect SDK for Go.Project mention: Ory Hydra: Open Source OAuth2/OIDC Provider | reddit.com/r/golang | 2021-01-13
We are using https://github.com/ory/fosite at work with great success.
An authorization library that supports access control models like ACL, RBAC, ABAC in Node.js and BrowserProject mention: Social network on microservices | reddit.com/r/node | 2021-06-17
If you are looking for something a little more complex, declarative and flexible, casbin has been around for quite some time. Also consider, oso. It looks like a more modern and feature-rich tool to me.
An authorization library that supports access control models like ACL, RBAC, ABAC in JavaProject mention: Casbin: An authorization library that supports access control models like ACL, RBAC, ABAC in Java | reddit.com/r/java | 2021-04-08
A framework agnostic authentication & authorization system. (by cartalyst)
Awesome Django authorization, without the database
An Elixir Authentication System for Plug-based Web Applications
Robust, modular, and extendable user authentication systemProject mention: Questions about Nuxt auth & refresh tokens | reddit.com/r/Nuxt | 2021-04-04
I have a Nuxt.js app with Nuxt Auth module for authentication. My backend is in Phoenix with Pow used to handle authentication. When I log in I get 2 tokens from my backend: access token and a refresh token. I can't find any relevant documentation on how to make use of the refresh tokens with Nuxt Auth, so any advice would be highly appreciated.
StarHackIt: React/Native/Node fullstack starter kit with authentication and authorisation, data backed by SQL, the infrastructure deployed with GruCloudProject mention: Setup KOPS on AWS with GruCloud | dev.to | 2021-04-26
Would you like to deploy a full stack application on EKS ? Choose the flavour depending on who is reponsible to create the load balancer, target groups, listener and rules:
What are some of the best open-source Authorization projects? This list will help you: