Tiny RP is a small OpenID Connect Relying Party client that authenticates the user at the configured OpenID provider and saves the user's id_token and access_token to cookies.
- Developed with
python 3.12
pip install --upgrade pip
pip install -r requirements.txt
Configuration variables are set as environment variables in a .env file. You can start from .env.example.
The app contacts url_oidc on startup and retrieves the authorization_endpoint, token_endpoint, revocation_endpoint and userinfo_endpoint values, which are used at /login, /callback, /logout and /userinfo respectively.
APP_HOST=localhostapp hostname that can be passed to containerAPP_PORT=8080app port that can be passed to container
cp .env.example .env # <- make changes
uvicorn main:app --reload --env-file .env
The docker image copies config.json from the current directory, so either edit the values before building the image, or mount a file with correct values into the container.
Build image
docker build -t cscfi/tiny-rp .
Run container
cp .env.example .env # <- make changes
docker run -p 8080:8080 --env-file .env cscfi/tiny-rp
- Navigate to http://localhost:8080/login
id_tokenandaccess_tokenare saved to cookies at http://localhost:8080/callback after authentication at OpenID provider- If a redirect address is configured
url_redirect(e.g. a UI) the user is redirected there along with the cookies. If left empty, the tokens are instead displayed in JSON.