Step 1: Installation
re:claimID is implemented as part of GNUnet (Recommended version >=0.13.2).Currently, we recommend the use of our GNUnet docker image due to the lack of packages.
Docker image:
$ docker run -v $HOME/.local/share/gnunet:/root/.local/share/gnunet -p 7776:7776 -td reclaimid/gnunet-docker
Alpine Linux (edge, testing)
$ apk add gnunet
From source:
Please refer to the GNUnet installation tutorialsStep 2: Registering an OpenID Connect client
The easiest way to manage OpenID Connect client is through our CLI tool:
$ gem install reclaim-oidc
To register an OpenID Connect client, execute:
$ reclaim-oidc --add --client-name myclient --redirect-uri https://mywebsite.com/oidc_cb --description "My Client"
You can list all registered clients and your local OpenID Connect metadata required to initiate an authorization code flow by executing:
$ reclaim-oidc --list
The response will look like this
OpenID Connect Provider Information:
------------------------------------
Authorize Endpoint: http://localhost:7776/openid/authorize
Token Endpoint: http://localhost:7776/openid/token
JSON-Web-Token Algorithm: HS512
JSON-Web-Token key: secret
Example Authorization Redirect:
https://api.reclaim/openid/authorize?client_id=<client_id>&redirect_uri=<redirect_uri>&response_type=code&scope=email%20full_name&nonce=1234
Registered Clients:
-------------------
name: myclient
client_id: <client_id>
client_secret: <client_secret>
description: My Client
redirect_uri: https://mywebsite.com/oidc_cb
...
Step 3: Website integration
You can use the information above to integrate re:claimID as a generic OpenID Connect Identity Provider into the web application of your choice. The integration steps for this part depend on the application you use. Hence, please refer to your respective documentation or the OpenID Connect specifications.
The sources of our demo website can be found in our gitlab project.