Kong: Kong Integration with Exernal oAuth Provider

I found a useful plugin. Https://github.com/mogui/kong-external-oauth

@bad79s that code could use some help. Most notably lacks tests, but also defines a bunch of globals and some non-optimal (performance wise) language constructs.

So if there are some good open source citizens here, then you might want to give @mogui a hand :smile:

hi there!
I was in the same need as @rgottumu so I wrote it myself,
@Tieske I would love to have an hand because that was my very first thing written in lua (hence the bad constructs :P) and yes I didn't have a clue on how to test it being oauth flow so much based on human actions

An OpenID Connect Relying Party plugin would make it possible to delegate the authentication to external Identity Management. Such a plugin would make it possible to use kong in enterprise environments where an IAM Service already exists and user duplication is not allowed or possible.

Some efforts where made towards a solution. see #2154 or https://github.com/mogui/kong-external-oauth

There is also an OpenResty module that would do the heavy lifting.
https://github.com/pingidentity/lua-resty-openidc

Implementing such a plugin would also reduce the need for the kong team for implementing further auth provider because with OID Connect one can always delegate the complex special cases to dedicated IAMs such auch keycloak, gluu, anvil.io, Azure AD, OpenIAM and many more.

Considering this answered, as @bad79s pointed out, we have a community plugin for this.

PS: an OIDC plugin from us is also in the works.

is there any roadmap or info about the progress regarding the OIDC plugin?

Will Mashape OIDC plugin be open source or Enterprise only?

Thanks to all for the discussion here. OpenID Connect is now available in Kong Enterprise Edition. Please see https://www.mashape.com/enterprise/ for more details. Thank you!