Support for OpenID Connect?

The first paragraph of the Silhouette documentation says it “supports several authentication methods, including OAuth1, OAuth2, OpenID, CAS, Credentials, Basic Authentication, Two Factor Authentication or custom authentication schemes.”

Is there any intention of adding OpenID Connect to that list?

Hi Byron,

there is an intention but to little time.

Best regards,
Christian

Hey @akkie, any update on this one?

@suhinini Not really, but I welcome any contribution.

I’m looking into adding OpenID Connect (OIDC) support. It’s pretty similar to Auth0 which is already in Silhouette: https://github.com/mohiva/play-silhouette/commits/master/silhouette/app/com/mohiva/play/silhouette/impl/providers/oauth2/Auth0Provider.scala

Would it be a weird idea if at the same time I make [code I feel I need to understand] simpler to read? (from my perspective. ) That’s is mostly about adding line breaks, sometimes writing out data types, or adding intermediate variables + data types to see what’s going on, and making invisible parameters visible (removing the implicit keyword)

Hmm I stumbled upon https://github.com/minutemen/silhouette which mentions support for OpenID Connect, and, seems it’s a partial rewrite of Silhouette? and a new authentication Pipeline concept?

Yes, this is the new framework agnostic version of Silhouette. The current play-silhouette Project will then only contain Play specific code. It uses a more functional style and it will be compatible with different IO implementations like ZIO, Cats Effect, Monix or Scala’s built-in Futures.

OpenID Connect is on my todo list, but as always, time is the limiting factor. The OpenID Connect implementation is not only a OAuth2 Provider like Auth0. It’s a complete different base provider based on OAuth2. It has more features like auto discovery, the retrieval of the ID token, … And then there will be different concrete OpenID Connect providers like Keycloak, …

Ok.

OpenID Connect is on my todo list

Some time later, when you get started with OIDC, maybe you’d find it interesting to look at KeyCloak’s docs about how KC does OIDC:

https://www.keycloak.org/docs/latest/server_admin/index.html#_identity_broker_oidc

Maybe that whole chapter, about “Identity Brokering”, could be interesting: https://www.keycloak.org/docs/latest/server_admin/index.html#_identity_broker
(it’s not the same as what you’ll build but a bit similar I think :- ))

(Personally, being a bit short of time, probably I’ll go with ScribeJava — they also sort of already have OIDC support, via their KeyCloak integration. A bit off-topic: I like that the ScribeJava code is, I think, easy to read. I’d be a bit careful when adding functional programming things to the upcoming Silhouette version … Although Haskell was my favorite language, I think that, in Scala, sometimes “too much” functional programming can actually make the code harder to read)