Metadata-Version: 2.1
Name: aws-oidc-broker
Version: 0.1.0
Summary: 
Keywords: packaging,poetry
Author: Rishang
Requires-Python: >=3.8
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Topic :: Software Development :: Build Tools
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Requires-Dist: authlib (>=1.2.0,<2.0.0)
Requires-Dist: boto3 (>=1.26.54,<2.0.0)
Requires-Dist: flask (>=2.2.2,<3.0.0)
Requires-Dist: gunicorn (>=20.1.0,<21.0.0)
Requires-Dist: pyjwt (>=2.6.0,<3.0.0)
Requires-Dist: python-dotenv (>=0.21.1,<0.22.0)
Requires-Dist: requests
Requires-Dist: rich (>=13.2.0,<14.0.0)
Requires-Dist: typer (>=0.7.0,<0.8.0)
Description-Content-Type: text/markdown

# AWS OpenID Credential Broker

OpenID Based Identity Credential Broker for AWS (Built as an alternative to AWS SSO to support OpenID Federation)

![demo image](.github/images/panel.png)


## Broker authentication flow 

```mermaid
sequenceDiagram;

participant User;
participant Broker;
participant IDP;
participant AWS;

User -->> Broker: Login via IDP
Broker -->> IDP: Forward Auth Request
IDP -->> Broker: IDP Login Successful
User -->> Broker: Open AWS Console
Broker -->> AWS: Request Session
AWS -->> Broker: Login Successfull
Broker -->> Browser: Open AWS Console
```

## Getting Started

Quick Start with docker compose

```bash
docker-compose up -d
```

### Prerequisites

- python3
- virtualenv
- docker
- docker-compose


### Installing

A step by step series of examples that tell you how to get a development env running

Clone the Project 

```bash
git clone https://github.com/Rishang/aws-oidc-broker.git
```

Initialzing virtualenv

```bash
cd aws-oidc-broker
python -m venv venv
source ./venv/bin/activate
```

Installing Dependencies

```bash
pip install -r requirements.txt
```

Configure .env file or perform export of those variables

```bash
cp .env.example .env
```

Configure environment variables as required.

## Environment Variables for KEYCLOAK integration

| VARIABLE NAME | Example VALUE | DESCRIPTION | REQUIRED |
| --- | --- | --- | --- |
| `KEYCLOAK_CLIENT_ID` | `aws-oidc`| Client ID | yes |
| `KEYCLOAK_WELLKNOWN` | `https://example.dev/realms/test/.well-known/openid-configuration` | Keycloak well-known openid URL | yes |
| `APP_SECRET` | `!apppasswd` | optional env variable to set encrytion secret | no |
| `TITLE` | `Example Broker` | Title to display on Broker UI | no |

## Deployment

Add additional notes about how to deploy this on a live system

## Built With

- [Flask](https://flask.palletsprojects.com/) - The web framework used

- [VueJs](https://vuejs.org/) - The web framework for building web user interfaces.

