An OAuth2 server that provides managed services for enterprise employees.
- Employee security information is stored in LDAP.
- Login authentication service and general membership settings.
- Reset password using email and mobile phone number.
- Create edit and delete employees by special members.
- Maintainable APP Client ID and Secret.
- Simple content article and link management.
- Generic OAuth2 authentication and authorization management.
- Directly CAS implement for V1 and V2.
uid
: Username, requiredcn
: Full Namegn
: FirstNamesn
: LastName, requirednickname
birthday
: YYYYmmddgender
: f, memail
: Emailmobile
: Cell phone numberavatarPath
: Avatar URIdescription
:joinDate
: YYYYmmdd
name
:description
:members
: []uid
- uid: Username
- name: DisplayName
GET | POST /authorize
GET | POST /token
GET | POST /info/{topic}
me
:{me: User}
me+{groupName}
:{me: User, group}
grafana
orgeneric
:{struct for grafana}
URI | Description |
---|---|
/login |
credential requestor / acceptor |
/logout |
destroy CAS session (logout) |
/validate |
service ticket validation |
/serviceValidate |
service ticket validation [CAS 2.0] |
/proxyValidate TODO |
service/proxy ticket validation [CAS 2.0] |
/proxy TODO |
proxy ticket service [CAS 2.0] |
/p3/serviceValidate TODO |
service ticket validation [CAS 3.0] |
/p3/proxyValidate TODO |
service/proxy ticket validation [CAS 3.0] |
# openldap
docker run --name staffio-ldap -p 389:389 -p 636:636 \
-e LDAP_ADMIN_PASSWORD=mypassword \
-d liut7/staffio-ldap:latest
# postgresql
docker create --name staffio-db-data -v /var/lib/postgresql busybox:1 echo staffio db data
docker run --name staffio-db -p 54322:5432 \
-e DB_PASS=mypassword \
-e TZ=Hongkong \
--volumes-from=staffio-db-data \
-d liut7/staffio-db:latest
# staffio main server
docker run --name staffio -p 3030:3030 \
-e STAFFIO_BACKEND_DSN='postgres://staffio:mypassword@staffio-db/staffio?sslmode=disable' \
-e STAFFIO_LDAP_HOSTS='ldap://slapd' \
-e STAFFIO_LDAP_BASE="dc=example,dc=org" \
-e STAFFIO_LDAP_BIND_DN="cn=admin,dc=example,dc=org" \
-e STAFFIO_LDAP_PASS='mypassword' \
--link staffio-db --link staffio-ldap:slapd \
-d liut7/staffio:latest web
# create a user as first staff and adminstrator
docker exec staffio staffio addstaff -u eagle -p mysecret -n eagleliut --sn liut
docker exec staffio staffio group -g keeper -a eagle
# now can open http://localhost:3030/ in browser
# add a oauth2 client (optional)
docker exec staffio staffio client --add demo --uri http://localhost:3000
# list clients
docker exec staffio staffio client --list
## for testing database
echo "CREATE DATABASE staffiotest WITH OWNER = staffio ENCODING = 'UTF8';" | docker exec -i staffio-db psql -Upostgres
echo "GRANT ALL PRIVILEGES ON DATABASE staffiotest to staffio;" | docker exec -i staffio-db psql -Upostgres
go get -u github.com/liut/staffio
cp -n .env.example .env
cat .env.example
STAFFIO_HTTP_LISTEN=":3000"
STAFFIO_LDAP_HOSTS=slapd.hostname
STAFFIO_LDAP_BASE="dc=example,dc=org"
STAFFIO_LDAP_BIND_DN="cn=admin,dc=example,dc=org"
STAFFIO_LDAP_PASS="mypassword"
STAFFIO_BACKEND_DSN="postgres://staffio:mypassword@localhost:54322/staffio?sslmode=disable"
STAFFIO_PASSWORD_SECRET="mypasswordsecret"
go get -u github.com/ddollar/forego
go get -u github.com/liut/rerun
npm install
forego start
make dist package
scp dist/linux_amd64/staffio remote:/opt/staffio/bin/
make fe-build
rsync -rpt --delete templates htdocs remote:/opt/staffio/
forego run ./staffio addstaff -u eric -p AF1984 -n George --sn Blair
Peoples and groups sync with WxWorkSignin with WxWork- Notification
- Export for backup
- Batch import or restore from backup
- I18n