Skip to main content

About

STOPnik is a small, fast and secure authorization server with an minimal amount of dependencies.

Dependencies

Currently, STOPnik only depends on

SpecificationsImplementation
The OAuth 2.0 Authorization FrameworkYes
Proof Key for Code Exchange by OAuth Public ClientsYes
OAuth 2.0 Token IntrospectionYes
OAuth 2.0 Token RevocationYes
JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization GrantsYes
JSON Web Token (JWT)Dependency
OAuth 2.0 Authorization Server MetadataPartially
OAuth 2.0 Device Authorization GrantPlanned
The OAuth 2.0 Authorization Framework: Bearer Token UsagePlanned
Resource Indicators for OAuth 2.0Planned
OAuth 2.0 Authorization Server Issuer IdentificationPlanned
OpenID Connect Core 1.0Partially
OpenID Connect Discovery 1.0Partially
OpenID Connect Session Management 1.0Planned
OpenID Connect Front-Channel Logout 1.0Planned

Why STOPnik exists?

In general this project was started to learn OAuth2, OpenId Connect and Go. Furthermore, it was also created to be used in a Homelab and VPS to replace the current Keycloak, which adds too much load to the VPS and has to many configuration possibilities.

STOPnik does not have any persistence layer and will only work in-memory with the clients and users defined in the configuration file (YAML). When restarted, all issued tokens will become invalid/forgotten by STOPnik.

You still may consider using another authorization server.

STOPnik alternatives

The awesome work of other servers is very appreciated, most of them were the inspiration for this small project! ♥️

They add features like persistence and access to user directories like LDAP.