# SimpleIdP

Self-hosted OAuth 2.0 / OpenID Connect identity provider built with ASP.NET Core 8.0 and SimpleIdServer.

## Features

- OAuth 2.0 Authorization Code flow with PKCE support
- OpenID Connect authentication
- Multiple authentication methods:
  - Password-based
  - SMS-based
  - OTP (One-Time Password)
  - WebAuthn (FIDO2)
  - Mobile-based
  - Email-based
  - Console-based
  - Verifiable Presentations
- Multi-realm support
- User management with roles and claims
- Client management with configurable redirect URIs
- Refresh tokens with configurable expiration
- Consent management

## Technology Stack

- **Framework**: .NET 8.0
- **Identity Server**: SimpleIdServer 6.0.*-*
- **UI**: Razor Pages
- **Container**: Docker (multi-stage build)

## Configuration

Configuration is loaded from JSON files in the `config/` directory:

- `users.json` - User definitions (username, password, email, roles, claims, consents)
- `clients.json` - OAuth 2.0 client definitions
- `realm.json` - Realm configuration
- `scopes.json` - Available scopes and claim mappers
- `api.json` - API resource definitions

## Quick Start

### Run Locally

```bash
dotnet run
```

The server starts on:
- HTTPS: `https://localhost:65455`
- HTTP: `http://localhost:65456`

### Run in Docker

```bash
docker build -t simpleidp .
docker run -p 8080:8080 simpleidp
```

## Default Credentials

The default user is defined in `config/users.json`:

- Username: `administrator`
- Password: `password`
- Email: `adm@mail.com`

## Docker Hub

Image: `mareklesko/simpleidp`

## CI/CD

GitLab CI pipeline builds and pushes Docker images on `dev` and `main` branches.