generated from coulomb/repo-seed
tegwick
d35823df08
Add local-identity serve command: a minimal Authorization Code flow OIDC server backed by file-store users. Implemented natively with no heavy OIDC library — only stdlib http.server and the cryptography package. New modules: keys.py RSA-2048 signing key generation + JWKS helpers tls.py Self-signed TLS certificate (localhost/127.0.0.1 SANs) jwt_utils.py RS256 JWT creation and verification serve.py OIDCHandler + make_handler() factory + run_server() Endpoints: /.well-known/openid-configuration, /jwks, /auth, /token, /userinfo. Server binds to 127.0.0.1 only; tokens carry iss: local-identity which production Keycloak rejects by design. 104 tests passing (16 new for Stage 3). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
28 lines
529 B
TOML
28 lines
529 B
TOML
[project]
|
|
name = "local-identity"
|
|
version = "0.1.0"
|
|
description = "Zero-dependency bootstrap user store for net-kingdom environments"
|
|
requires-python = ">=3.11"
|
|
dependencies = [
|
|
"pyyaml>=6.0",
|
|
"cryptography>=42.0",
|
|
]
|
|
|
|
[project.scripts]
|
|
local-identity = "local_identity.cli:main"
|
|
|
|
[build-system]
|
|
requires = ["hatchling"]
|
|
build-backend = "hatchling.build"
|
|
|
|
[tool.hatch.build.targets.wheel]
|
|
packages = ["src/local_identity"]
|
|
|
|
[tool.pytest.ini_options]
|
|
testpaths = ["tests"]
|
|
|
|
[dependency-groups]
|
|
dev = [
|
|
"pytest>=8.0",
|
|
]
|