OAuth 2.0 and OpenID Connect libraries for C

Just about 5 years ago I started to develop an OpenID Connect plugin for the Apache web server.  Over the years it has become a pretty popular project and lots and lots of input from real world experience has come along to improve it. As with all software, there comes a time to revisit the initial idea, the design choices and the scope of the project and that is exactly what I have done over the last 6 months.

I found that a lot of existing code could be refactored into a generic OAuth/OIDC library for C and that that library could then conveniently be used to build C-based plugins for various web servers and reverse proxies, not just Apache. This is similar to the approach that mod_security version 3 took. Today marks the announcement of such libraries for OAuth 2.0 / OpenID Connect and the availability some of these plugins. Here’s what I came up with so far:

And here is the first batch of plugins built on those libraries:

Note that over the course of 2019 I will rewrite mod_auth_openidc into version 3 that leverages liboauth2 and at the same time develop a native plugin (called ngx_openidc_module) for NGINX.

Please reach out to me if you want to be an early adopter of the new stuff and are willing to provide feedback.