Pitch
An OAuth 2.0 Provider library built on top of Swift NIO. Implementing RFC 6749, 6750 and 7662.
Motivations:
OAuth 2.0 is a popular authorisation framework used by many large applications. It allows smaller sites and applications to delegate authorisation (and authentication....ish) to large providers, such as Google and Facebook to allow them to manage the user information.
It also provides methods for users to allow 3rd party (and first party) applications access to their data, such as Twitter clients. Finally, it's popular amongst microservice architectures as a way of checking authorisation for different services.
Having an OAuth 2.0 provider library is important for any web framework. I know there is demand for this in Swift.
Development Plan:
Currently there is a server-side Swift project for Vapor 2 - GitHub - brokenhandsio/vapor-oauth: OAuth2 Provider Library for Vapor. This has an extensive test suite to cover the behaviour and different specs. A lot of this can probably be ported over. It has a dependency on Vapor, but no dependencies on any databases. All data layers are abstracted away, so this should be a case of converting all the that to EventLoopFuture
s. There will be some work to remove the Vapor dependencies on the routing logic and tests.
I did write the code quite a long time ago so it can probably do with some updating or writing with another years experience. I also promise to spell authorisation incorrectly throughout....
Original Message:
So I may open a can of worms with this, but might as well get it started at some point!
In the next month or two I will be migrating my OAuth 2.0 Provider library, GitHub - brokenhandsio/vapor-oauth: OAuth2 Provider Library for Vapor, to Vapor 3. I might as well take the opportunity to make it sit on top of Swift NIO and propose it as a project for the Server Working Group. It should be relatively straightforward to port to NIO, since all the data layers are abstracted away.
The project implements RFC 6749, 6750 and 7662 and has tests for all parts of the specs.
I know the process for incubation etc hasn't been defined but could be a fun one to start with!
Thoughts?