spec
Contract for the polyglot aice-auth module: OIDC OpenAPI 3.1 fragments, Postgres schema migrations, a Go conformance runner with cross-language test vectors, and shared GitLab CI templates.
git@gitlab.com:aice-lab/auth/spec.git
Latest commit
6d222d66 ·
README
aice-auth — Specification
The contract for the aice-auth polyglot authentication module: OIDC issuer OpenAPI definitions, auth.* schema migrations, the cross-language conformance suite, and shared CI templates consumed by every implementation repo.
This repo does not contain a runnable authentication library — it defines the contract that every per-language implementation (auth/go, auth/php, auth/node, auth/flutter, auth/rn, auth/js) must satisfy.
What lives here
| Path | Purpose |
|---|---|
openapi/ | OIDC issuer endpoints, OpenAPI 3.1 fragments + bundle |
schema/postgres/ | auth.* Postgres migrations (golang-migrate format) |
conformance/runner/ | Go CLI that validates an issuer against vectors |
conformance/vectors/ | Cross-language test vectors (JWT verify, refresh rotation, JWKS rotation, OIDC flow, account lifecycle) |
.gitlab/ci-templates/ | Shared CI templates included by every implementation repo |
docs/concepts/ | Concept guides consumed by the central docs site |
Quickstart
For implementation authors:
git clone git@gitlab.com:aice-lab/auth/spec.git
cd spec
make conformance-runner # builds bin/aice-auth-conformance
./bin/aice-auth-conformance run-all --issuer-url https://localhost:8443 --vectors ./conformance/vectors
License
Source: FSL-1.1-Apache-2.0 (see LICENSE and LICENSE.FAQ.md).
Documentation
Full documentation: https://auth.aice-lab.org
Contributing
See CONTRIBUTING.md. All commits require DCO sign-off.
Reporting security issues
See SECURITY.md. Do not open public issues for vulnerabilities.
This is a snapshot generated from GitLab. For the live README, see the project page.