英文:
Confused between Ory Hydra and Ory Kratos for creating full-blown idp
问题
我有一个项目,我想要构建一个完整的 IDP(使用 Golang)。从技术上讲,用户想要使用我的服务来进行单点登录到另一个系统。我希望从零开始构建这个服务。在研究开源的 IDP 解决方案时,我遇到了 ory/Hydra 和 ory/Kratos。我查阅了它们的文档并完成了一个快速入门教程。但我仍然对上述两个库中哪个适合开发这个服务感到困惑。
从高层次的角度来看,这是我想要做的事情:
- 存在一个现有的第三方 Web 应用 X。
- 用户已经拥有我的服务 Y 的登录凭据。
- 用户想要在应用 X 中发表一些评论。
- 如果用户未登录,则将其重定向到我的服务 Y 的登录界面。
- 登录后,回调 URL 将其带回应用 X 的评论部分。
英文:
I have a project where I want to build a full-blown IDP (using Golang). So technically, a user wants to SSO into another system using my service. I am looking to build this service from scratch. Upon researching for open-source IDP solutions, I came across ory/Hydra and ory/Kratos. I went through their documentation and did a quick-start tutorial. I am still confused about which of the above 2 libraries are suitable for the development of this service.
From a high-level standpoint, this is what I am trying to do.
- There is an existing third-party web app X.
- A user has already login credentials for my service Y.
- A user wants to post some comments in app X.
- He/She is redirected to my service Y login screen if not logged in.
- After login, the Callback URL returns him back to app X comment section.
答案1
得分: 6
ory/Kratos不是你要找的工具,因为它是为了满足用户管理的基本需求而设计的。
适合你的工具是ory/Hydra。我从它的文档中复制了以下内容:
> 如果你希望你不拥有的应用程序和网站将你的应用程序作为潜在的登录方式(例如与“使用Google登录”、“使用Apple登录”并列),ORY Hydra是适合你的工具。
来源:https://www.ory.sh/hydra/docs/concepts/before-oauth2
英文:
ory/Kratos is not what you are looking for because it is designed to answer your user management basic needs.
The right tool for you is ory/Hydra. I have copied this from its documentation:
> If you want apps and websites you don't own to use your application as
> a potential sign in (e.g. be listed alongside "Sign in with Google",
> "Sign in with Apple"), ORY Hydra is the right tool for you.
source: https://www.ory.sh/hydra/docs/concepts/before-oauth2
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论