fabric-oidc-proxy allows authenticating to Hyperledger Fabric blockchain using OIDC token. It gets, on behalf of OIDC tokenholder (humans, programs, etc), a membership (x509) certificate issued by Fabric CA, and signs transactions using their respective certificate.
- Hyperledger Fabric network. For quickstart, checkout our helm-charts)
- OIDC/OAuth2 provider that allows to add custom claims (We're using ZITADEL)
go build -o fabric-oidc-proxy .
./fabric-oidc-proxy start --port=8080Register and Enroll a user with the OIDC proxy
export FABRIC_PROXY_API=http://localhost:8080/api/v1curl -X POST -H "authorization: Bearer $TOKEN" $FABRIC_PROXY_API/account/enrollexample using asset-transfer chaincode-as-a-service
export TX_URL=$FABRIC_PROXY_API/default/assetcc/submit-transaction- InitLedger
curl -H "authorization: Bearer $TOKEN" -X POST -d '{"name": "InitLedger","args": []}' $TX_URL- GetAllAssets
curl -H "authorization: Bearer $TOKEN" -X POST -d '{"name": "GetAllAssets","args": []}' $TX_URL- CreateAsset
curl -H "authorization: Bearer $TOKEN" -X POST -d '{"name": "CreateAsset","args": ["demo-id-01", "blue", "10", "Sam", "100"]}' $TX_URL- UpdateAsset
curl -H "authorization: Bearer $TOKEN" -X POST -d '{"name": "UpdateAsset","args": ["demo-id-01", "blue", "10", "Sam", "1000"]}' $TX_URL- DeleteAsset
curl -H "authorization: Bearer $TOKEN" -X POST -d '{"name": "DeleteAsset","args": ["demo-id-01"]}' $TX_URL