oauth2-authorization-server
Verified Safeby musabbozkurt
Overview
An OAuth2 Authorization Server providing secure authentication and authorization, enhanced with AI capabilities (chat, vector store, tool use) and file management features.
Installation
docker run -d --restart=always -p 9000:9000 oauth2-authorization-server:latestEnvironment Variables
- SPRING_DATASOURCE_URL
- DB_USERNAME
- DB_PASSWORD
- DEEP_SEEK_API_KEY
- MINIO_ENDPOINT
- MINIO_ACCESS_KEY
- MINIO_SECRET_KEY
- SPRING_LDAP_URL
- SPRING_LDAP_PASSWORD
- SPRING_LDAP_USER_DN
- SPRING_LDAP_USER_SEARCH_BASE
- SPRING_LDAP_USER_SEARCH_FILTER
Security Notes
The server implements standard Spring Security and OAuth2 Authorization Server best practices. It uses BCrypt for password encoding, handles JWTs, and employs secure cookie settings (Secure, HttpOnly). File uploads to MinIO/S3 generate UUID-based filenames to mitigate path traversal risks. Most sensitive configurations (database, AI keys, MinIO credentials, LDAP) are externalized via environment variables, with sensible defaults provided for local Docker Compose setup. The presence of example weak passwords in `docker-compose.yml` and README setup is noted, but they are clearly intended for local development and are configured for externalization in `application.yml` for production readiness. No 'eval', obfuscation, or explicit malicious patterns were found.
Similar Servers
mcp-framework
This repository provides a framework for integrating and managing OAuth authentication within a server application, potentially involving HTTP streaming.
springai-mcp-gateway
An OAuth 2.1 secured Spring AI MCP gateway enabling ChatGPT Connectors to interact with local development tools via a streamable HTTP endpoint.
mcp-oauth2-proxy
This project acts as an OAuth2 proxy to secure web applications or services, handling authentication and authorization through an OAuth2 provider.
mcp-s-oauth
Universal OAuth middleware for MCP (Model Context Protocol) servers, enabling authentication with various OAuth providers.