This service implements a headless OAuth2 login/consent provider that bridges Ory Hydra (OAuth2 server with DCR) and Google OAuth (identity provider without DCR support).
This can be used as a connector in an AI Agent like Claude.ai that requires DCR, which Google doesn't support. The code uses Ory Hydra as a OpenID Connect provider and Google as the OAuth Provider, routing a single client_id to your Google endpoint and keeping all of the client information local in a PostGres DB, and using Redis for caching and sessions.
The underlying code originated from https://github.com/ory/hydra-login-consent-node, yet was completely modified to be written in typescript and only the API calls.
Installation/documentation still depends on salt, which is fine if it can be dockerized Assumption that OAuth provider is google needs to be removed Likely More
In words, I could not write myself: Detailed breakdown of this OAuth2 flow
The code is written to run behind a proxy, or directly. It was developed behind HAProxy -> Nginx -> App. Local development does not enable https
To run this locally,
Simply change into the root of the repository:
- Update LocalDev settings, see local.env
- Run only watching compile errors
npm run tswatch - Launch the application
npm run build && npm run serve:local
- TODO
Virtual Host configuration, for Nginx.
- A single variable
private_ipis required to speak to the upstream docker containers