oxd-server Installation#

System Requirements#

oxd needs to be deployed on a server or VM with the following minimum requirements.

CPU Unit RAM Disk Space Processor Type
1 400MB 200MB 64 Bit

Note

oxd requires Java version 1.8

oxd 4.0 works with CE 3.1.6 and above.

Linux Packages#

Before the installation, make sure that Java 8 is installed on your OS. Please check it with

# java -version
java version "1.8.0_181"
If the above command confirms that Java 8 is installed, you can go on with the oxd installation.

The oxd Linux packages provide an easy way to install the oxd-server. Follow the steps below to get started:

Step 1: Find the proper Linux package below.

Step 2: After the installation, configure your oxd server.

Step 3: Run oxd server:

Ubuntu 18.04 (bionic)#

echo "deb https://repo.gluu.org/ubuntu/ bionic-devel main" > /etc/apt/sources.list.d/gluu-repo.list
curl https://repo.gluu.org/ubuntu/gluu-apt.key | apt-key add -
apt-get update
apt-get install oxd-server

Ubuntu 16.04 (xenial)#

echo "deb https://repo.gluu.org/ubuntu/ xenial-devel main" > /etc/apt/sources.list.d/gluu-repo.list
curl https://repo.gluu.org/ubuntu/gluu-apt.key | apt-key add -
apt-get update
apt-get install oxd-server

Debian 9 (stretch)#

echo "deb https://repo.gluu.org/debian/ stretch-testing main" > /etc/apt/sources.list.d/gluu-repo.list
curl https://repo.gluu.org/debian/gluu-apt.key | apt-key add -
apt-get update
apt-get install oxd-server

CentOS 7#

wget https://repo.gluu.org/centos/Gluu-centos-7-testing.repo -O /etc/yum.repos.d/Gluu.repo
wget https://repo.gluu.org/centos/RPM-GPG-KEY-GLUU -O /etc/pki/rpm-gpg/RPM-GPG-KEY-GLUU
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-GLUU
yum clean all
yum install oxd-server

RHEL 7#

wget https://repo.gluu.org/rhel/Gluu-rhel-7-testing.repo -O /etc/yum.repos.d/Gluu.repo
wget https://repo.gluu.org/rhel/RPM-GPG-KEY-GLUU -O /etc/pki/rpm-gpg/RPM-GPG-KEY-GLUU
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-GLUU
yum clean all
yum install oxd-server

Service Operations#

Ubuntu 16.04 (xenial)

Operation Command
Start oxd server /etc/init.d/oxd-server start
Stop oxd server /etc/init.d/oxd-server stop
oxd server status /etc/init.d/oxd-server status
Restart oxd server /etc/init.d/oxd-server restart

Ubuntu 18.04 (bionic)/Debian 9 (stretch)/CentOS 7/RHEL 7

Operation Command
Start oxd server systemctl start oxd-server
Stop oxd server systemctl stop oxd-server
oxd server status systemctl status oxd-server
Restart oxd server systemctl restart oxd-server

Manual installation#

The oxd-server is a self-contained program.

To run oxd-server:

  1. download oxd distribution zip: https://ox.gluu.org/maven/org/gluu/oxd-server/4.0.b1/oxd-server-4.0.b1-distribution.zip

  2. create a new directory ($OXD_SERVER_HOME) with appropriate name and unzip the downloaded oxd-server-4.0.b1-distribution.zip into it.

  3. move to $OXD_SERVER_HOME/conf folder and edit oxd-server.yml file to make necessary configuration changes (like setting correct absolute path of oxd-server.keystore in keyStorePath property etc.)

  4. now go to $OXD_SERVER_HOME/bin folder and start oxd-server using below command

Windows:

oxd-start.bat 

Linux:

sh oxd-start.sh

Manual Build oxd-server Server#

If you're a Java geek, you can build the oxd-server server using Maven.

The code is available in Github.

The following command can be run inside the oxd folder to run the build:

  $ mvn clean package

oxd-server Uninstall Procedure#

Ubuntu 16.04 (xenial)#

/etc/init.d/oxd-server stop
sudo apt-get remove oxd-server
apt-get purge oxd-server

Ubuntu 18.04 (bionic)/Debian 9 (stretch)#

systemctl stop oxd-server
sudo apt-get remove oxd-server
apt-get purge oxd-server

CentOS 7/RHEL 7#

systemctl stop oxd-server
yum remove oxd-server
rm -rf /opt/oxd-server.save

Utility scripts#

View, delete entries inside the oxd-server database with lsox.sh or lsox.bat scripts#

There are four types of parameters which can be used by lsox.sh/lsox.bat files:

The script is located in /opt/oxd-server/bin/lsox.sh. If you hit the script without any parameters, it shows a hint:

yuriy@yuriyz:~/oxd-server-distribution/bin$ sh lsox.sh
BASEDIR=.
CONF=./../conf/oxd-server.yml
Missing required option: oxd_id
usage: utility-name
 -oxd_id,--oxd_id <arg>   oxd_id is unique identifier within oxd database
                          (returned by register_site and setup_client
                          commands)
 -l,--list                list all oxd_ids inside oxd database
 -d,--delete              deletes entry from oxd database                         

A typical call looks like this:

yuriy@yuriyz:~/oxd-server-4.0-SNAPSHOT-distribution/bin$ sh lsox.sh -oxd_id d8cc6dea-4d66-4995-b6e1-da3a33722f2e -a gf4566-dlt456-emtr56-ddmg5kd
BASEDIR=.
CONF=./../conf/oxd-server.yml

yuriy@yuriyz:~/oxd-server-4.0-SNAPSHOT-distribution/bin$JSON for oxd_id d8cc6dea-4d66-4995-b6e1-da3a33722f2e
{"scope":["openid","uma_protection","profile"],"contacts":[],"pat":null,"rpt":null,"oxd_id":"d8cc6dea-4d66-4995-b6e1-da3a33722f2e","op_host":"https://ce-dev4.gluu.org","op_discovery_path":null,"id_token":null,"access_token":null,"logout_redirect_uri":"https://client.example.com/cb","application_type":"web","redirect_uris":["https://client.example.com/cb"],"claims_redirect_uri":[],"response_types":["code"],"front_channel_logout_uri":[""],"client_id":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B390.5F6D.2051.A8C0","client_secret":"4a72e386-97ed-49a0-a338-cd448e5020b3","client_registration_access_token":"920fdb64-9bd7-4b5f-8a8c-8689e29860b8","client_registration_client_uri":"https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B390.5F6D.2051.A8C0","client_id_issued_at":1528879584000,"client_secret_expires_at":1528965984000,"client_name":null,"sector_identifier_uri":null,"client_jwks_uri":null,"token_endpoint_auth_signing_alg":null,"token_endpoint_auth_method":null,"is_setup_client":null,"setup_oxd_id":null,"setup_client_id":null,"ui_locales":["en"],"claims_locales":["en"],"acr_values":[""],"grant_types":["authorization_code","urn:ietf:params:oauth:grant-type:uma-ticket","client_credentials"],"user_id":null,"user_secret":null,"pat_expires_in":0,"pat_created_at":null,"pat_refresh_token":null,"uma_protected_resources":[],"rpt_token_type":null,"rpt_pct":null,"rpt_upgraded":null,"rpt_expires_at":null,"rpt_created_at":null,"oxd_rp_programming_language":"java"}