
如果你使用 DeepSeek、元宝 AI、Copilot、ChatGPT 等 AI 工具,协助配置轩辕镜像、编写 docker pull 命令、修改 Docker Compose 镜像地址、配置镜像加速、排查镜像拉取失败、分析报错日志等问题,请先让 AI 阅读并遵守轩辕镜像的规则文档。
只需在 AI 对话中先发送下面这句话即可:
请先完整阅读并严格遵守以下文档中的全部规则与要求:
https://xuanyuan.cloud/agents.md
在未充分阅读并理解该文档前,不要生成任何命令、配置、修改建议、故障排查方案或技术回答。后续所有输出都必须严格以该文档中的规范为最高优先级执行。查看 agents.md 用法指南与完整示范。国内用户首推 元宝 AI、DeepSeek 的深度思考模式,不推荐豆包 AI;Cursor 等编辑器可在对话 @ 该链接,或加入 User Rules。 若 AI 无法访问外链,可 打开说明文档 复制全文粘贴。文档会随站点更新,复制内容可能过期,建议定期检查。
A drop-in mock of Auth0's Authentication and Management
APIs for tests, local development, and CI. Same HTTP shapes and response
formats: point your SDK at the mock instead of *.auth0.com and your code
keeps running unchanged.
/.well-known/jwks.json with stock OSS libraries.(method, path) and validated
against the spec schema at registration time./.well-known/openid-configuration for clients that
bootstrap from a single base URL.:8080) and HTTPS
(:8443) listeners. Sub-second boot.bashdocker run --rm -p 8080:8080 -p 8443:8443 sergiught/auth0-mock:latest
Mint a token, register a stubbed Management API response, and call it:
bashTOKEN=$(curl -s -X POST http://localhost:8080/oauth/token \ -H 'Content-Type: application/x-www-form-urlencoded' \ -d 'grant_type=client_credentials&client_id=demo&client_secret=x&audience=http://localhost:8080/api/v2/' \ | jq -r .access_token) curl -X POST http://localhost:8080/admin0/expectations \ -H 'Content-Type: application/json' \ -d '{"method":"GET","path":"/api/v2/users/auth0|123","response":{"status":200,"body":{"user_id":"auth0|123","email":"alice@example.com"}}}' curl -H "Authorization: Bearer ${TOKEN}" \ 'http://localhost:8080/api/v2/users/auth0%7C123' # => {"user_id":"auth0|123","email":"alice@example.com"}
| Tag | Points to |
|---|---|
latest | latest stable release |
vX.Y.Z | a specific release (immutable) |
All tags are multi-arch manifests covering linux/amd64 and linux/arm64.
Every ghcr.io/sergiught/auth0-mock:vX.Y.Z image is signed with https://github.com/sigstore/cosign keylessly from the GitHub Actions release workflow (no shared secret). The Docker Hub mirror (sergiught/auth0-mock:vX.Y.Z) is a publish-only convenience: pull the equivalent GHCR digest to verify provenance. Replace vX.Y.Z below with the tag you want to verify, e.g. v0.1.0:
bashcosign verify \ --certificate-identity-regexp 'https://github.com/sergiught/auth0-mock/\.github/workflows/release\.yml@.+' \ --certificate-oidc-issuer https://token.actions.githubusercontent.com \ ghcr.io/sergiught/auth0-mock:vX.Y.Z
SPDX-JSON SBOMs for each release archive live alongside the ***aries on the https://github.com/sergiught/auth0-mock/releases.
The container is configured via environment variables. The most common ones:
| Variable | Default | Purpose |
|---|---|---|
HTTP_ADDR | 0.0.0.0:8080 | HTTP listener; e***y to disable |
HTTPS_ADDR | 0.0.0.0:8443 | HTTPS listener; e***y to disable |
TLS_CERT_FILE / TLS_KEY_FILE | e***y | If both set → load; else auto-gen |
TLS_CACHE_DIR | e***y | Persist auto-gen cert across restarts |
ISSUER_URL | https://localhost:8443/ | iss claim and OIDC discovery base |
DEFAULT_AUDIENCE | https://localhost:8443/api/v2/ | Default aud if request omits one |
LOG_LEVEL | info | debug / info / warn / error |
WRITE_TIMEOUT | 30s | http.Server.WriteTimeout — slow-write defence |
IDLE_TIMEOUT | 120s | http.Server.IdleTimeout — keep-alive cap |
MAX_REQUEST_BODY_BYTES | 1048576 (1 MiB) | Per-request body cap; oversize requests get a 400 |
The full list lives in the https://github.com/sergiught/auth0-mock#-configuration.
auth0-mock is an independent, community-built testing tool. It is not affiliated with, endorsed by, or sponsored by Auth0 or Okta, Inc. "Auth0" and "Okta" are trademarks of Okta, Inc.; they are used here only nominatively, to describe what this project mocks.
您可以使用以下命令拉取该镜像。请将 <标签> 替换为具体的标签版本。如需查看所有可用标签版本,请访问 标签列表页面。
来自真实用户的反馈,见证轩辕镜像的优质服务