{"id":25066066,"url":"https://github.com/benjaminpla/oidc_node_azure","last_synced_at":"2026-04-11T05:03:48.026Z","repository":{"id":198072987,"uuid":"700014553","full_name":"benjaminPla/oidc_node_azure","owner":"benjaminPla","description":"This project is a demonstration of an OpenID Connect (OIDC) authorization flow, built using Node, Azure, Express, Axios and environments variables. Postman is used for testing the API endpoints.","archived":false,"fork":false,"pushed_at":"2023-10-05T19:48:36.000Z","size":4,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-02-06T20:01:03.752Z","etag":null,"topics":["api","axios","azure","backend","environment-variables","express","git","javascript","node","oidc","postman"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/benjaminPla.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2023-10-03T19:25:20.000Z","updated_at":"2023-10-03T19:28:56.000Z","dependencies_parsed_at":"2023-10-04T08:41:47.144Z","dependency_job_id":"1f197b40-a1d8-4ccd-84c2-ed6fe28e513b","html_url":"https://github.com/benjaminPla/oidc_node_azure","commit_stats":{"total_commits":3,"total_committers":2,"mean_commits":1.5,"dds":"0.33333333333333337","last_synced_commit":"158521abe20284398eab04c32d03495d9066bbfe"},"previous_names":["benjaminpla/oidc_node_azure"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/benjaminPla%2Foidc_node_azure","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/benjaminPla%2Foidc_node_azure/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/benjaminPla%2Foidc_node_azure/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/benjaminPla%2Foidc_node_azure/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/benjaminPla","download_url":"https://codeload.github.com/benjaminPla/oidc_node_azure/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246477193,"owners_count":20783956,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","axios","azure","backend","environment-variables","express","git","javascript","node","oidc","postman"],"created_at":"2025-02-06T20:00:06.001Z","updated_at":"2025-12-30T19:04:31.726Z","avatar_url":"https://github.com/benjaminPla.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# OpenID Connect (OIDC)\n\n## Overview\n\nThis project is a demonstration of an OpenID Connect (OIDC) authorization flow, built using Node, Azure, Express, Axios and environments variables. Postman is used for testing the API endpoints.\n\n## Structure\n\n```\n├── README.md\n├── index.js\n└── package.json\n```\n\n## Configuration\n\nTo configure the project, create a `.env` file and fill it with the following variables, which can be obtained from your Identity Provider (IdP):\n\n```plaintext\nCLIENT_ID=\nCLIENT_SECRET=\nGRANT_TYPE=authorization_code\nPORT=\nREDIRECT_URI=\nRESPONSE_TYPE=code\nSCOPE=openid\nTENANT_ID=\n```\n\n## Running Locally\n\nTo run the project locally, follow these steps:\n\n1. Install project dependencies:\n\n```\nnpm install\n```\n\n2. Start the development server:\n\n```\nnpm run start\n```\n\n## Endpoints\n\nThis project provides just one single endpoint for managing the OIDC authorization:\n\n| Ednpoint  | Description                                                                                        | HTTP Method |\n| --------- | -------------------------------------------------------------------------------------------------- | ----------- |\n| /callback | Receives the IdP code, sends a POST request to IdP's /token endpoint, and receives the IdP's token | GET         |\n\n## Terminology\n\nRelying Party (RP) =\u003e abc.com\n\nIdentity Provider (IdP) =\u003e google.com\n\n## Flow\n\n- user wants to log in abc.com\n- abc.com uses IdP's _POST /authorize_ endpoint\n- the browser redirects the user to google.com's OIDC endpoint with parameters:\n  - response_type: ['code', 'token', 'id_token']\n  - client_id\n  - redirect_uri\n  - scope\n  - state: random value to prevent CSRF\n  - nonce: random to prevent OIDC attacks\n  - prompt: ['none', 'login', 'consent']\n  - max_age\n  - acr_values: MFA\n  - custom_parameters\n- user logs in to google.com\n- google.com generate a code\n- google.com redirects user to `redirect_uri` with the code\n- abc.com sends a POST request to IdP's _POST /token_ with the code\n- IdP's _POST /token_ returns a token\n\n## Notes\n\n\u003e OIDC primarily focuses on authentication (not authorization)\n\n\u003e abc.com can rely solely on its IdPs, without maintaining its own user database (not recommended).\n\n\u003e abc.com can allow users to log in with google.com and add them to its own user database. It can then provide users with the option to change their local password or unlink their google.com account (recommended hybrid approach).\n\n## Images\n\n![Screenshot_1](https://github.com/benjaminPla/oidc_node_azure/assets/85419447/ca32a777-37e0-43f4-965a-83b4de1cd361)\n\n![image002](https://github.com/benjaminPla/oidc_node_azure/assets/85419447/4818907c-0c0e-479a-b089-582c60431766)\n\n![Screenshot_4](https://github.com/benjaminPla/oidc_node_azure/assets/85419447/d04b167e-b39c-4568-9872-5cc593f64818)\n\n![Screenshot_2](https://github.com/benjaminPla/oidc_node_azure/assets/85419447/452ac459-831f-4ca2-bb7b-d83f20f0af09)\n\n![Screenshot_3](https://github.com/benjaminPla/oidc_node_azure/assets/85419447/ef9fdf8f-2fa4-42f8-8d35-7051ebda9983)\n\n![image003](https://github.com/benjaminPla/oidc_node_azure/assets/85419447/44ede412-763d-4ad7-9e95-e99a565626d0)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbenjaminpla%2Foidc_node_azure","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbenjaminpla%2Foidc_node_azure","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbenjaminpla%2Foidc_node_azure/lists"}