{"id":28397793,"url":"https://github.com/hidglobal/digitalpersona-sample-js-oidc","last_synced_at":"2026-04-15T06:31:32.486Z","repository":{"id":40498878,"uuid":"196446016","full_name":"hidglobal/digitalpersona-sample-js-oidc","owner":"hidglobal","description":"Sample code using Digital Persona IdP in AngularJS SPA and Node.js Express web service","archived":false,"fork":false,"pushed_at":"2022-12-10T15:46:40.000Z","size":165,"stargazers_count":2,"open_issues_count":6,"forks_count":1,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-06-28T12:44:33.397Z","etag":null,"topics":["angularjs","digitalpersona","digitalpersona-identity-provider","jwt","nodejs","oidc","openid-connect","uareu"],"latest_commit_sha":null,"homepage":"https://hidglobal.github.io/digitalpersona-sample-js-oidc/","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hidglobal.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-07-11T18:25:05.000Z","updated_at":"2024-08-12T04:05:48.000Z","dependencies_parsed_at":"2023-01-26T03:31:17.730Z","dependency_job_id":null,"html_url":"https://github.com/hidglobal/digitalpersona-sample-js-oidc","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/hidglobal/digitalpersona-sample-js-oidc","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hidglobal%2Fdigitalpersona-sample-js-oidc","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hidglobal%2Fdigitalpersona-sample-js-oidc/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hidglobal%2Fdigitalpersona-sample-js-oidc/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hidglobal%2Fdigitalpersona-sample-js-oidc/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hidglobal","download_url":"https://codeload.github.com/hidglobal/digitalpersona-sample-js-oidc/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hidglobal%2Fdigitalpersona-sample-js-oidc/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31829761,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-14T18:05:02.291Z","status":"online","status_checked_at":"2026-04-15T02:00:06.175Z","response_time":63,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["angularjs","digitalpersona","digitalpersona-identity-provider","jwt","nodejs","oidc","openid-connect","uareu"],"created_at":"2025-06-01T02:30:32.700Z","updated_at":"2026-04-15T06:31:32.447Z","avatar_url":"https://github.com/hidglobal.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Introduction\nThis sample project demonstrates using the DigitalPersona OIDC Identity Provider for the purpose of authentication in a NodeJs Express application. It is written in AngularJs, and authorization is implemented through a NodeJs Express REST service.\n\nThere are two connected subprojects: \u003cb\u003e/your-application\u003c/b\u003e and \u003cb\u003e/your-service\u003c/b\u003e.\n\n## /your-application\nThe sample application uses the OpenID Connect protocol for the purpose of authenticating a user via the DigitalPersona OIDC Identity Provider.   \n\n## /your-service\nThe sample service consumes an Access Token issued by the DigitalPersona OIDC Identity Provider and responds only if a valid token has been provided. The service uses third-party libraries to parse and validate the Access Token if a \u003cb\u003e/secured\u003c/b\u003e path has been requested.   \n\n# Getting Started\n## Prerequisites\nBefore running this sample, you will need to\n* Install Git\n* Install latest NodeJS server\n* [Signup](https://www.crossmatch.com/digitalpersona-composite-authentication-free-trial/) for trial version of [DigitalPersona AD server and DigitalPersona AD Web Management Components](https://a3fcb69dc7037ab91b58f8ba-qnewmedia.netdna-ssl.com/wp-content/uploads/2019/05/DigitalPersona-AD-Administrator-Guide-3.pdf),or the [DigitalPersona LDS server and DigitalPersona LDS Web Management Components](https://a3fcb69dc7037ab91b58f8ba-qnewmedia.netdna-ssl.com/wp-content/uploads/2019/05/DigitalPersona-LDS-Administrator-Guide-3.pdf)\n* Install DigitalPersona them on a separate server.\n\n## Running this example\n* To run both the sample application and service on your development machine, you will first need to clone this repo by entering:\n```markdown\ngit clone https://github.com/hidglobal/digitalpersona-sample-js-oidc.git\ncd digitalpersona-sample-js-oidc/\n```\n### 1. Setting up\n  * Open the [https://\u0026lt;DigitalPersonaIdPHostName\u0026gt;/dppassivests/wsfed/metadata](https://\u0026lt;DigitalPersonaIdPHostName\u0026gt;/dppassivests/wsfed/metadata) in Web browser. The response will look like\n\n```xml\n\u003cEntityDescriptor xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\" ID=\"_32ce6961-33d6-4345-bbe3-9c71880494d6\" entityID=\"https://win-je24ttb0q9g.virgo.com/dpsts\"\u003e\n    \u003cSignature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"\u003e\n        \u003cSignedInfo\u003e\n            \u003cCanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/\u003e\n            \u003cSignatureMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256\"/\u003e\n            \u003cReference URI=\"#_32ce6961-33d6-4345-bbe3-9c71880494d6\"\u003e\n                \u003cTransforms\u003e\n                    \u003cTransform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/\u003e\n                    \u003cTransform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/\u003e\n                \u003c/Transforms\u003e\n                \u003cDigestMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#sha256\"/\u003e\n                \u003cDigestValue\u003eY0EVRJ/oI7PadT7aV3uPTlDNm0Ii65248ltCDuGj8GU=\u003c/DigestValue\u003e\n            \u003c/Reference\u003e\n        \u003c/SignedInfo\u003e\n        \u003cSignatureValue\u003e\n            brQuNkzJ/MVKn/vu8cwgu4xpPJkb2nTtHDZJCHJSDjPMdDQuHu5GyIXMso1khst2s2uyonQ4XTK4ETww/tBmY21QBMpd5a9clzsLcPjezAzh76A6mWbjg6QzVOrKgRuQVscB1sDvoc+pOCicpCPczaVUQjdPY4XG/K4G87V//HDVkds/ahR/UoQ47zD+iRtKbT0NboCjcPgQbBzeuC/4gaxAg/bIrSyRl5HYAnFkjQbAS3DHqcNe6VNBQQcgYCfcHt8zM3YCJ/s1N7wpzcBA+W9MnZpIm4kAUgQ5EFJ5pkH1cYW2mzLm4ewIoQnASHHeYG+OfrfQZg7xMfvESebvFA==\n        \u003c/SignatureValue\u003e\n        \u003cKeyInfo\u003e\n            \u003cX509Data\u003e\n                \u003cX509Certificate\u003e\n                    MIIDNDCCAhygAwIBAgIQOfiz4aeylZpA51F4ujT/xjANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDDCdodHRwczovL3dpbi1qZTI0dHRiMHE5Zy52aXJnby5jb20vZHBzdHMwHhcNMTgwNDIzMTE1OTE4WhcNMjEwNDIzMTE1OTE4WjAyMTAwLgYDVQQDDCdodHRwczovL3dpbi1qZTI0dHRiMHE5Zy52aXJnby5jb20vZHBzdHMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG6VksGwzvpF94yg425NcVkcXPcK1ss1gSNfcH4TDhHSTCeI4n3r0sBl+L5SCoFQu6BQYpg73U9MUDvDWM1b7vo9Ou4Ic5Q7JCflXEjKPRE5x3KkWX0e/5jG9doujF6Amf6PDJxykDA1ZQejXaqqnwsY4XjF5QkuaelzTkKXEBL3zrvJ6sVjSby49ALRf1uyHmrzX0ucMkO/d6/2+5kGltKKPKhIoGQ/ZWxm+/ujfjHOAn0O3ZbA/BUXZ9u4/KNrDRcEX4MopzI2P6ofgNBUo0dslN2nEys5Qt1iC92AWIt27Jf7UkuEnMiDaT56vaGm3KdnlWuJ/UJJECCX1039orAgMBAAGjRjBEMBMGA1UdJQQMMAoGCCsGAQUFBwMBMB0GA1UdDgQWBBSUfq3GfNRdFWFxpap1zR/YTAi04zAOBgNVHQ8BAf8EBAMCBSAwDQYJKoZIhvcNAQELBQADggEBAGJXFq091wYij3L4Mh0oGssDC/Z+J5NfrqRErImTCrrCkGXxh4500tvrIGOi0usm9Y3X+bldqmVxFgGPO1PwwAHO7zzB/YasQe7QN19Oe2VvR0lBvkaNEQor+u2k7dDJrpDW0vJ+YWDSFtpyHjGrtLQygGuDOo5UCzCSObVDDbfjNO/c7QtuCvZkzn11jhxIqjJHk3f5u40znPC33bmldbeVcpCaDgP7oZab81hg6WpmqZEJqF8mKr4vtBIxZsxaCHP95sKKMLX4shETiM7REsldkpqjawIJ7KRdqChUcFYz4ILV4BlRnUWWAWQv17uJHQV02Uozq2lhi3LVNNaELHQ=\n                \u003c/X509Certificate\u003e\n            \u003c/X509Data\u003e\n        \u003c/KeyInfo\u003e\n    \u003c/Signature\u003e\n    \u003c!-- More settings here--\u003e\n\u003c/EntityDescriptor\u003e\n```  \n\n  * Locate first occurrence of \u003cb\u003e\u0026lt;X509Certificate\u0026gt;\u003c/b\u003e tag and copy the content into clipboard. For the sample response above, you would need to select and copy \u003cb\u003eMIIDNDCCAhygAwIBAgIQOfiz4aeylZpA51F4ujT/xjANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDDCdodHRwczovL3dpbi1qZTI0dHRiMHE5Zy52aXJnby5jb20vZHBzdHMwHhcNMTgwNDIzMTE1OTE4WhcNMjEwNDIzMTE1OTE4WjAyMTAwLgYDVQQDDCdodHRwczovL3dpbi1qZTI0dHRiMHE5Zy52aXJnby5jb20vZHBzdHMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG6VksGwzvpF94yg425NcVkcXPcK1ss1gSNfcH4TDhHSTCeI4n3r0sBl+L5SCoFQu6BQYpg73U9MUDvDWM1b7vo9Ou4Ic5Q7JCflXEjKPRE5x3KkWX0e/5jG9doujF6Amf6PDJxykDA1ZQejXaqqnwsY4XjF5QkuaelzTkKXEBL3zrvJ6sVjSby49ALRf1uyHmrzX0ucMkO/d6/2+5kGltKKPKhIoGQ/ZWxm+/ujfjHOAn0O3ZbA/BUXZ9u4/KNrDRcEX4MopzI2P6ofgNBUo0dslN2nEys5Qt1iC92AWIt27Jf7UkuEnMiDaT56vaGm3KdnlWuJ/UJJECCX1039orAgMBAAGjRjBEMBMGA1UdJQQMMAoGCCsGAQUFBwMBMB0GA1UdDgQWBBSUfq3GfNRdFWFxpap1zR/YTAi04zAOBgNVHQ8BAf8EBAMCBSAwDQYJKoZIhvcNAQELBQADggEBAGJXFq091wYij3L4Mh0oGssDC/Z+J5NfrqRErImTCrrCkGXxh4500tvrIGOi0usm9Y3X+bldqmVxFgGPO1PwwAHO7zzB/YasQe7QN19Oe2VvR0lBvkaNEQor+u2k7dDJrpDW0vJ+YWDSFtpyHjGrtLQygGuDOo5UCzCSObVDDbfjNO/c7QtuCvZkzn11jhxIqjJHk3f5u40znPC33bmldbeVcpCaDgP7oZab81hg6WpmqZEJqF8mKr4vtBIxZsxaCHP95sKKMLX4shETiM7REsldkpqjawIJ7KRdqChUcFYz4ILV4BlRnUWWAWQv17uJHQV02Uozq2lhi3LVNNaELHQ=\u003c/b\u003e\n  * Open digitalpersona-sample-js-oidc\\your-service\\signingCertificate.pem file in the text editor. It will look like\n```text\n-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----\n```\n  * Insert empty line in between \u003cb\u003e-----BEGIN CERTIFICATE-----\u003c/b\u003e and \u003cb\u003e-----END CERTIFICATE-----\u003c/b\u003e, then paste clipboard contents there, so it will look like\n```text\n-----BEGIN CERTIFICATE-----\nMIIDNDCCAhygAwIBAgIQOfiz4aeylZpA51F4ujT/xjANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDDCdodHRwczovL3dpbi1qZTI0dHRiMHE5Zy52aXJnby5jb20vZHBzdHMwHhcNMTgwNDIzMTE1OTE4WhcNMjEwNDIzMTE1OTE4WjAyMTAwLgYDVQQDDCdodHRwczovL3dpbi1qZTI0dHRiMHE5Zy52aXJnby5jb20vZHBzdHMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG6VksGwzvpF94yg425NcVkcXPcK1ss1gSNfcH4TDhHSTCeI4n3r0sBl+L5SCoFQu6BQYpg73U9MUDvDWM1b7vo9Ou4Ic5Q7JCflXEjKPRE5x3KkWX0e/5jG9doujF6Amf6PDJxykDA1ZQejXaqqnwsY4XjF5QkuaelzTkKXEBL3zrvJ6sVjSby49ALRf1uyHmrzX0ucMkO/d6/2+5kGltKKPKhIoGQ/ZWxm+/ujfjHOAn0O3ZbA/BUXZ9u4/KNrDRcEX4MopzI2P6ofgNBUo0dslN2nEys5Qt1iC92AWIt27Jf7UkuEnMiDaT56vaGm3KdnlWuJ/UJJECCX1039orAgMBAAGjRjBEMBMGA1UdJQQMMAoGCCsGAQUFBwMBMB0GA1UdDgQWBBSUfq3GfNRdFWFxpap1zR/YTAi04zAOBgNVHQ8BAf8EBAMCBSAwDQYJKoZIhvcNAQELBQADggEBAGJXFq091wYij3L4Mh0oGssDC/Z+J5NfrqRErImTCrrCkGXxh4500tvrIGOi0usm9Y3X+bldqmVxFgGPO1PwwAHO7zzB/YasQe7QN19Oe2VvR0lBvkaNEQor+u2k7dDJrpDW0vJ+YWDSFtpyHjGrtLQygGuDOo5UCzCSObVDDbfjNO/c7QtuCvZkzn11jhxIqjJHk3f5u40znPC33bmldbeVcpCaDgP7oZab81hg6WpmqZEJqF8mKr4vtBIxZsxaCHP95sKKMLX4shETiM7REsldkpqjawIJ7KRdqChUcFYz4ILV4BlRnUWWAWQv17uJHQV02Uozq2lhi3LVNNaELHQ=\n-----END CERTIFICATE-----\n```\n  * Save digitalpersona-sample-js-oidc\\your-service\\signingCertificate.pem file\n\n### 2. Running /your-service\n* Open command line prompt as an Administrator.\n* Change the directory to /your-service.\n* Open package.json in text editor and locate \u003cb\u003eyour-service\u003c/b\u003e section\n\n```json\n  \"your-service\": {\n    \"authenticationOptions\": {\n      \"audience\": \"https://\u003cDigitalPersonaIdPHostName\u003e/dpsts/resources\",\n      \"issuer\": \"https://\u003cDigitalPersonaIdPHostName\u003e/dpsts\",\n      \"clockTolerance\": 10\n    }\n  }\n```\n\n* Replace \u003cb\u003e\u0026lt;DigitalPersonaIdPHostName\u0026gt;\u003c/b\u003e with the actual host name for the server running DigitalPersona Identity Provider. The result would like like, assuming that win-je24ttb0q9g.virgo.com is the actual host name\n\n```json\n  \"your-service\": {\n    \"authenticationOptions\": {\n      \"audience\": \"https://win-je24ttb0q9g.virgo.com/dpsts/resources\",\n      \"issuer\": \"https://win-je24ttb0q9g.virgo.com/dpsts\",\n      \"clockTolerance\": 10\n    }\n  }\n```\n\n* Install dependencies by running the following command inside /your-service directory.\n\n```markdown\nnpm install\n```  \n\n* Start sample application by running  \n\n```markdown\nnpm start\n```\n* In your web browser, open \u003cA HREF=\"http://\u003cyour machine host name\u003e:3001/secured\u003e\"\u003ehttp://\u0026lt;your machine host name\u003e:3001/secured\u003c/A\u003e.\n\n* Observe \u003cb\u003eUnauthorized\u003c/b\u003e response, since no Access Token has been provided.\n\n### 3. Running /your-application\n* Open command line prompt as an Administrator.\n* Change directory to /your-application\n* Install dependencies by running the following command in the project's root  \n\n```markdown\nnpm install\n```\n\n* Open public/app/app.controller.js in text editor and locate the following line of a code\n\n```javascript\n    var digitalPersonaHostName = '\u003cDigitalPersonaIdPHostName\u003e';\n```\n\n* Replace \u003cb\u003e\u0026lt;DigitalPersonaIdPHostName\u0026gt;\u003c/b\u003e with the actual host name for the server running DigitalPersona Identity Provider. The result would like like, assuming that win-je24ttb0q9g.virgo.com is the actual host name\n\n```javascript\n    var digitalPersonaHostName = 'win-je24ttb0q9g.virgo.com';\n```\n\n* Register the sample application as an OIDC client with DigitalPersona Identity Provider by adding the following into the  \u003cb\u003e\u0026lt;Clients\u0026gt;\u003c/b\u003e element of \u003cb\u003eC:\\Program Files\\DigitalPersona\\Web Management Components\\DP STS\\DPPassiveSTS\\web.config\u003c/b\u003e.  \n\n  Make sure to replace \u003cb\u003e\u0026lt;your machine host name\u0026gt;\u003c/b\u003e in the code below with the actual discoverable host name.\n\n```xml\n    \u003cadd ClientId=\"digitalpersona-sample-js-oidc\" DisplayName=\"DigitalPersona Sample Js Oidc\" Secret=\"Ks8/V0rj592QVQ5hdT+7e1NbPLa7rlloDivSAR3shFA=\" Flow=\"Implicit\"\u003e\n        \u003cRedirectUris\u003e\n            \u003cadd Uri=\"http://\u003cSampleAppMachineName\u003e:3000/callback\" /\u003e\n        \u003c/RedirectUris\u003e\n        \u003cPostLogoutRedirectUris\u003e\n            \u003cadd Uri=\"http://\u003cSampleAppMachineName\u003e:3000/signout\" /\u003e\n        \u003c/PostLogoutRedirectUris\u003e\n    \u003c/add\u003e\n```\n\n* Start the sample application by running:\n\n```markdown\nnpm start\n```\n\n* In your web browser, open \u003cA HREF=\"http://\u003cyour machine host name\u003e:3000/\u003e\"\u003ehttp://\u0026lt;your machine host name\u003e:3000/\u003c/A\u003e.\n\n* Click the \u003ci\u003eSign in\u003c/i\u003e button.  \n* Upon clicking the \u003ci\u003eSign in\u003c/i\u003e button, you will be redirected to the DigitalPersona Identity Provider.  \n* After successful authentication with the DigitalPersona Identity Provider, the sample application displays user information along with the result returned from /your-service.\n\n# Notes\nAlways use https in production.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhidglobal%2Fdigitalpersona-sample-js-oidc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhidglobal%2Fdigitalpersona-sample-js-oidc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhidglobal%2Fdigitalpersona-sample-js-oidc/lists"}