Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/madarche/oidc-rp-web-example

OpenID Connect Relying Party (RP) web client (like a web site) example
https://github.com/madarche/oidc-rp-web-example

oidc openid openid-client openid-connect

Last synced: 18 days ago
JSON representation

OpenID Connect Relying Party (RP) web client (like a web site) example

Host: GitHub
URL: https://github.com/madarche/oidc-rp-web-example
Owner: madarche
License: mit
Created: 2020-09-06T19:23:54.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2022-10-13T16:41:15.000Z (about 2 years ago)
Last Synced: 2024-12-17T03:25:43.713Z (19 days ago)
Topics: oidc, openid, openid-client, openid-connect
Language: JavaScript
Homepage:
Size: 262 KB
Stars: 2
Watchers: 2
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

oidc-rp-web-example
===================

[![Build Status](https://travis-ci.org/madarche/oidc-rp-web-example.svg?branch=master)](https://travis-ci.org/madarche/oidc-rp-web-example)

OpenID Connect Relying Party (RP) *web client* (like a web site) example

Architecture
------------

This example needs an OIDC Server (OP) and optionally an OAuth2 Resource Server
(https://github.com/madarche/oauth2-resource-server-example).

![Architecture schema](architecture.png "Architecture schema")

Usage
-----

It is assumed that this application will run as
https://oidc-rp-web-example.local.test/. One can change this URL with whatever
other URL.

First, write the `config.tom` config file.

Optionally set the `resources.url` property with the URL of the OAuth2 Resource Server route.

```shellsession
cp config.toml.example config.toml
vim config.toml
```

Next, register the RP in the OP with the following properties:

* `client_id` : the same as the `client_id` set in the `config.toml`
* `redirect_uris` : `https://oidc-rp-web-example.local.test/logged_in`
* `post_logout_redirect_uris` : `https://oidc-rp-web-example.local.test/logged_out`
* `application_type` : `web`
* `token_endpoint_auth_method` : `client_secret_basic`
* `client_secret` : the same as the `client_secret` set in `config.toml`

Then, install the needed packages and start the application:

```shellsession
npm ci
npm start
```

Finally, visit the application at https://oidc-rp-web-example.local.test/

### When the OP uses self-signed certificate

If the OP uses a self-signed certificate, one gets the following error:
```
RequestError: self signed certificate
```

The solution is, prior to the `npm start` command, to specify the certificate
to Node.js, for example:

```shellsession
export NODE_EXTRA_CA_CERTS=/etc/nginx/ssl/cert/local.test.crt
```