https://github.com/plusauth/ciba-playground

OpenID Connect CIBA (Client-Initiated Backchannel Authentication Flow) playground application
https://github.com/plusauth/ciba-playground

ciba openid

Last synced: about 1 month ago
JSON representation

OpenID Connect CIBA (Client-Initiated Backchannel Authentication Flow) playground application

• Host: GitHub
• URL: https://github.com/plusauth/ciba-playground
• Owner: PlusAuth
• License: mit
• Created: 2021-09-06T11:34:29.000Z (over 4 years ago)
• Default Branch: main
• Last Pushed: 2022-10-26T10:52:30.000Z (over 3 years ago)
• Last Synced: 2025-10-09T11:14:46.948Z (6 months ago)
• Topics: ciba, openid
• Language: Vue
• Homepage:
• Size: 203 KB
• Stars: 2
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
## CIBA Playground

![demo](public/demo.gif)

This is a demonstration of how OpenID CIBA works on a simple use case. 

> **DISCLAIMER:**

> This project is **NOT** production grade. To simplify demonstration, some functions handled at client side which **SHOULD NOT** be the same in real world applications. 

Image below demonstrates the flow. To decrease complexity, error cases are excluded.

![ciba-poll-flow](public/ciba-poll-flow.png)

## Before you begin

Make sure you have configured/ensured your provider to have/is:

- CIBA support (w/ Poll mode)

- JWT for Client Authentication

- Public IP/Address for your environment or an [ngrok](https://ngrok.com/) account.

## Prerequisites

1) Create a client in your provider with:

   - `urn:openid:params:grant-type:ciba` grant type

   - `client_secret_jwt` token endpoint auth method

2) Configure your provider/auth service to trigger end-user device by making a `POST` request to `:/prompt_end_user`

with body containing `authRequest`. Have a look at [src/components/EndUser.vue:82](src/components/EndUser.vue#L82)  

## Usage

Clone repository and install dependencies with

```shell

npm install

```

Create your environment file `.env` containing values according to your setup. Have a look at [.env.template](.env.template) file. Or you can set your values inside application, but they won't be stored.

Finally, execute run script

```shell

npm run start

```

Browse to application by given server configuration which defaults to [http://localhost:8801](http://localhost:8801)