Demo OpenID Connect identity provider in NodeJS (tutorial mode)
NodeJS >= 8.16
Clone the sources:
git clone https://github.com/kaliop/oidc-sample-provider.git && cd oidc-sample-providerFetch the start tag to get the boostrap:
git checkout startInstall main depencencies:
npm installStart the application:
npm startGo to http://localhost:4000
checkout step-01
Check if all the required request parameters are present with good values:
-
response_type: must be equal to "code". -
scope: specifies which user data the service requires.
Space delimited list of keywords ('openid', 'profile', 'email', 'address', 'phone'). At least "openid" is required. The other are optional. -
client_id: must be found in the knwon allowed clients list (see default config file) -
redirect_uri: must match the configured redirect_uri for the client.
checkout step-02
Generate a callback redirection with following parameters, according to specifications:
code: random valuestate: value ofstateparameter from input request, if present.
checkout step-03
Initiate the Token Endpoint:
- check the mandatory parameters
- return a JSON object
checkout step-04
- use a dummy key/value in-memory storage service (use it only for tutorial purpose !) to share some data between the user session and the Access Token Endpoint.
- generate a random "access_token" value and store it as key with UserInfo as value.
- generate a random "code" value and store it as key with {access_token, id_token} as value.
checkout step-05
The ID Token must be a valid JWT that follows OIDC ID Token specifications. We use nJwt library to generate it.
checkout step-06
Fetch the user info that are stored within the in-memory storage, related to the request's access_token header.
checkout step-07
checkout step-08
checkout step-09
Implement the logout propagation (see RP-Initiated Logout):