oidc-rp-web-example

OpenID Connect Relying Party (RP) web client (like a web site) example

Architecture

This example needs an OIDC Server (OP) and optionally an OAuth2 Resource Server (https://github.com/madarche/oauth2-resource-server-example).

It is assumed that this application will run as https://oidc-rp-web-example.local.test/. One can change this URL with whatever other URL.

First, write the config.tom config file.

Optionally set the resources.url property with the URL of the OAuth2 Resource Server route.

cp config.toml.example config.toml
vim config.toml

Next, register the RP in the OP with the following properties:

client_id : the same as the client_id set in the config.toml
redirect_uris : https://oidc-rp-web-example.local.test/logged_in
post_logout_redirect_uris : https://oidc-rp-web-example.local.test/logged_out
application_type : web
token_endpoint_auth_method : client_secret_basic
client_secret : the same as the client_secret set in config.toml

Then, install the needed packages and start the application:

npm ci
npm start

If the OP uses a self-signed certificate, one gets the following error:

RequestError: self signed certificate

The solution is, prior to the npm start command, to specify the certificate to Node.js, for example:

export NODE_EXTRA_CA_CERTS=/etc/nginx/ssl/cert/local.test.crt

Name		Name	Last commit message	Last commit date
Latest commit History 23 Commits
doc/conf/nginx		doc/conf/nginx
src		src
.eslintignore		.eslintignore
.eslintrc.js		.eslintrc.js
.gitignore		.gitignore
.travis.yml		.travis.yml
LICENSE		LICENSE
README.md		README.md
architecture.png		architecture.png
architecture.svg		architecture.svg
config.toml.example		config.toml.example
nodemon.json		nodemon.json
package-lock.json		package-lock.json
package.json		package.json