ebrahimmfadae / openid-connect-app Goto Github PK

View Code? Open in Web Editor NEW

27.0 27.0 16.0 1011 KB

Sample project for implementing OIDC server with a web application and an API service.

License: MIT License

TypeScript 70.35% EJS 24.93% CSS 4.72%

api authorization-server ejs koa mongodb oauth2 openid-connect password-grant resource resource-server service

openid-connect-app's Introduction

Hello every body ✋

🔭 I am currently working on a project written in Go, and it is so exciting for me!

openid-connect-app's People

Contributors

Stargazers

Watchers

Forkers

wittech geekzebre jaimeshalom gihanrangana ifundeasy marronile jaechoon2 rajujooluri henryohanga raghavareddykv mettlekc-g pliman aalfiann lausanner abhinavzspace tiieb

openid-connect-app's Issues

Improve database implementation

Some readers were confused about the way that in-memory and persistent databases implemented

Improve documentation

What is the username and password

First of all, thank you for your tutorial, which currently I try to understanding to how to use panva/oidc-provider trough running your code in my machine, however, i cant authenticated, since i dont know the username and the password, can you give me more explanation about this, what thing i should do to use your code?

Cleanup

Make Access Token and Refresh token in JWT format?

how to change the access token and refresh token to be in jwt format instead default one?

Upgrade dependencies

Node.js - ^18.17.0
Docker Compose: ^2.21.0
Yarn: ^3.6.3

Dockerize dependencies

Error 500 at the last stage (Issue Tokens)

Hi! Thank you for always answering questions quickly.
I am currently trying to deploy an application on a remote server. And I'm having trouble with that.

The problem arises at the last stage - getting tokens when I try to send a CallBack form. And after it there is an error 500.
I think that the problem appears due to the fact that the OIDC on the server uses HTTPS. The APP uses HTTP.

Please tell me, maybe there are some ideas how to make this application work correctly on a remote server.

Here are the changed environment variables:
Public REMOTE addresses
PUBLIC_OIDC_ISSUER=testsso.site.com:443
PUBLIC_APP_URL=testsso.site.com:3005
PUBLIC_API_URL=testsso.site.com:3006

And also, an error occurs when registering a user: Internal Server Error

Another such warning appears in the logs:
oidc-provider WARNING: x-forwarded-proto header not detected for an https issuer, you must configure your ssl offloading proxy and the provider, see documentation for more details: https://github.com/panva/node-oidc-provider/tree/v7.14.3/docs/README.md#trusting-tls-offloading-proxies

P.S. I configured the NGINX server and now the transition from HTTP < - > HTTPS is working correctly. But the 500 error still appears when issuing tokens (send form on /token). And the 500 error appears when re-authorizing, when we should go to the page with CallBack

On the 'localhost', the application works without errors.

Fix onlyClient bug in register route

It's hard to complete the registration when we need to handle the bearer token ourselves. Currently, we can not register.

Separate back and front ends of web application

The client should not issue a token because it will need client secret. It may cause security issues.