Configure apache with openid connect using the demo service in Signicat
Assuming you're on debian buster.
If you have docker installed and want to run this guide in docker run the following command, and do all the remaining steps in the resulting shell
docker run -ti -p 5000:5000 debian:buster
apt-get update&& apt-get install -y --no-install-recommends apache2 libapache2-mod-auth-openidc libapache2-mod-php ca-certificates
Edit /etc/apache2/ports.conf and add the following line at the bottom of the file:
Listen 5000
Add the following content to a new file called /etc/apache2/sites-available/signicat-quickstart.conf
<VirtualHost *:5000>
OIDCProviderMetadataURL https://preprod.signicat.com/oidc/.well-known/openid-configuration
OIDCClientID demo-preprod
OIDCClientSecret mqZ-_75-f2wNsiQTONb7On4aAZ7zc218mrRVk1oufa8
# OIDCPathAuthRequestParams acr_values=signicat:nbid
OIDCProviderTokenEndpointAuth client_secret_basic
OIDCScope "openid profile"
OIDCRedirectURI http://localhost:5000/redirect
OIDCCryptoPassphrase SomeSecretValue
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
DirectoryIndex index.php
LogLevel debug
<Location />
AuthType openid-connect
Require valid-user
</Location>
</VirtualHost>
Add the following to a new file called /var/www/html/index.php
<?php
print("hello " . $_SERVER["OIDC_CLAIM_name"]);
Enable the site and start apache:
a2ensite signicat-quickstart
service apache2 start # if already running run: service apache2 reload
Your local server should now be up and running. Open http://localhost:5000/ in your browser and select Norwegian BankID. Remember to use the test credentials below when identifying.
Norwegian BankID test user information
Description | Value |
---|---|
User ID | 10103933108 |
One time password (OTP) | otp |
Password | qwer1234 |