This is a demonstration of how OpenID CIBA works on a simple use case.
DISCLAIMER: This project is NOT production grade. To simplify demonstration, some functions handled at client side which SHOULD NOT be the same in real world applications.
Image below demonstrates the flow. To decrease complexity, error cases are excluded.
Make sure you have configured/ensured your provider to have/is:
- CIBA support (w/ Poll mode)
- JWT for Client Authentication
- Public IP/Address for your environment or an ngrok account.
-
Create a client in your provider with:
urn:openid:params:grant-type:cibagrant typeclient_secret_jwttoken endpoint auth method
-
Configure your provider/auth service to trigger end-user device by making a
POSTrequest to<YOUR_PUBLIC_ADDRESS>:<SERVER_PORT>/prompt_end_userwith body containingauthRequest. Have a look at src/components/EndUser.vue:82
Clone repository and install dependencies with
npm installCreate your environment file .env containing values according to your setup. Have a look at .env.template file. Or you can set your values inside application, but they won't be stored.
Finally, execute run script
npm run startBrowse to application by given server configuration which defaults to http://localhost:8801