Commit 31dca42c authored by Andreas Åkre Solberg's avatar Andreas Åkre Solberg

Initial commit

parents
# EditorConfig is awesome: https://EditorConfig.org
# top-most EditorConfig file
root = true
# Unix-style newlines with a newline ending every file
[*]
end_of_line = lf
insert_final_newline = true
# Matches multiple files with brace expansion notation
# Set default charset
[*.{js,json,yaml}]
charset = utf-8
indent_style = space
indent_size = 2
node_modules
.env
const ESFetcher = require('jwtfed').ESFetcher
const clients = [{ client_id: 'foo', client_secret: 'bar', redirect_uris: ['http://lvh.me/cb'] }];
const clientCache = {}
const trustroot = [
{
"sub": "https://edugain.andreas.labs.uninett.no/openid",
"subTypes": ["openidProvider", "openidClient"],
"metadata": {
"openidClient": {
"special": true
}
},
"jwks": [
{
"kty": "RSA",
"use": "sig",
"alg": "RS256",
"n": "qnd5_krrHKzuJzb5_YEt4sP-YOGSbfVL_g06h1Q-q0nzTsO8MwtWVQx1nuR1cV-ruNwF2sFFGRNejVNKOxL8n5tGuYgJBRJBB5KcbnvRqSEMpObJxQzQuQrzxXFqMlmVRaaCINL5qFWTmdJz79cPleBBPr9DsD9O-nDSGV-R0LT3YWH0SrY5cEDVasUhWnFRY5eOTMRtxUB2m8FXBaZVAlIr5-Gy-SaTmybKQJ74iVpG16Hbw4t0tw14ReEO0aAsDq24cU7bHOueWnxZPfOltueZnIEKe3_eAmh-fieLvkkZSKqXRWKg_tZDbnjUqWH2lVvC2ReEOrns971V0Hjcbw",
"e": "AQAB",
"key_ops": [
"verify"
],
"ext": true,
"kid": "edugain"
}
]
}
]
class JWTFedAdapter {
constructor(name) {
this.name = name
this.jwtfed = new ESFetcher()
}
async find(id) {
if (clientCache.hasOwnProperty(id)) {
console.log("Returning cache of " + id)
return clientCache[id]
}
console.log("Finding an client " + id)
console.log(JSON.stringify(clients[0], undefined, 2))
this.jwtfed.fetchChained(id)
.then((list) => {
console.log("Resulting list of entity statements from JWT Federation")
console.log(JSON.stringify(list, undefined, 2), {language: "json"})
const tc = new TrustChain(trustroot)
list.forEach((es) => {
tc.add(es)
})
tc.dump()
let paths = tc.findPaths()
if (paths.length === 0) {throw new Error("No trust paths found")}
console.log()
console.log(highlight("Discovered trusted paths ", {language: "markdown"}))
console.log(highlight(JSON.stringify(paths, undefined, 2), {language: "json"}))
console.log()
let metadata = tc.validate(paths[0], 'openidClient')
console.log(highlight("--------- ", {language: "markdown"}))
console.log(highlight("Resolved metadata for " + metadata.identifier, {language: "markdown"}))
console.log(highlight("Type " + metadata.entityType, {language: "markdown"}))
console.log(highlight("Trusted JWKS:", {language: "markdown"}))
console.log(highlight(JSON.stringify(metadata.jwks, undefined, 2), {language: "json"}))
console.log(highlight("Metadata:", {language: "markdown"}))
console.log(highlight(JSON.stringify(metadata.metadata, undefined, 2), {language: "json"}))
return metadata.metadata
})
}
async upsert(id, payload, expiresIn) {
console.log("ID", id, " payload ", payload, " expiresin ", expiresIn)
clientCache[id] = payload
return payload
}
async findByUserCode(userCode) {
console.log("findByUserCode()")
}
async destroy(id) {
console.log("destroy()")
delete clientCache[0]
}
async consume(id) {
console.log("consume()")
}
key(id) {
return `${this.name}:${id}`;
}
}
module.exports = JWTFedAdapter
This diff is collapsed.
{
"name": "jwtfed-provider",
"version": "1.0.0",
"description": "JWT Federation Demo Provider",
"main": "index.js",
"scripts": {
"main": "node server",
"test": "echo \"Error: no test specified\" && exit 1"
},
"keywords": [
"jwt",
"openid connect",
"oauth"
],
"author": "Andreas Åkre Solberg <andreas.solberg@uninett.no>",
"license": "ISC",
"dependencies": {
"jwtfed": "^1.0.0",
"oidc-provider": "^4.5.0"
}
}
const JWTFedAdapter = require('./JWTFedAdapter')
const Provider = require('oidc-provider');
const assert = require('assert')
const configuration = {
// ... see available options /docs/configuration.md
};
const clients = [{ client_id: 'foo', client_secret: 'bar', redirect_uris: ['http://lvh.me/cb'] }];
assert(process.env.SECURE_KEY, 'process.env.SECURE_KEY missing, run `heroku addons:create securekey`')
assert.equal(process.env.SECURE_KEY.split(',').length, 2, 'process.env.SECURE_KEY format invalid')
const oidc = new Provider('http://localhost:3000', configuration);
(async () => {
await oidc.initialize({ adapter: JWTFedAdapter });
// oidc.callback => express/nodejs style application callback (req, res)
// oidc.app => koa2.x application
oidc.listen(3000);
oidc.keys = process.env.SECURE_KEY.split(',');
console.log('oidc-provider listening on port 3000, check http://localhost:3000/.well-known/openid-configuration');
})().catch((err) => {
console.error(err);
process.exitCode = 1;
});
// http://localhost:3000/auth?client_id=foo&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fcallback&scope=openid&state=af0ifjsldkj&nonce=n-0S6_WzA2Mj&response_type=code
// http://localhost:3000/auth?/auth?client_id=foo&response_type=code&scope=openid
// http://localhost:3000/auth?client_id=foo&response_type=code&scope=openid
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment