Skip to content
/ ciba-playground Public

OpenID Connect CIBA (Client-Initiated Backchannel Authentication Flow) playground application

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

PlusAuth/ciba-playground

BranchesTags

Repository files navigation

CIBA Playground

demo

This is a demonstration of how OpenID CIBA works on a simple use case.

DISCLAIMER: This project is NOT production grade. To simplify demonstration, some functions handled at client side which SHOULD NOT be the same in real world applications.

Image below demonstrates the flow. To decrease complexity, error cases are excluded. ciba-poll-flow

Before you begin

Make sure you have configured/ensured your provider to have/is:

  • CIBA support (w/ Poll mode)
  • JWT for Client Authentication
  • Public IP/Address for your environment or an ngrok account.

Prerequisites

  1. Create a client in your provider with:

    • urn:openid:params:grant-type:ciba grant type
    • client_secret_jwt token endpoint auth method

  2. Configure your provider/auth service to trigger end-user device by making a POST request to <YOUR_PUBLIC_ADDRESS>:<SERVER_PORT>/prompt_end_user with body containing authRequest. Have a look at src/components/EndUser.vue:82

Usage

Clone repository and install dependencies with

npm install

Create your environment file .env containing values according to your setup. Have a look at .env.template file. Or you can set your values inside application, but they won't be stored.

Finally, execute run script

npm run start

Browse to application by given server configuration which defaults to http://localhost:8801

About

OpenID Connect CIBA (Client-Initiated Backchannel Authentication Flow) playground application

Topics

openid ciba

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Languages