npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

openidconnect-client

v1.3.0

Published

A test client for OpenID Connect providers

Downloads

6

Readme

OpenID Connect client

This is a demo implementation for testing OpenID Connect providers.
I recommend reading the OpenID Connect 1.0 Core spec for more information.

After a successful authentication, the user should be presented with his/her user profile data. If authentication fails, the user gets redirected to the home page.

Prerequisites

Install

  • git clone https://github.com/saschazar21/openidconnect-client
  • cd openidconnect-client
  • npm install or yarn

Preparation

Make sure the needed environment variables listed in .env.sample are properly set according to your desired OpenID Connect provider.
Either set them by copying the .env.sample file to .env and appending values to the listed variable keys or set them manually in the console:

$ ISSUER=... AUTH_URL=... CERT_URL=... (etc...) npm start

Sample configuration

A sample configuration of the necessary URLs in your .env file would look like the following:

ISSUER=http://localhost:3000
AUTH_URL=http://localhost:3000/auth
CERT_URL=http://localhost:3000/certs
TOKEN_URL=http://localhost:3000/token
CALLBACK_URL=https://home.dev:3001/auth/callback
USER_URL=http://localhost:3000/me

All but CALLBACK_URL of the above URLs are affecting the client's requests to the provider, therefore please check your current provider configuration. The CALLBACK_URL must be equal to your client's settings at the provider and point to a route in your client configuration (the URL the provider will redirect authenticated requests to).

CAUTION: Never commit your secret keys in your git repo!

HTTPS support

If you have a valid key & cert file path set in your .env file, the application automatically boots up an HTTPS-enabled server. Using this configuration, you'll have to explicitly use the https:// prefix, as there is no automatic redirect from http:// while the server is running.

DEBUG

Debugging may be turned on by setting the DEBUG environment variable to openidconnect:

$ DEBUG=openidconnect npm start

Another possibility would be to add this combination to your .env file to automatically load it during testing.

Known issues

  • When using the implicit flow as authentication process and the OP returns the token data using the fragment response mode, an endless loop of requests between the callback URLs might occur. This issue has been addressed here. Please make sure to use the form_post response mode (uncomment in .env.sample).

Contribution

Contributors welcome. While this project might just be here for testing you are free to fork it and create pull requests, if you fixed a bug or think an enhancement should be part of this project.

Credits

License

MIT

Version history

  • v1.3.0 HTTP request logs are more verbose now, discovered fragment response mode issue, added RESPONSE_MODE env & POST route config
  • v1.2.0 Enhanced environment variables to support different response types out of the box
  • v1.1.0 Enhanced the setup to also support HTTPS when key and cert are present
  • v1.0.0 Initial version