Securing the Perimeter by Michael Schwartz & Maciej Machulak

Author:Michael Schwartz & Maciej Machulak
Language: eng
Format: epub
ISBN: 9781484226018
Publisher: Apress

Easy JavaScript Client

This JavaScript client is one of the easiest ways to test OpenID Connect, although it’s not the most secure (remember Figure 5-1). The client we will use was forked from a sample application written to demonstrate how easy it is to use Connect. Gluu forked the code and has enhanced it since that time. The project can be found at https://github.com/GluuFederation/openid-implicit-client .

It’s not a fancy app—it sends the person to the authorization endpoint to be authenticated and then prints the claims that are returned in the id_token . Figures 5-12 and 5-13 are the two pages of the demo from that project. This client doesn't support dynamic client registration, so you’ll have to add the client manually to the Gluu Server via the oxTrust Admin UI (or use the oxAuth RP web application, described later). When adding the client in oxTrust, the fields you should configure for the client are shown in Listing 5-8.Client Name: Implicit Test Client

response_type: token id_token

Application Type: Web

Pre-Authorization: Enabled

Subject Type: public

Scopes:openid, profile, email

Response Types: token id_token

Grant Types: implicit

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.