How to use the openid-client.Issuer.defaultHttpOptions function in openid-client

To help you get started, we’ve selected a few openid-client examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github weseek / growi / src / server / service / passport.js View on Github external
throw new Error('OidcStrategy has already been set up');
    }

    const { configManager } = this.crowi;
    const isOidcEnabled = configManager.getConfig('crowi', 'security:passport-oidc:isEnabled');

    // when disabled
    if (!isOidcEnabled) {
      return;
    }

    debug('OidcStrategy: setting up..');

    // setup client
    // extend oidc request timeouts
    OIDCIssuer.defaultHttpOptions = { timeout: 5000 };
    const issuerHost = configManager.getConfig('crowi', 'security:passport-oidc:issuerHost');
    const clientId = configManager.getConfig('crowi', 'security:passport-oidc:clientId');
    const clientSecret = configManager.getConfig('crowi', 'security:passport-oidc:clientSecret');
    const redirectUri = (configManager.getConfig('crowi', 'app:siteUrl') != null)
      ? urljoin(this.crowi.appService.getSiteUrl(), '/passport/oidc/callback')
      : configManager.getConfig('crowi', 'security:passport-oidc:callbackUrl'); // DEPRECATED: backward compatible with v3.2.3 and below
    const oidcIssuer = await OIDCIssuer.discover(issuerHost);
    debug('Discovered issuer %s %O', oidcIssuer.issuer, oidcIssuer.metadata);

    const client = new oidcIssuer.Client({
      client_id: clientId,
      client_secret: clientSecret,
      redirect_uris: [redirectUri],
      response_types: ['code'],
    });
github microclimate-dev2ops / microclimate-vscode-tools / dev / src / microclimate / connection / auth / Authenticator.ts View on Github external
export async function authenticate(icpMasterIP: string): Promise {
        Log.i("Authenticating against:", icpMasterIP);
        const openLoginResponse = await AuthUtils.shouldOpenBrowser();
        if (!openLoginResponse) {
            throw new Error(`Cancelled logging in to ${icpMasterIP}`);
        }
        if (pendingAuth != null) {
            rejectPendingAuth("Previous login cancelled - Multiple concurrent logins.");
        }

        const oidcServerUrl: string = AuthUtils.getOIDCServerURL(icpMasterIP).toString();
        Log.d("OIDC server is at " + oidcServerUrl);

        Issuer.defaultHttpOptions = {
            timeout: AuthUtils.TIMEOUT,
            rejectUnauthorized: Requester.shouldRejectUnauthed(oidcServerUrl),
        };
        const icpIssuer = await Issuer.discover(oidcServerUrl);
        const openIDClient = new icpIssuer.Client({
            client_id: CLIENT_ID,
        });

        // https://auth0.com/docs/protocols/oauth2/mitigate-csrf-attacks
        const stateParam = AuthUtils.getCryptoRandomHex();
        // https://auth0.com/docs/api-auth/tutorials/nonce
        const nonceParam = AuthUtils.getCryptoRandomHex();

        const authUrlStr: string = openIDClient.authorizationUrl({
            redirect_uri: AUTH_REDIRECT_CB,
            scope: OAUTH_SCOPE,
github travisghansen / external-auth-server / src / plugin / oauth / index.js View on Github external
const { Assertion } = require("../../assertion");
const { BasePlugin } = require("../../plugin");
const { Issuer } = require("openid-client");
const jwt = require("jsonwebtoken");
const oauth2 = require("simple-oauth2");
const queryString = require("query-string");
const request = require("request");
const URI = require("uri-js");

Issuer.useRequest();
Issuer.defaultHttpOptions = { timeout: 10000, headers: {} };

const exit_failure = function(message = "", code = 1) {
  if (message) {
    console.log(message);
  }
  process.exit(code);
};

const issuer_encrypt_secret =
  process.env.EAS_ISSUER_ENCRYPT_SECRET ||
  exit_failure("missing EAS_ISSUER_ENCRYPT_SECRET env variable");
const issuer_sign_secret =
  process.env.EAS_ISSUER_SIGN_SECRET ||
  exit_failure("missing EAS_ISSUER_SIGN_SECRET env variable");

const SESSION_CACHE_PREFIX = "session:oauth:";
github IBM / cloud-native-starter / authentication-nodejs / server.js View on Github external
require('dotenv').config();
const { Issuer } = require('openid-client');
const express = require('express');
const session = require('express-session');

const app = express();
const port = 3000;

app.use(session({
  secret: '123456',
  resave: true,
  saveUninitialized: true
}));

Issuer.defaultHttpOptions = { timeout: 15000 }

const issuer = new Issuer({
  issuer: process.env.APPID_ISSUER,
  authorization_endpoint: process.env.APPID_AUTHORIZATION_ENDPOINT,
  token_endpoint: process.env.APPID_TOKEN_ENDPOINT,
  userinfo_endpoint: process.env.APPID_USERINFO_ENDPOINT,
  jwks_uri: process.env.APPID_JWKS_URI,
});
console.log('Issuer %s %O', issuer.issuer, issuer.metadata);
issuer.defaultHttpOptions = { timeout: 15000 }

const client = new issuer.Client({
  client_id: process.env.APPID_CLIENTID,
  client_secret: process.env.APPID_SECRET
});
github DFEAGILEDEVOPS / MTC / admin / authentication / dfe-signin-strategy.js View on Github external
const initSignOnSync = () => {
  Issuer.defaultHttpOptions = { timeout: config.Auth.dfeSignIn.issuerDiscoveryTimeoutMs }
  logger.debug('discovering dfe signin service issuer...')
  Issuer.discover(config.Auth.dfeSignIn.authUrl)
    .then((issuer) => {
      logger.info('dfe sign on discovered successfully')
      const client = new issuer.Client({
        client_id: config.Auth.dfeSignIn.clientId,
        client_secret: config.Auth.dfeSignIn.clientSecret
      })
      if (config.Auth.dfeSignIn.clockToleranceSeconds && config.Auth.dfeSignIn.clockToleranceSeconds > 0) {
        client.CLOCK_TOLERANCE = config.Auth.dfeSignIn.clockToleranceSeconds
      }
      const dfeStrategy = new Strategy({
        client,
        params: {
          scope: config.Auth.dfeSignIn.openIdScope
        }
github keattang / eks-auth-proxy / src / oidc.js View on Github external
const getClient = async () => {
    Issuer.defaultHttpOptions = { timeout: 30000 };
    const issuer = await Issuer.discover(oidcIssuer);

    return new issuer.Client({
        client_id: clientId,
        client_secret: clientSecret,
    });
};