This package provides a Proxy Server that can be used to upgrade existing OIDC Identity Providers to be compliant with the Solid-OIDC specification without have to change those Identity Providers themselves.

This is done through handlers which can be configured to accomplish various different needs and are completely modular. You can configure the handlers to fill in the gaps of an IdP. If your IdP can provide PKCE, do not include handlers that would add PKCE in the proxy. The reason this is possible is due to a dependency injection framework called componentsjs. The proxy can be configured through JSON config files.

Take a look at the list of features that are supported. The documentation for each feature will also explain how the feature can be enabled by configuring handlers.

It might also be a good idea to take a look at the getting started page.

Before starting the proxy, install all dependencies and compile the code by running npm run bootstrap and npm run build:all in the root of the repository. The server works with LTS versions of Node.js from v12 onward, and npm from v6 onward.

Make sure you have a JSON file containing JWKs, and a JSON file containing openid-configuration. These can both be generated by the proxy:

• For jwks:

  Run npm run generate:keys. This will generate an RSA key and an ES256 key. By default these JWKs will be put under the directory assets with the filename jwks.json.

  If you want them to be generated somewhere else, you can run npm run generate:keys -- [relative path to file]. If you want the JWKs to be under a directory to be under a directory called jwks with a filename of myjwks.json run npm run generate:keys -- jwks/myjwks.json.

• For openid-configuration:

  Run npm run generate:oidc -- [upstream server issuer url] [proxy issuer url] [relative path to file (optional)]. You need to have a provider running for this to work. By default, it will try to find the provider config under the url of the upstream, and will replace all instances of that URL with the url of the proxy. By default it will place the file under the directory assets with the filename openid-configuration.json.

  Example: npm run generate:oidc -- http://localhost:3000 http://localhost:3003 config/proxy-config.json.

To start the proxy open a terminal in the folder, and execute the command npm run start. This will start the proxy with default configuration:

• The proxy's URL will be http://localhost:3003
• The proxy will assume that the URL of the upstream server is http://localhost:3000
• The proxy will be run with the config solid-compliant-opaque-access-tokens.json
• The proxy will try to find jwks under assets/jwks.json. You can generate JWKs by running npm run generate:keys
• The proxy will try to find .well-known/openid-configuration under assets/openid-configuration.json
• The proxy will use this directory as it's main module path.

This configuration can be changed using the following CLI options:

• c: relative path to the config
• u: URL of the proxy
• U: URL of the upstream server
• m: relative path to the main module path
• o: relative path to the OIDC configuration
• j: relative path to the JWKs

Example: npm run start -- -c config/my-config.json -u http://proxy.com/ -U http://upstream.com/ -m ../other_directory -o openid/openid-configuration.json -j jwks/my-jwks.json