dgt-id-proxy 0.22.2
Install from the command line:
Learn more about npm packages
$ npm install @useid/dgt-id-proxy@0.22.2
Install via package.json:
"@useid/dgt-id-proxy": "0.22.2"
About this version
This package provides a Proxy Server that can be used to upgrade existing OIDC Identity Providers to be compliant with the Solid-OIDC specification without have to change those Identity Providers themselves.
This is done through handlers which can be configured to accomplish various different needs and are completely modular. You can configure the handlers to fill in the gaps of an IdP. If your IdP can provide PKCE, do not include handlers that would add PKCE in the proxy. The reason this is possible is due to a dependency injection framework called componentsjs. The proxy can be configured through JSON config files.
Take a look at the list of features that are supported. The documentation for each feature will also explain how the feature can be enabled by configuring handlers.
It might also be a good idea to take a look at the getting started page.
Before starting the proxy, install all dependencies and compile the code by running npm run bootstrap
and npm run build:all
in the root of the repository. The server works with LTS versions of Node.js from v12 onward, and npm from v6 onward.
Make sure you have a JSON file containing JWKs, and a JSON file containing openid-configuration. These can both be generated by the proxy:
-
For jwks:
Run
npm run generate:keys
. This will generate an RSA key and an ES256 key. By default these JWKs will be put under the directoryassets
with the filenamejwks.json
.If you want them to be generated somewhere else, you can run
npm run generate:keys -- [relative path to file]
. If you want the JWKs to be under a directory to be under a directory calledjwks
with a filename ofmyjwks.json
runnpm run generate:keys -- jwks/myjwks.json
. -
For openid-configuration:
Run
npm run generate:oidc -- [upstream server issuer url] [proxy issuer url] [relative path to file (optional)]
. You need to have a provider running for this to work. By default, it will try to find the provider config under the url of the upstream, and will replace all instances of that URL with the url of the proxy. By default it will place the file under the directoryassets
with the filenameopenid-configuration.json
.Example:
npm run generate:oidc -- http://localhost:3000 http://localhost:3003 config/proxy-config.json
.
To start the proxy open a terminal in the folder, and execute the command npm run start
. This will start the proxy with default configuration:
- The proxy's URL will be
http://localhost:3003
- The proxy will assume that the URL of the upstream server is
http://localhost:3000
- The proxy will be run with the config solid-compliant-opaque-access-tokens.json
- The proxy will try to find jwks under
assets/jwks.json
. You can generate JWKs by runningnpm run generate:keys
- The proxy will try to find
.well-known/openid-configuration
underassets/openid-configuration.json
- The proxy will use this directory as it's main module path.
This configuration can be changed using the following CLI options:
- c: relative path to the config
- u: URL of the proxy
- U: URL of the upstream server
- m: relative path to the main module path
- o: relative path to the OIDC configuration
- j: relative path to the JWKs
Example: npm run start -- -c config/my-config.json -u http://proxy.com/ -U http://upstream.com/ -m ../other_directory -o openid/openid-configuration.json -j jwks/my-jwks.json