grant Extend / add custom provider

trafficstars

Hi!

Is there any guide/info on how to add my own custom provider?

BR

Jan 18 '21 05:01 danieljwestman

Ops, a bit to fast here.

Found this in the docs:

You can define your own provider by adding a key for it in your configuration. In this case all of the required configuration keys have to be specified:

{
  "defaults": {
    "origin": "http://localhost:3000"
  },
  "awesome": {
    "authorize_url": "https://awesome.com/authorize",
    "access_url": "https://awesome.com/token",
    "oauth": 2,
    "key": "...",
    "secret": "...",
    "scope": ["read", "write"]
  }
}

I guess it's just like that... 🕺

I'm planning to build/host my own simple provider with either oidc-provider or Ory

Any thoughts, guidelines or recommendations? Thanks!

Jan 18 '21 05:01 danieljwestman

I've done it with oidc-provider:

{
  "panva": {
    "authorize_url": "http://localhost:4000/auth",
    "access_url": "http://localhost:4000/token",
    "oauth": 2,
    "key": "foo",
    "secret": "bar",
    "scope": [
      "openid"
    ],
    "custom_params": {
      "login_hint": "s"
    }
  }
}

var provider = new Provider('http://localhost:4000', {
  clients: [
    {
      client_id: 'foo',
      client_secret: 'bar',
      redirect_uris: [
        'http://localhost:3000/connect/panva/callback'
      ],
    }
  ],
  ...
}

Jan 18 '21 06:01 simov

Nice @simov

What framework did/do you use (like Express)?

Does it work good? "Reliable"?

Jan 18 '21 07:01 danieljwestman

I used Express, I think it's ok, but you can go to the examples folder in this repo and pick any of the supported HTTP frameworks. oidc-provider is built on top of Koa, which was a spin off project from the Express creator back then. Then you have Hapi and Fastify, which seems to be borrowing some ideas from Hapi .. so it depends on what you prefer I guess.

Jan 18 '21 07:01 simov

@simov Can you share the whole working example, please? I've tried follow the one you show above, but can't make it work. I'm not sure about access_url route.

Aug 14 '21 16:08 aunswjx

@aunsuwijak the rest of the configuration in my case was not relevant to this example. I will try to create a simple working example, but in the meantime, the /auth and /token endpoints are defined in node-oidc-provider, meaning that you only have to configure them in Grant as shown above.

Aug 14 '21 16:08 simov

Thanks a lot! 😃

Aug 14 '21 17:08 aunswjx

Here is a working example:

provider.js

var Provider = require('oidc-provider')

var provider = new Provider('http://localhost:4000', {
  clients: [
    {
      client_id: 'foo',
      client_secret: 'bar',
      redirect_uris: [
        'http://localhost:3000/connect/panva/callback'
      ]
    }
  ],
})

var server = provider.listen(4000, () => {
  console.log('http://localhost:4000/.well-known/openid-configuration')
})

client.js

var express = require('express')
var session = require('express-session')
var grant = require('grant').express()


express()
  .use(session({secret: 'grant', saveUninitialized: true, resave: false}))
  .use(grant(require('./config.json')))
  .get('/hello', (req, res) => {
    res.end(JSON.stringify(req.session.grant.response, null, 2))
  })
  .listen(3000)

config.json

{
  "panva": {
    "authorize_url": "http://localhost:4000/auth",
    "access_url": "http://localhost:4000/token",
    "oauth": 2,
    "key": "foo",
    "secret": "bar",
    "scope": [
      "openid"
    ],
    "custom_params": {
      "login_hint": "s"
    },
    "transport": "session",
    "pkce": true,
    "redirect_uri": "http://localhost:3000/connect/panva/callback",
    "callback": "/hello"
  }
}

Test

Start the provider:

node provider.js

Start the client:

node client.js

Navigate to http://localhost:3000/connect/panva

Aug 14 '21 17:08 simov

grant grant copied to clipboard

Extend / add custom provider

provider.js

client.js

config.json

Test

grant
grant copied to clipboard