openid-client-server
An OpenId Relying Party (RP, Client) application server.
This module leverages the openid-client module to implement a web server that secures any Web UI framework that can be hosted by Node.js with Authorization Code Flow (optional Proof Key), Implicit Flow or Hybrid Flow. The module also provides configurable proxy endpoints that include the user token automatically in requests to API endpoints, as well a session management making it easier to create Web UI's that are "secure by default".
Install
with npm
$ npm install @optum/openid-client-server
with yarn
$ yarn add @optum/openid-client-server
Usage
Options
The resolveOptions
function will leverage environmental variables to auto-build all options with defaults. It can be required in the server setup module via import {resolveOptions} from '@optum/openid-client-server
.
For more info see the .env.example file
clientServer
Use the clientServer
function to create a http
server with an integrated openid-client and all features in @optum/openid-client-server.
With a Promise
import {IncomingMessage, ServerResponse} from 'http'
import {clientServer} from '@optum/openid-client-server'
import handle from 'serve-handler'
const port = parseInt(process.env.NEXT_SERVER_PORT ?? '8080', 10)
const serveHandler = async (
req: IncomingMessage,
res: ServerResponse
): Promise<void> => {
handle(req, res, {
headers: [
{
source: '**/*.*',
headers: [
{
key: 'Cache-Control',
value: 'max-age=0'
}
]
}
]
})
}
clientServer({
contentHandler: serveHandler
})
.then(server =>
server.listen(port, () => {
console.log(`> Ready on http://localhost:${port}`)
})
)
.catch(error => {
console.log('Static content server failed to start')
console.error(error)
})
With a Async Await
import {IncomingMessage, ServerResponse} from 'http'
import {clientServer} from '@optum/openid-client-server'
import handle from 'serve-handler'
const port = parseInt(process.env.NEXT_SERVER_PORT ?? '8080', 10)
;(async (): Promise<void> => {
try {
const serveHandler = async (
req: IncomingMessage,
res: ServerResponse
): Promise<void> => {
handle(req, res, {
headers: [
{
source: '**/*.*',
headers: [
{
key: 'Cache-Control',
value: 'max-age=0'
}
]
}
]
})
}
const server = await clientServer({contentHandler: serveHandler})
server.listen(port, () => {
console.log(`> Ready on http://localhost:${port}`)
})
} catch (error) {
console.log('Static content server failed to start')
console.error(error)
}
})()
For a Next.js example, see: examples/nextjs file
Background
The original goal of this module was to provide as easy way to implement OpenID flows with Next.js applications via a custom Next.js server. There were issues leveraging frameworks like Koa.js for "easy wins" in session management and out-of-the-box middleware, so tides turned to using Node's core http
module. The result ended up working for any Web UI that could be served by Node.js, so here we are.
Development
Environment
- Node.js is required to develop this module. Please install the latest LTS version if you haven't already.
-
Module dependencies are managed with Yarn. Please install it if you haven't already.
$ npm i -g yarn
Editors
VS Code
IntelliJ