DEV Community

Ebrahim Hoseiny Fadae
Ebrahim Hoseiny Fadae

Posted on • Edited on

Series: Implementing OpenID with Node.js, TypeScript, and MongoDB - A Step-by-Step Guide

Introduction

In this tutorial series, we will explore how to implement OpenID with Node.js, TypeScript, and MongoDB. The focus of this guide is to provide a comprehensive, step-by-step approach to building an OIDC (OpenID Connect 1.0) authorization server along with a web application and an API service. Through this tutorial we are going to use panava/node-oidc-provider library, which is an OpenID Certified™ OAuth 2.0 Authorization Server implementation for Node.js.

Source Code

You can find the complete source code for this tutorial series at ebrahimmfadae/openid-connect-app on GitHub.

Requirements

To follow along with this tutorial series, you should have a good understanding of JavaScript and be familiar with the concepts of OpenID or OAuth 2.0. Additionally, basic knowledge of CSS, HTML, TypeScript, and Docker will be beneficial.

Setup

Before getting started, ensure that you have the following versions installed:

$ node -v
v18.17.1

$ yarn -v
v3.6.3

$ docker --version
Docker version 20.10.7, build f0df350

$ docker-compose --version
Docker Compose version v2.15.1
Enter fullscreen mode Exit fullscreen mode

Goals

  • Create an authorization server based on OpenID protocol.
  • Create an web application that acts as a client for authorization server.
  • Create an API (resource server) to demonstrate accessing restricted resources by authenticated users.

USAGE WARNING!

Please note that the code provided in this tutorial series should not be used in production without ensuring proper security measures and suitability for your specific use case.

Ask for help or give feedback

If you need any assistance or have feedback to share, you can reach out to me through the following channels:

UPDATE #1 - 8 October 2022

Please note that the panava/node-oidc-provider repository has disabled its issue section, which raises concerns about the project's maintenance. Additionally, critical bugs have been observed that require delving into the source code for resolution. While the repository may still serve the purpose of learning the OIDC protocol, caution is advised when using it.

Top comments (2)

Collapse
 
webdiy profile image
web-diy • Edited

Hi! Thank you for always answering questions quickly.
I am currently trying to deploy an application on a remote server. And I'm having trouble with that.

The problem arises at the last stage - getting tokens when I try to send a CallBack form. I see in the developer panel that an extra 301 redirect appears. And after it there is an error 500.
I think that the problem appears due to the fact that the OIDC on the server uses HTTPS. The APP uses HTTP.

Image description
Image description
Image description
Please tell me, maybe there are some ideas how to make this application work correctly on a remote server.

Here are the changed environment variables:
Public REMOTE addresses
PUBLIC_OIDC_ISSUER=testsso.site.com:443
PUBLIC_APP_URL=testsso.site.com:3005
PUBLIC_API_URL=testsso.site.com:3006

And also, an error occurs when registering a user: Internal Server Error

Another such warning appears in the logs:
oidc-provider WARNING: x-forwarded-proto header not detected for an https issuer, you must configure your ssl offloading proxy and the provider, see documentation for more details: https://github.com/panva/node-oidc-provider/tree/v7.14.3/docs/README.md#trusting-tls-offloading-proxies

On the 'localhost', the application works without errors.

Collapse
 
ebrahimmfadae profile image
Ebrahim Hoseiny Fadae • Edited

Sorry, It seems we have lost track of our conversation. If there's still an issue, feel free to email me at ebrahimfae@gmail.com.