sso-oidc
Utility to instrument Single Sign-on (SSO) for Node.js and Express.
This project illustrates the basic client/server login flow for Single Page Applications (SPA) using Single Sign-in (SSO) with OpenID Connect (oidc).
The sso-oidc
module is intended to be used with Express.js with cookie-session and body-parser middleware. The client implementation is framework agnostic.
Getting started
Server-side
yarn add sso-oidc body-parser cookie-session
It is recommended to read environment secrets using dotenv or a similar module.
yarn add dotenv
// server.js;;;; const app = ; const sso = redirectUri: '' redirectUriLocal: '' clientId: '' clientSecret: '' issuerId: '' tokenUrl: '' authUrl: '' introspectUrl: ''; // Returns the silent authorization url.app; // Checks if the current session is valid.app; // Authenticates user using the temporary code returned from silent authorization.app; // Uses a wildcard to authenticate POST requests for a common, protected route.app; // Resets `access_token`, `user_id` but persists session.app;
Client-side
Refer to the create-react-app
example for a basic client login flow using React hooks.