BankID OIDC Connector
The BankID OIDC Connector provides a Javascript API to easily integrate with the BankID OpenID Connect Platform.
Documentation
See official documentation from OIDC Provider BankID.
Usage
A simple example on how to connect to an OIDC provider like BankID:
// Listen for loaded event
document.body.addEventListener( 'oidc-connector-loaded', function() {
window.OIDC.doInit({
// URL to OIDC service
oauth_url: 'https://oidc-preprod.bankidapis.no/auth/realms/preprod/protocol/openid-connect/auth',
// Merchant given client ID on the OIDC service
// TODO: Replace this with your own!
client_id: 'your_client_id',
// Your callback URL that will receive the Authorization Grant response
// TODO: Replace this with your own!
redirect_uri: 'https://yourdomain.com/oidc/callback',
// Open the OIDC session in a popup window
method: 'window'
});
}, false);
// Then on some login button click event, for example:
document.querySelector('button').addEventListener('click', function() {
window.OIDC.doConnect( {
callback: function( err, data ) {
if ( err ) {
console.warn( 'OIDC login error: ', err );
return;
}
console.log( 'OIDC login finished. Received: ', data );
}
});
}, false);
- NOTE: You need to replace
client_id
andredirect_uri
with your own values. - By default, the OIDC connector will use redirect mode. Change
method
parameter towindow
, orinline
for other modes. - You can add a
login_hint
parameter toOIDC.doInit({ login_hint: 'XID' })
orOIDC.doConnect()
See more examples under src/main/public/
or check out the examples page in the documentation.
Development
A node server is used to host the connector and example pages. Gulp is used to build the connector and run the development server.
Requirements
- NodeJS 6+
Installation
npm install --global gulp-cli
npm install
Run
gulp
This will watch for changes in src/main/js
and a server will be hosted on https://localhost:3000 where you will find more examples.
The connector bundle is hosted at https://localhost:3000/js/connector.bundle.js
Build
If you want to build your own OIDC connector distribution:
gulp connector:dist
HTTPS
The BankID OIDC service only accepts redirect_uri
on HTTPS which is why the node server defaults to HTTPS.
In order to enrich the server with certificate info or to disable HTTPS, you need to edit the connect.server({...})
call in tools/gulp/server.connector.gulp.js
Additional features
Local proxy for Token/Userinfo exchange
The local development node server can act as a proxy to the Token and Userinfo endpoints when using the experimental features in the OIDC Connector as explained here.
The provided node server has implemented the necessary backend features to make the Token and Userinfo calls on behalf of the OIDC connector running on the client-side.
In order to use this feature with the development server, you need to do the following:
- Create a new file in the root of the repository named
config.custom.json
. - Add configuration for:
client_secret
: the client_secret for your client_id on the OIDC ServicetokenUrl
: URL to the Token Endpoint on the OIDC Service.userInfoUrl
: URL to the Userinfo Endpoint on the OIDC Service.
- On your client-side OIDC Connector
OIDC.doInit({ .. })
call:- add
token_url
pointing to your development server. E.g. http://localhost:3000/oauth/token - add
userinfo_url
pointing to your development server. E.g. http://localhost:3000/oauth/userinfo.
- add
- Restart your development server
Additional reading
See Release Notes for latest version and Change Log for release notes on all releases.
OpenID Connect specification: http://openid.net/specs/openid-connect-core-1_0.html