About Features Downloads Getting Started Documentation Events Support GitHub

Love VuFind®? Consider becoming a financial supporter. Your support helps build a better VuFind®!

VuFind Documentation

Site Tools

You are here: start » configuration » oauth2_oidc
Trace:
Warning: This page has not been updated in over over a year and may be outdated or deprecated.
configuration:oauth2_oidc

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
configuration:oauth2_oidc [2022/09/15 08:17] – [Available User Information] emaijalaconfiguration:oauth2_oidc [2023/05/12 07:13] (current) – [Testing] emaijala
Line 38: Line 38:
  
 Finally, ''Grants'' allows fine-tuning life times of different tokens. These can typically be left as the defaults. Finally, ''Grants'' allows fine-tuning life times of different tokens. These can typically be left as the defaults.
 +
 +===== Endpoints =====
 +
 +The following endpoints are available:
 +
 +  * Authorization: /OAuth2/Authorize
 +  * Tokens: /OAuth2/Token
 +  * OIDC user info: /OAuth2/UserInfo
 +  * Server's public keys: /OAuth2/jwks
 +
 +===== Testing =====
 +
 +[[https://gitlab.com/guenoledc-perso/idp-oidc-tester|idp-oidc-tester]] is a very useful tool for testing the OIDC provider. Example to run it with docker: 
 +<code>
 +docker run --rm --name idp-oidc-tester -p 8080:80 registry.gitlab.com/guenoledc-perso/idp-oidc-tester:latest
 +</code>
 +Access the service by pointing your browser to http://localhost:8080. 
 +
 +Make sure that the OIDC client in Docker can access token, jwks and user info endpoints of VuFind. E.g. if you run VuFind locally with macOS, use http://docker.for.mac.localhost/vufind/OAuth2/token or similar depending on what VuFind base url is. Here are example settings when running macOS and VuFind in http://localhost/vufind:
 +
 +^ Setting                   ^ Value                                                     ^
 +| Discover url              | (leave empty)                                             |
 +| Authorize url             | http://localhost/vufind/OAuth2/authorize                  |
 +| Token endpoint            | http://docker.for.mac.localhost/vufind/OAuth2/token       |
 +| JWKS endpoint             | http://docker.for.mac.localhost/vufind/OAuth2/jwks        |
 +| Issuer                    | https://docker.for.mac.localhost                          |
 +| Instrospection endpoint   | (leave empty)                                             |
 +| User info endpoint        | http://docker.for.mac.localhost/vufind/OAuth2/userinfo    |
 +| End session endpoint      | http://docker.for.mac.localhost/vufind/OAuth2/logout      |
 +| Register as redirect_uri  | http://localhost:8080/session/callback                    |
 +| Client id                 | tester                                                    |
 +| Client secret             | secret                                                    |
 +| Scopes                    | openid profile address block_status                       |
 ---- struct data ---- ---- struct data ----
 properties.Page Owner : emaijala properties.Page Owner : emaijala
 ---- ----
  
configuration/oauth2_oidc.1663229830.txt.gz · Last modified: 2022/09/15 08:17 by emaijala