Skip to content

Latest commit

 

History

History
83 lines (58 loc) · 3.53 KB

README.md

File metadata and controls

83 lines (58 loc) · 3.53 KB

OpenID Connect Tester

This is a browser based tester for OAuth 2.0 and OpenID Connect Authorization Code flow. Launch by navigating to following page

https://psteniusubi.github.io/oidc-tester

Requirements

This browser based app requires CORS support from the OpenID Connect provider for the Token Endpoint. Most providers will support CORS but there are some exceptions.

There is no backend. Browser's local storage is used to store any configuration information such as provider metadata and client credentials.

If you want to fork this project then pay attention to dependencies to psteniusubi.github.io and webauthn-tester.

Registering OpenID Connect provider

Navigate to Configuration page, then below Identity Provider click New

Get one of following from your OpenID Connect provider

  1. Issuer name that resolves to well known discovery endpoint
    • Enter name into Issuer field, then click Fetch
  2. Discovery document as Json
    • Copy Json document on Clipboard, then click Paste from Clipboard
  3. Values for authorization and token endpoints, and optionally others
    • Enter endpoint values into respective fields

Registering OpenID Connect client

Navigate to Configuration page. Select a provider from list, then below Client click New

Register this app with the OpenID Connect provider

  1. Send Client configuration request to provider
    1. Click Copy to Clipboard
    2. Submit registration request to provider.
    3. Copy registration response on Clipboard, then click Paste from Clipboard
  2. Send redirect uri to provider
    1. https://psteniusubi.github.io/oidc-tester/authorization-code-flow.html
    2. Get client_id and optionally client_secret values from provider, enter into respective fields

Remember to click Set Active to activate a client.

OpenID Connect requests

Navigate to Tester to start testing

Authorization Request

Token Request

Decode ID Token

Introspection Request

UserInfo Request

Live Testing

  1. Register OpenID Connect Provider
  2. Register OpenID Connect Client
{
    "scope":  "openid",
    "redirect_uris":  [
                          "https://psteniusubi.github.io/oidc-tester/authorization-code-flow.html"
                      ],
    "grant_types":  [
                        "authorization_code"
                    ],
    "client_id":  "5aa312bb-be15-4546-bafc-20608834b82b",
    "client_secret":  "M1lwPKB82yZ9rqA61rv5ZDGn6CgRDDil"
}