OpenID Connect authorization

This UnityBase model implements authorization over OpenID Connect. For adminUI "OpenIDConnect" should be added to the "authenticationMethods".


"security": {
  "authenticationMethods": ["UB", "OpenIDConnect"]
"application": {
    "customSettings": {
        "externalServerUrl": External url address. You should set this address if server work over proxy server


const openID = require('@unitybase/openid-connect')
let oIdEndPoint = openID.registerEndpoint('openIDConnect')
oIdEndPoint.registerProvider('Google', {
  authUrl: '',
  tokenUrl: '',
  userInfoUrl: '',
  userInfoHTTPMethod: 'GET',
  scope: 'openid',
  nonce: '123',
  response_type: 'code',
  client_id: '',
  client_secret: 'dF4qmUxhHoBAj-E1R8YZUCqA',
  getOnFinishAction: function (response) {
    return 'opener.$App.onFinishOpenIDAuth(' + JSON.stringify(response) + '); close();'
  getUserID: function(userInfo) {
    let inst = UB.Repository('uba_user').attrs(['ID'])
       .where('[name]', '=',
    return inst.eof ? null : inst.get('ID')


openIDConnect(req: THTTPRequest, resp: THTTPResponse)inner#

OpenID endpoint implementation If called as host:port[/app]/endpoint - return a list of registered openIDConnect providers, If called as host:port[/app]/endpoint/provider without parameters - redirect to provider authUrl If called as host:port[/app]/endpoint/provider with parameters code and state - call doProviderAuthHandshake method If called as host:port[/app]/endpoint/provider with parameters logout - redirect to logout url

registerOpenIDEndpoint(endpointName: String)→openIDEndpointinner#

Register openID connect endpoint




openIDEndpoint inner #

OpenID endpoint. Able to register providers