-
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathimplicit.html
More file actions
101 lines (86 loc) · 3.79 KB
/
implicit.html
File metadata and controls
101 lines (86 loc) · 3.79 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!--
! MPL 2.0 HEADER START
!
! This Source Code Form is subject to the terms of the Mozilla Public
! License, v. 2.0. If a copy of the MPL was not distributed with this
! file, You can obtain one at http://mozilla.org/MPL/2.0/.
!
! If applicable, add the following below this MPL 2.0 HEADER, replacing
! the fields enclosed by brackets "[]" replaced with your own identifying
! information:
! Portions Copyright [yyyy] [name of copyright owner]
!
! MPL 2.0 HEADER END
!
! Copyright 2013-2014 ForgeRock AS
!
-->
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>OpenID Connect Implicit Client Profile</title>
<link rel="shortcut icon" href="http://forgerock.com/favicon.ico">
<link type="text/css" rel="stylesheet" href="style.css">
<script type="text/javascript"
src="///code.jquery.com/jquery-latest.min.js"></script>
<script type="text/javascript" src="common.js"></script>
<script type="text/javascript" src="implicit.js"></script>
</head>
<body>
<div>
<a href="http://openam.forgerock.org/">
<img src="forgerock-logo.svg" width="131" height="83" align="right" alt="ForgeRock Logo">
</a>
</div>
<h3>Implicit Client Profile Start Page</h3>
<p>This example tries OpenAM as an OpenID Connect provider using the
<a href="http://openid.net/specs/openid-connect-implicit-1_0.html"
target="_blank">Implicit Client Profile</a>.</p>
<p>OpenID Connect Implicit Client Profile 1.0 is designed for relying parties
that use the OAuth 2.0 Implicit grant type. This grant type is designed for
clients implemented in a browser. Rather than protect a client secret, the
client profile must register a protected redirect URI in advance with the
OpenID Provider.</p>
<div id="config"></div>
<p><a id="link" href="#">Start authorization</a></p>
<script type="text/javascript">
var authRequestParameters = {
"response_type": "id_token token",
"client_id": client_id,
"realm": client_realm,
"scope": "openid profile",
"redirect_uri": redirect_uri,
"state": state,
"nonce": nonce
};
var url = server + openam + authorize + "?"
+ encodeQueryData(authRequestParameters);
$("#link").attr("href", url);
$("#config").html(
"<hr>"
+ "<h3>Prerequisite Configuration</h3>"
+ "<p>OpenAM should be running and configured as an "
+ "OpenID Connect Provider in the same container as this "
+ "application.</p>"
+ "<p>Current settings for this example:</p>"
+ "<table style='width: 100%; font-family: monospace'>"
+ "<tr><td>OpenAM URI</td><td>" + openam + "</td></tr>"
+ "<tr><td>client_id</td><td>" + client_id + "</td></tr>"
+ "<tr><td>realm</td><td>" + client_realm + "</td></tr>"
+ "<tr><td>redirect_uri</td><td>" + redirect_uri + "</td></tr>"
+ "</table>"
+ "<p>In OpenAM, create an OAuth 2.0 agent using the "
+ "<code>client_id</code>, then edit the configuration to "
+ "add the <code>redirect_uri</code>, and scopes \"openid\" "
+ "and \"profile\".</p>"
+ "<p>Furthermore, set ID Token Signed Response Algorithm "
+ "to <code>HS256</code>.</p>"
+ "<p>After you have configured everything, log out of "
+ "OpenAM. Then click the link to start the authorization "
+ "process.</p>"
);
</script>
</body>
</html>