Feature/openid client config

.github/workflows/node.js.yml

@@ -1,5 +1,5 @@
-# This workflow will do a clean installation of node dependencies, cache/restore them, build the source code and run tests across different versions of node
-# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-nodejs
+# This workflow will do a clean installation of node dependencies, cache/restore them, build the source code, and run tests across different versions of Node.js
+# For more information, see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-nodejs
 
 name: Node.js CI
 
@@ -11,7 +11,6 @@ on:
 
 jobs:
   build:
-
     runs-on: ubuntu-latest
 
     strategy:
@@ -20,15 +19,36 @@ jobs:
         # See supported Node.js release schedule at https://nodejs.org/en/about/releases/
 
     steps:
-    - uses: actions/checkout@v4
-    - name: Use Node.js ${{ matrix.node-version }}
-      uses: actions/setup-node@v4
-      with:
-        node-version: ${{ matrix.node-version }}
-        cache: 'npm'
-    - run: npm ci
-    - run: npm run build --if-present
-    - run: npm test
-      env:
-        PUPPET_PASS: ${{ secrets.PUPPET_PASS }}
-        CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+      # Checkout the code
+      - uses: actions/checkout@v4
+
+      # Set up the Node.js environment
+      - name: Use Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node-version }}
+          cache: 'npm'
+
+      # Install dependencies
+      - name: Install dependencies
+        run: npm ci
+
+      # Build the project (if applicable)
+      - name: Build the project
+        run: npm run build --if-present
+
+      # Run the Default Test
+      - name: Run Default Test
+        env:
+          TEST_TYPE: default
+          PUPPET_PASS: ${{ secrets.PUPPET_PASS }}
+          CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+        run: npm test
+
+      # Run the OpenID Test
+      - name: Run OpenID Test
+        env:
+          TEST_TYPE: openid
+          PUPPET_PASS: ${{ secrets.PUPPET_PASS }}
+          CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+        run: npm test

.gitignore

@@ -128,3 +128,6 @@ dist
 .yarn/install-state.gz
 .pnp.*
 code
+
+# Stores MacOs files 
+.DS_Store

README.md

@@ -1,15 +1,153 @@
-# webchart-oauth-example
+# WebChart OAuth Example
 
 [![Node.js CI](https://github.com/mieweb/webchart-oauth-example/actions/workflows/node.js.yml/badge.svg)](https://github.com/mieweb/webchart-oauth-example/actions/workflows/node.js.yml)
 
 
-Example OAuth2 token
+A Node.js application demonstrating OAuth2 and OpenID Connect authentication flows for WebChart's FHIR interface. This project showcases two implementations:
+1. **Simple OAuth2 Flow** (webchart-example.js)
+2. **OpenID Connect Flow** (webchart-example_openid.mjs)
 
-This starts a webserver on localhost, allows someone to connect, then connects to fhirr4sandbox.webch.art and promoted the Authorization token to a session token.
+Both flows allow users to authenticate with `fhirr4sandbox.webch.art`, retrieve tokens, and store session data securely.
 
-[![Watch the video](https://img.youtube.com/vi/-YaW9Qa5wvc/0.jpg)](https://youtu.be/-YaW9Qa5wvc)
+---
+
+## Features
+
+### Simple OAuth2 Flow
+- Demonstrates basic OAuth2 authorization and token exchange.
+- Uses session management for storing tokens and state.
+- Implements token retrieval using an authorization code grant.
+
+### OpenID Connect Flow
+- Enhances the OAuth2 flow with OpenID Connect for identity management.
+- Discovers provider metadata dynamically from the `.well-known` endpoint.
+- Implements state verification and token exchange with a secure redirect.
+
+### Sequence Diagram 
+```mermaid
+sequenceDiagram
+    actor U as User
+    participant N as Node.js Server
+    participant O as OpenID Provider (.well-known)
+    participant S as Session Storage
+
+    U ->> N: Access /login
+    N ->> O: Request OpenID configuration (.well-known/openid-configuration)
+    O -->> N: Return configuration (auth & token endpoints)
+
+    N ->> S: Store state, configuration in session
+    N ->> U: Redirect to Authorization URL
+
+    U ->> O: Access Authorization URL
+    O ->> U: Prompt User for Authentication
+    U -->> O: User Authenticates
+    O ->> U: Redirect to Node.js Server with Authorization Code
+    U ->> N: Send Authorization Code to /code endpoint
+
+    N ->> S: Verify state from session
+    N ->> O: Exchange Authorization Code for Access Token
+    O -->> N: Return Access Token
+
+    N ->> S: Store tokens in session
+    N ->> U: Respond with Access Token and Success Message
+```
+---
+
+## Getting Started
+
+Follow these steps to set up and run the project locally.
+
+### Prerequisites
+- **Node.js** (v16 or higher)
+- **npm** (v8 or higher)
+- Internet connection for accessing `fhirr4sandbox.webch.art`
+
+### Installation
+1. Clone the repository:
+   ```bash
+   git clone https://github.com/mieweb/webchart-oauth-example.git
+   cd webchart-oauth-example
+   ```
+
+2. Install dependencies:
+   ```bash
+   npm install
+   ```
+
+3. Set up environment variables:
+   Create a `.env` file in the root directory and add:
+   ```env
+   CLIENT_ID='client id'
+   CLIENT_SECRET='client secret'
+   PUPPET_PASS='puppeteer password'
+   ```
+
+---
+
+## Usage
+
+### Running the Application
+Start the server with:
+```bash
+npm start
+```
+
+Access the following endpoints:
+- **Simple OAuth Flow**: `http://localhost:8080/login`
+- **OpenID Connect Flow**: `http://localhost:8080/login`
+
+---
+
+## Testing
+
+### Interactive Test Selection
+Run the following command to choose which test to execute:
+```bash
+npm test
+```
+
+You’ll be prompted to select one of the following:
+1. **Default Test**: Tests the Simple OAuth2 flow.
+2. **OpenID Test**: Test the OpenID Connect flow.
+
+### Puppeteer Integration
+Automated tests are implemented using Puppeteer:
+- `puppeteer-test.js`: Validates the Simple OAuth2 flow.
+- `puppeteer-test_openid.js`: Validates the OpenID Connect flow.
+
+---
+
+## Project Structure
+
+- **`webchart-example.js`**: Implements the Simple OAuth2 flow.
+- **`webchart-example_openid.mjs`**: Implements the OpenID Connect flow.
+- **`puppeteer-test.js`**: Automated test script for the Simple OAuth2 flow.
+- **`puppeteer-test_openid.js`**: Automated test script for the OpenID Connect flow.
+- **`package.json`**: Configures scripts and dependencies for the project.
+
+---
 
 ## Documentation
 
-* https://docs.webchartnow.com/resources/system-specifications/fhir-application-programming-interface-api/oauth-2.0-tutorial/
-* https://docs.enterprisehealth.com/resources/system-specifications/fhir-application-programming-interface-api/oauth-2.0-tutorial/
+For detailed API and OAuth2 protocol documentation, refer to:
+- [WebChart OAuth2 Tutorial](https://docs.webchartnow.com/resources/system-specifications/fhir-application-programming-interface-api/oauth-2.0-tutorial/)
+- [EnterpriseHealth OAuth2 Tutorial](https://docs.enterprisehealth.com/resources/system-specifications/fhir-application-programming-interface-api/oauth-2.0-tutorial/)
+
+Here is the video showing the code flow:
+
+- **OAuth**:
+[![Watch the video](https://img.youtube.com/vi/-YaW9Qa5wvc/0.jpg)](https://youtu.be/-YaW9Qa5wvc)
+
+- **OpenID**:
+[<img src="https://www.webchartnow.com/gfx/png/wc_logo_full.png" alt="OpenID Flow" title="OpenID Flow Diagram" width="480px" height="360px"/>](https://youtu.be/jqhS8GgddO4)
+---
+
+## Contributing
+
+Contributions are welcome! Feel free to submit issues or pull requests for enhancements and bug fixes.
+
+---
+
+## License
+
+This project is licensed under the ISC License. See the `LICENSE` file for details.