Reputation: 21
Creating anonymmous session using OpenID Connect Auth Server
I'm currently implementing an OpenID Authorization server (using node oidc-provider npm package) in place of a small in-house /login API built with express & passport, and I have some auth-related features which need to be integrated with our new OIDC APIs.
We used to provide 2 kinds of authentication :
- Login/Password auth for our customers
- Anonymous auth for our customers' users : just randomly generated users & sessions upon calling the anonymous auth API
I've succesfully re implemented the Login/password auth using Authorization Code flow, but now I'm wondering how can I re implement this anonymous authentication with my OIDC APIs, so these anonymous users authenticate themselves with the same OIDC APIs, authenticate their request with the same access token which would be passed in the same Authorization header and validated by the same middleware as login/password users.
Is this a need already addressed by OIDC or maybe even oidc-provider package ?
Naively, I'm thinking I could distinguish these anonymous auth from my /auth endpoint & directly redirect them to the redirect_uri with an authorization code ready to use.
However, besides I don't know which /auth query param is meant to make this kind of "auth type selection", I dont think oidc-provider allows me customize the /auth endpoint behaviour, but I do have access to the "interactions.url" config option used by /auth endpoint to get the next redirection url. Maybe I could work from there ? But this doesn't look like the "right place" to me
Upvotes: 1
Views: 208
Answers (0)
Related Questions
- Firebase Authentication via OpenID Connect
- Using Node.js as a simple web server
- How to issue access token for both userinfo endpoint and resource server call with node-oidc-provider
- OpenID Connect Authentication Flow (using KeyCloak) in a Mobile App + REST Backend
- Creating an openid connect identity provider to secure rest APIs