Mock Relying Party
This guide helps in setting up the mock OIDC-relying party portal. This portal uses the authorization code flow with private key JWT client authentication to fetch the user profile.
OIDC mock relying party portal is built with reactJS. This consists of 2 components:
UI component consists of the login page and a user profile page. The login webpage is built with the "Log in with e-Signet" button. With the click of this button, the user is redirected to the authorization endpoint of the e-Signet UI. The user profile
/userprofilewebpage is crafted to which the e-Signet server redirects after successful authentication with
auth-code. On a load of the user profile webpage,
/fetchUserInfoendpoint of the OIDC server is invoked with a valid auth code.
- ESIGNET_UI_BASE_URL: MOSIP e-Signet UI URL (Example: https://esignet.dev.mosip.net/)
- MOCK_RELYING_PARTY_SERVER_URL: This will be internally resolved to mock relying party server by internal nginx (Example: http://esignet.dev.mosip.net/mock-relying-party-server)
- REDIRECT_URI: Value that needs to be passed into authorize redirect_uri parameter (Example: https://health-services.com/userprofile)
- CLIENT_ID: The relying party client Id, that is registered with MOSIP (Example: health-services)
- ACRS: Value that needs to be passed into authorize acr_values parameter (Example: mosip:esignet:acr:generated-code)
This server only hosts
/fetchUserInfoendpoint will build the
client_assertionand sign with the
PRIVATE_KEYset as an environment variable to invoke
/tokenendpoint of the e-Signet server. On receiving the id-token and access-token from
/tokenendpoint, OIDC-Server invokes
/userinfoendpoint of the e-Signet server to fetch user details.
- ESIGNET_SERVICE_URL: MOSIP e-Signet API URL (Example: http://esignet.esignet/v1/esignet)
- ESIGNET_AUD_URL: Value to be set to "aud" claim of client_assertion for the token endpoint
- CLIENT_PRIVATE_KEY: Base64 encoded value of the private key (JWK) which is used to sign the client_assertion.