Skip to content
/ omniauth-bankid-norge Public

BankID Norge OpenID connect support for Devise::OmniAuth utilizing Rack middleware

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

skudryk/omniauth-bankid-norge

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
lib
lib
 
 
.gitignore
.gitignore
 
 
Gemfile
Gemfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
Rakefile
Rakefile
 
 
omniauth-bankid-norge.gemspec
omniauth-bankid-norge.gemspec
 
 

Repository files navigation

OmniAuth OpenID Connect Strategy for BankID Norge REST API

based on omniauth-oauth2 base strategy

Example configuration to be used with Devise Omniauth (put this in config/initializers/devise.rb:
assumming that oidc_config_file specified in secrets.yml

  bankid_opts = Rails.application.secrets[:bankid]
  load  Rails.root.join('config', bankid_opts[:oidc_config_file])

  config.omniauth :bank_id, bankid_opts[:client_id], bankid_opts[:client_secret], {
      name: :bank_id,
      client_options: {
        site: OIDC_config[:issuer],
        authorize_url: OIDC_config[:authorization_endpoint],
        token_url: OIDC_config[:token_endpoint],
        redirect_uri: bankid_opts[:callback_url], 
        userinfo_url: OIDC_config[:userinfo_endpoint],
        aml_address_url: "#{OIDC_config[:aml_baseurl]}/person/address/current",
        aml_pep_url: "#{OIDC_config[:aml_baseurl]}/person/sanction_pep",
        aml_report_url:  "#{OIDC_config[:aml_baseurl]}/person/report",
        aml_noauth_pep_url: "#{OIDC_config[:aml_baseurl]}/person/noauthentication/sanction_pep",
        aml_noauth_address_url: "#{OIDC_config[:aml_baseurl]}/person/noauthentication/address"
      }
   }

Example content of OIDC configuration file retrieved with GET request to
https://oidc-current.bankidapis.no/auth/realms/current/.well-known/openid-configuration
(see https://confluence.bankidnorge.no/confluence/pdoidcl/technical-documentation/rest-api/openid-configuration)

OIDC_config = {
  "issuer": "https://oidc-current.bankidapis.no/auth/realms/current",
  "authorization_endpoint": "https://oidc-current.bankidapis.no/auth/realms/current/precheck/auth",
  "token_endpoint": "https://oidc-current.bankidapis.no/auth/realms/current/protocol/openid-connect/token",
  "token_introspection_endpoint": "https://oidc-current.bankidapis.no/auth/realms/current/protocol/openid-connect/token/introspect",
  "userinfo_endpoint": "https://tinfo-current.bankidapis.no/userinfo",
  "end_session_endpoint": "https://oidc-current.bankidapis.no/auth/realms/current/protocol/openid-connect/logout",
  "jwks_uri": "https://oidc-current.bankidapis.no/auth/realms/current/protocol/openid-connect/certs",
  "check_session_iframe": "https://oidc-current.bankidapis.no/auth/realms/current/protocol/openid-connect/login-status-iframe.html",
  "grant_types_supported": ["authorization_code","implicit","refresh_token","password","client_credentials"],
  "response_types_supported": ["code","none","id_token","token","id_token token","code id_token","code token","code id_token token"],
  "subject_types_supported": ["public","pairwise"],
  "aml_baseurl": "https://aml-current.bankidapis.no"
}

About

BankID Norge OpenID connect support for Devise::OmniAuth utilizing Rack middleware

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages