/images/resources/getting-started/test-using-oauth-assistant.png

Test using OAuth Assistant

On this page

The OAuth Assistant is a JavaScript library provided by Curity to help you integrate with OAuth and OpenID Connect. This tutorial uses a test app that is open source and available in the repository called oauth-assistant-example on GitHub. If you want to have a deeper look into the library, please check out the OAuth Assistant tutorial.

Configuring the Curity Identity ServerAnchor link

The OAuth Assistant uses the OpenID Connect metadata to automatically set up endpoints, keys etc. In order for the metadata to be correctly generated, the Base URL needs to be set. This is the external URL that the runtime responds to. Navigate to System in the Admin UI. This tutorial assumes that the Curity Identity Server runs locally, thus enter https://localhost:8443.

Get Started With OAuth AssistantAnchor link

Install the example application and its dependencies using the following steps:

bash
123
git clone git@github.com:curityio/oauth-assistant-example.git
cd oauth-assistant-example
npm install

Update the configuration to match the setup of the Curity Identity Server. Open index.js in a text editor and scroll down to the defaultAuthorizeSettings to update two attributes. First, change the client_id to the pre-configured client — www. After that, update the issuer, uncomment the line with issuer : "https://localhost:8443/oauth/v2/oauth-anonymous". This matches the setup of this tutorial, since it uses the default endpoints and the server is running on localhost. Make sure to comment out/remove any other issuer.

Find the issuer URL

The issuer URL can be found in the Admin UI by navigating to ** OAuth & OpenID Connect ** → General.

After the edits, the defaultAuthorizeSettings should look something like this:

javascript
12345678910111213141516171819202122232425262728
const defaultAuthorizeSettings = {
base_url : "https://localhost:8443",
client_id : "www",
issuer : "https://localhost:8443/oauth/v2/oauth-anonymous",
redirect_uri : window.origin + "/assisted.html",
for_origin : window.origin,
flow_type : "code",
iframe : {
targetElement: 'body',
width : null, // take default value
height : null, // take default value
backdrop : {
visible : true, // default is true
style : null, // take default value
backdropClass: "backdrop-class"
}
},
allowed_origins: ["https://localhost:8443", "http://localhost:8080"], // default is [window.origin]
check_session_iframe : null,
session_polling_interval: 5, // polling interval in seconds, default is 5
allowed_jwt_algorithms : ['RS256'],
jwt_sig_public_key : { // allowed formats are jwk | jwks_uri | pem | issuer | metadata_url | raw
format: 'issuer', // in case of issuer, the issuer value will be taken from jwt payload
value : null
},
debug : false,
//check_session_iframe_events: checkSessionIframeEvents
};

Run OAuth AssistantAnchor link

Save the file, and start the example app by running:

bash
1
npm start

This should start a browser and navigate to http://localhost:8080.

Once here you can try out various parts of your configuration. The first step would be to authenticate. To do that click on Login with Redirect. If an account is available, use it to log in. If this is the first time running, chances are that no account exists. In this case, create a new account.

The username/password authenticator can handle registration.

Authentication - Create Account

Click the Create account link. Fill out the information for the new account. Username, email and password are mandatory fields. Submit the form and finish account creation by clicking the Create account button under the form.

After successful account creation you have the option to Return to login.

Self-signed certificate

If nothing happens when you click on the Login with Redirect it might be that your browser doesn't allow the example app to download the configuration in the background until you have allowed the self-signed certificate. You can do that by opening a new tab, navigating to the issuer URL and then reloading the app.

When you are authenticated you can see your access and ID token. You can test SSO by just trying to log in again. To try out other flows and features you might have to adapt the configuration in the Curity Identity Server before being able to experiment with the example app.

Next StepsAnchor link

This concludes the basic "Getting started" track. Head over to the summary article that also covers further suggested reading on additional advanced configuration and integration options.

Join our NewsletterAnchor link

Get the latest on identity management, API Security and authentication straight to your inbox.

Start Free TrialAnchor link

Try the Curity Identity Server for Free. Get up and running in 10 minutes.

Start Free Trial