Versions Compared

Old Version 1

changes.mady.by.user Frode Nilsen

Saved on

compared with

New Version Current

changes.mady.by.user Frode Nilsen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space PDOIDC and version Moscow_OIDC

The JS Connector consists of a set of methods and events along with a set of configuration parameters which are summarized below:

Table of Contents
maxLevel2

Methods

The JS Connector API has the following methods:

...

ParameterDescriptionDefaultRequired
client_idA string specifying the client ID given when registering to the OIDC central serviceSee parameter description in documentation of the Authorize endpoint.
 
Yes
redirect_uri

Absolute URL to the HTTP(S) endpoint receiving the authentication response from OIDCSee parameter description in documentation of the Authorize endpoint.

Read more about how the Connector can help with window/inline management.

 
Yes
oauth_url

Absolute URL to the OIDC Authorize endpoint.

(standarddefault authorize endpoint)
Yes, but default value is shippedscope

A string of resource types (dataset) belonging to the user to request access to.

Each scope / resource type must be separated by spaceNo. The OIDC Connector determines the correct URL value via the output from oidc_url
oidc_urlAbsolute URL to the OIDC Openid-configuration endpoint. 
(default .well-known endpoint)
No. The OIDC Connector embeds the correct URL value
scope

See parameter description in documentation of the Authorize endpoint.

'openid' No
methodSpecify the desired frame method, as explained here
How will the login dialogs be presented to the user?		'redirect' No
response_type

The chosen authentication response type, explained here.

Ex. 'code' or 'token'

'code' response_mode

Set the format used when returning parameters from the Authorization Endpoint via redirect_uri

'query'
 

See parameter description in documentation of the Authorize endpoint.

'code'No
response_mode

See parameter description in documentation of the Authorize endpoint.

'query'
No
promptSee parameter description in documentation of the Authorize endpoint.
''
No
acrCorresponds to theacr_values parameter as described in documentation of the Authorize endpoint.4No
user_profileSet the use of any particularly named Identity Provider along with any pre-configuration for the designated provider. Read more about the login_hint parameterCorresponds to thelogin_hint parameter described in documentation of the Authorize endpoint. 
''
 No
stateIncrease security towards cross-site request forgery by verifying this value in the requests and responsesSee parameter description in documentation of the Authorize endpoint.
'untouched'
 No
nonceProvide a nonce value for securing the integrity of the id_token See parameter description in documentation of the Authorize endpoint.
''
 No
ui_localesProvide the desired locale for the session (nb: Norwegian Bokmål, en: English)
'nb'
 See parameter description in documentation of the Authorize endpoint.
'nb'
No
id_token_hintSee parameter description in documentation of the Authorize endpoint.
''
No
Warning

For increased security in a production environment, it is highly encouraged to use nonce and state parameters when interacting with the OIDC service.

...

ParameterDescriptionDefaultRequired
callback

Function callback that is called when JS Connector receives XDM events as explained here.

Arguments are:

  • err - error messages, if any
  • data - returned object with accessToken, nonce etc.
nullNo
configAn object with key-value pairs of configuration parameters can be given that can override any parameters given in doInit.
{}
No
inlineOnLoadCallbackSpecify a callback function that will attach to the onload event for the injected iframe when using inline method.
null 
No
inlineElementIDA string containing the ID of a DOM element that will have the OIDC login iframe injected into.
null
Required when using inline method

OIDC.doGetUserInfo ( callback(err, user), [accessToken, tokenType, responseType] )    (experimental)

...

Function to handle response from userinfo call.

Arguments are:

  • err - error messages, if any
  • user - user object with data

...

null

...

null

...

'code'

...

The doConnect() method returns a reference to the window object if method=window and the iframe element if method=inline.

Events

The following custom events are relevant for the JS Connector.

Event for loading JS Connector

NameDescription
oidc-connector-loadedTriggered on document.body element when JS Connect is loaded and ready to receive API calls

XDM

...

in redirect_uri communication for window/inline method

When using method window or inline, you can use Cross-domain messaging (postMessage) or XDM in the callback page on redirect_uri.

This way you can trigger the following events types of messages to seamlessly integrate with the JS Connector on the parent page.:

Type
Name
When
Description
Example
oidc-connector-response-dataAuthentication success,
returns an Object with the authentication response data given.
provide an optional data object
windowParent.postMessage( JSON.stringify( { type: 'oidc-connector-response-data', data: {} } ), '*' )
oidc-connector-errorAuthentication error,
returns an Object with
 provide optional error information
windowParent.postMessage( JSON.stringify( { type: 'oidc-connector-error', error: "Some error" } ), '*' );