Question: How do I set up proxy settings? about node-openid-client HOT 14 CLOSED

https://github.com/panva/node-openid-client#changing-http-request-defaults

openid-client uses got for http requests

got on proxies > https://github.com/sindresorhus/got#proxies

or setting HTTP_PROXY and HTTPS_PROXY env options might

from node-openid-client.

@panva Did not want to open new issues since it is not really an issue - more of another question. How do I handle logouts? Does the password logout handle this automatically?

from node-openid-client.

How do I handle logouts? Does the password logout handle this automatically?

what's a password logout?

from node-openid-client.

sorry, meant Passport

from node-openid-client.

see #16, logout is "your turf"

from node-openid-client.

👍 Thank you.

from node-openid-client.

You're very welcome.

from node-openid-client.

Quick Q, I am trying to use openid-client in a web farm environment and I get the following error:

name=AssertionError, actual=0, expected=true, operator===, message=no valid key found, generatedMessage=false, 

Seems to be coming from here:

key(def, allowMulti) {
    const lookupCache = instance(this).cache;

    // refresh keystore on every unknown key but also only upto once every minute
    const freshJwksUri = lookupCache.get(def) || lookupCache.get('throttle');

    return this.keystore(!freshJwksUri)
      .then(store => store.all(def))
      .then((keys) => {
        assert(keys.length, 'no valid key found');
        if (!allowMulti) {
          assert.equal(keys.length, 1, 'multiple matching keys, kid must be provided');
          lookupCache.set(def, true);
        }
        return keys[0];
      });
  }

Is there anything special I need to do in a web-farm environment? What key is it looking for?

from node-openid-client.

What key is it looking for?

public keys your OpenID Provider exposes via it's jwks_uri

web farm environment

has nothing to do with this.

I get the following error

check the received id_token's header and see if it can be matched with a single key in the provider's jwks_uri, if you don't know how post the full id_token and the contents of your provider's jwks_uri.

from node-openid-client.

by key, do you mean kid?

from node-openid-client.

i see that my jwks_uri shows 2 different sets of values. that probably explains the problem. Is that key dependent on the cert being used to sign? My kid and n seem to be different depending on which server in the farm is being hit.

from node-openid-client.

that probably explains the problem

no it doesn't

by key, do you mean kid?

no i mean a JWK in the JWKS under jwks_uri endpoint.

My kid and n seem to be different depending on which server in the farm is being hit.

you're asking about a client library, but are explaining your jwks_uri being different on the provider side

please make up your mind.

from node-openid-client.

check the received id_token's header and see if it can be matched with a single key in the provider's jwks_uri, if you don't know how post the full id_token and the contents of your provider's jwks_uri.

from node-openid-client.

Sorry about the confusion. The issue was with the provider not using the same signing cert. All good on the client. Thank you for your prompt responses.

from node-openid-client.