Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
The application
can be download at https://github.com/oracle/idm-samples. From the master, select
“idcs-authn-api-signin-app”.
Step 2 – Since IDCS is the IDP, the users are routed to IDCS for authentication. As
the custom login page is setup as the authentication page(http://localhost:3000 for
example), the user is redirected to http://localhost:3000/index.html
Step 3 – The code that traps this request should be able to look for
the loginCtx and Signature in the header and should be able to decrypt it. Once the
body has been decrypted, it needs to be redirected to the page/code that will handle
the authentication request
Once the body is decrypted and the control routed to the page signin.html, for the
custom authentication piece to work successfully, the sign in application needs to
know the initial state of IDCS. This initial state is the decrypted body(loginContext)
from the request in above code.
In our case, the initial state would be a successful oauth token generation from the
client id and secret. The application will look for an attribute “requeststate” from the
json object and verify whether the attribute status is “success”
{
this.app.logMsg('[IdcsAuthnSDK] Initializing authentication with
existing initial state from IDCS.');
var initialData = JSON.parse( this.app.getInitialState() );
this.app.logMsg('[IdcsAuthnSDK] InitialData:
' + this.app.getInitialState());
Step 4: If the status is “success” then the next step is to formulate the payload for
the /sso/v1/sdk/authenticate API. This API requires a bearer token obtained from the
steps above, the username and password entered in the login form provided at
signin.html. Once the user enters the username and password, the application
captures the input.
Step 5: As per the regulations used for XMLHttpRequest object, the first step is to
get the options allowed for /sso/v1/sdk/authenticate API. Once it receives the
options, it selects the option with “Username” and “Password” and attaches a bearer
token to the API request
// xhr.setRequestHeader("Cookie","Testing=Testing");
console.log('This is where the authentication request is sent
idcsAuthnSDK.js');
//xhr.withCredentials=true;
xhr.send(data);
}
catch(e) { //this should never happen
self.app.logMsg(e);
self.app.setLoginErrorMessage(self.sdkErrors.error9999);
}
Payload data looks like below:
Step 6: If the authentication is successful, the API returns the control back to the
application with a 200 OK status and a response header as Authentication Token. At
this point the user is authenticated successfully. Now, the next step is to create an
IDCS session for the user who was able to authenticate successfully using the
Authentication Token received.
xhr.addEventListener("readystatechange", function () {
if (this.readyState === 4) {
console.log("The response received is " + this.responseText);
self.app.logMsg ('Authenticate response:
' + self.app.mask(this.responseText));
const jsonResponse = JSON.parse(this.responseText);
this.createSession = function(payload) {
This is done by a dynamic form submission for the API "/sso/v1/sdk/session”. The
response is a 302 redirect to the Redirect URL of the Application after which the user
is presented with the application’s redirect url setup in the configuration.