Open id connect support for SAML - oauth

Hi I am working with Open Id Connect and I just want to know how can I implement SAML token using Open Id connect. Is there any way Open Id protocol will also support SAML.

Related

How to use Laravel Passport to secure multiple users and external apps

I want to use my Laravel Passport and Breeze app to authenticate a pure standalone PHP app, a node API, and another database system using OAuth2.
Multiple users will use these apps, and I would like to create an SSO, so they don't have to connect on each or manually enter client id and secret.
I tried the PHP League OAuth Client https://oauth2-client.thephpleague.com/usage/ and the passport.js, and everything works fine with the Laravel Passport app I have to enter the client ID and the secret manually. So I want to find a connecting flow so that users don't have to do so.
Which flow would you suggest to me? Do you have any examples I could learn from?

Even after placing Client ID and Client Secret, why is Firebase sign-in method showing Client ID and Client Secret Required?

I am creating a react.js web app with third party authentication using Github and firebase SDK.
I registered an OAuth app in Github and got the Client ID and Client Secret and placed them inside the firebase sign-in methods fields for Github, but it is still showing Client ID and Client Secret Required and the save button is disabled.
Any reasons why this is happening?
Ok! So i fixed it. I closed all the running extensions on the browser and it worked!!!

How can i add google OAuth2 to authenticate an angular node application which uses wso2 identity manager as authentication provider?

We are currently working on an Angular node application which uses WSO2 Api Manager and Identity Server . The current mode of login is done through emails which gets saved as WSO2 Carbon users . We need to allow users to login using their google or facebook accounts using OAuth2. I have implemented the code for fetching access token,refresh token on login through google on click of a button from my app . But How can i link it to save this user as a user in our application's identity server . I found the below link which helps in the process: https://docs.wso2.com/display/IS570/Logging+in+to+an+Application+Using+Google#50629d9a6ddf4769ae2d8953c5a25645 .
Can anyone suggest me whether this one would help ?
I would like to know how the google account user details will be saved as a user in our identity manager ?
Is it possible ? If possible, what all data will i get from google ?
I assume that you have already done the configurations for the communication between your application and the WSO2 Identity Server according to the description in the question.
From the description, I'm not certain that you have done the configurations to federate the login to Google. Follow the below steps if you already haven't done so.
Generate OAuth client ID from the google developer console.
Configure a federated authenticator in WSO2 IS with google authenticator using the generated client id and secret values.
Add newly created IDP as an option to the first step of your application.
More information can be found in here. From Google, you can get email and default profile attributes of the user. Reference.
Follow the same steps for Facebook login as well. More information available here.
Now the federated login is configured. Now you need to enable JIT provisioning for the configured Identity Providers above to save the user in the Identity Server when the user is logged in with those social login options. More information available in here. You have a few modes to create the user in the Identity Server.

What is discovery url of Okta

I am implementing authentication using openid connect. I have successfully implemented the openid - connect in my website. I am using well known url (https://accounts.google.com/.well-known/openid-configuration) to get the endpoint detail so method should be generic for all the sources (Google, Microsoft etc).
I want to authenticate the user using okta. I did not find discover url of okta so that I can fetch the endpoint details of okta.
Can any one provide me the well known url of okta?
If you've created a developer account, you can use your instance's URL to find it. For example, my instance's URL is dev-158606.oktapreview.com and my well-known OIDC info is at https://dev-158606.oktapreview.com/.well-known/openid-configuration.

Authenticating to Google Cloud Endpoints as iOS app (not user with Google account credentials)

One of my iOS apps contacts one of my services using Google Cloud Endpoints and I would like to restrict access to that service to instances of the app.
I've followed instructions about adding authorization and have created an iOS client ID that is tied to my app's bundle id and app store id. I've now difficulties understanding this part of the instructions:
If your iOS app is making calls to an Endpoint that requires
authentication, you must Add a Sign-in Dialog to your iOS client.
I do not want my users to log in but instead I want my app to present its credentials to the service for authentication without user interaction. I thought since the client ID is (presumably cryptographically) tied to the client ID and bundle ID only the app is (somehow) able to do so and that the client ID would effectively serve like a service account.
Is this type of app (not user) authentication scenario supported by Google Cloud Endpoints (for iOS clients) or do I have to roll my own app authentication by passing some secret in the application-level protocol? Here are some earlier related (unanswered) questions for Android clients.
I have concluded for now that Google Cloud Endpoints allows authentication only based on Google account credentials. What I need is a credential for the entire app (not its users) akin to a service account or an API key.
I have used service accounts for server-to-server communication. It does not seem possible to create service accounts for an app (as opposed to a GAE application).
GTLService has a property APIKey. However, if my client sets it to a public access key (iOS key) that I created for my GAE application in Google Developer Console the server returns error Access Not Configured. Please use Google Developers Console to activate the API for your project but there is no (obvious) way for configuring non-Google APIs such as my service API.
So until further notice I will add an API key to my application-level API requests and check it in each #ApiMethod.

Resources