This is a Ruby project written using Sinatra DSL aimed to mock a OIDC Identity Provider / Authorization Server.
In order to install dependencies it is recomended to use bundler
gem install bundler
then in the root dir of the repository:
bundle install
ruby ./idp.rb
Server runs on localhost port 4567 and exposes the following endpoints
http "localhost:4567/az?redirect_uri=https://google.com&state=dAS2sKipyDlp7lfdGbO8ydy9nyTEmZmhS108fKC3k5gwcDpH1Ka6cT9q233bYA3o"
HTTP/1.1 302 Found
Content-Length: 0
Content-Type: text/html;charset=utf-8
Location: https://google.com?code=e5c636c8-9fb8-4456-9f11-27974c81fb53&state=dAS2sKipyDlp7lfdGbO8ydy9nyTEmZmhS108fKC3k5gwcDpH1Ka6cT9q233bYA3o
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
- HTTP Method: GET
- Path: /az
- Query Params:
- redirect_uri - url to be sent back with authz_code
- state (optional) - state to be sent back on redirect_uri
- Response:
- HTTP code - 302
- HTTP Header Location - the redirect_uri with a randomly generated authz_code
- code - sent back as a query string parameter in the given redirect_uri
- state (optional) sent back as a query string parameter in the given redirect_uri if present in the initial request
http POST "localhost:4567/token"
HTTP/1.1 200 OK
Content-Length: 1283
Content-Type: application/json
X-Content-Type-Options: nosniff
Response body is statically read from idp-response.json:
{
"access_token": "1F2XXGuJ0e8Jd7aEk4dL98116x9hNt9j3pcw3cA34foUu3h64230Rc8C3oa5TTN4y4ir3352S93C61nT5Ms7I9yRfkYrDZ3641te63Qa1Wu6908yK1zSUtA4MkiTOXR6",
"expires_in": "1800",
"id_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJodHRwOi8vdGVyemFwYXJ0ZS5wb3N0ZS5pdDo4MDgzIiwibmJmIjoxNTQ1OTI0MzEwLCJhY3IiOiIzIiwic2NvcGUiOiIyIiwiaXNzIjoiaHR0cHM6Ly9wb3N0ZXBheS5pdCIsImF0X2hhc2giOiI3cjJsWm85NVQ0WFROS2JlQ25jTlFwaVVCdnN6Q0lRN3RBeEtreG1uclg4IiwiY2xhaW1zIjp7ImFkZHJlc3MiOiJWSUFMRSBFVVJPUEEgMTc1IDAwMTQ0IFJPTUEgUk0iLCJnZW5kZXIiOiJNIiwibW9iaWxlUGhvbmUiOiIrMzkzNzcxMTExMTExIiwiaWRDYXJkIjoiY2FydGFJZGVudGl0YSBBQjEyMzQ1NjcgY29tdW5lUm9tYSAyMDE4LTA0LTE3IDIwMjgtMDQtMTIiLCJmYW1pbHlOYW1lIjoiVmFsZW50ZSIsIm5hbWUiOiJGcmFuY2VzY28iLCJkYXRlT2ZCaXJ0aCI6IjE5ODAtMDEtMDEiLCJjb3VudHlPZkJpcnRoIjoiUk0iLCJmaXNjYWxOdW1iZXIiOiJUSU5JVC1WTE5GTlM4MEEwMUg1MDFVIiwiZW1haWwiOiJjbGF1ZGlvLnF1YXJlc2ltYUBwb3N0ZWNvbS5pdCJ9LCJuYW1laWQiOiJTUElELTY4MzMwM2EwLWUyMTItNDVlZS05MDJmLWE1ZjZiZTE2MjE2ZCIsImV4cCI6MTU0NTkyNDYxMCwiaWF0IjoxNTQ1OTI0MzEwLCJqdGkiOiI2YWNlZDhlZi05MWI2LTQwYmItOGM1Ni03MjJjOWM0NWQ5MjUiLCJpZCI6Il9mYmM3Y2U2OC1kODVlLTRiNWUtOWFjYi03MWE0YzUwMTM5NTYiLCJzaWQiOiJ2NnREeEdYWXREVnF1ek9jeDVIY1ZvVTRDS1p4OHdSeGNMOCtGVkFKSHFHUmxnVG0zbnNuSUVJamg1ZC9iTHBYIn0.BBrXQ-YEF1Pwqmo1lihEEzlnrSV4gO4taz_SGiVgRzI",
"token_type": "Bearer"
}
- HTTP Method: POST
- Path: /token
- Response:
- Content-Type: application/json
- Response Body: the statically parsed idp-response.json
http POST "localhost:4567/user_info"
Content-Length: 109
Content-Type: text/html;charset=utf-8
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Response body is statically read from user-info.json:
{
"email": "testemail@test.com",
"iat": 1516239022,
"name": "John Doe",
"sub": "1234567890"
}
- HTTP Method: POST
- Path: /user_info
- Response:
- Content-Type: application/json
- Response Body: the statically parsed user-info.json