SAML identity provider implementation in node.js? - node.js

Is there is any library for making saml identity provider in node.js.
I am checking saml implementation in node.js they all say service provider code and identity provider as oauth or openlogin url.
Some library i found for service provider are passport-saml , saml2-js.
Can you tell is there is implementation of saml identity provider in node.js?

Related

using Microsoft.Identity.Client without Microsoft as identity provider, is it possible?

Can someone tell me if it's possible with the "Microsoft.Identity.Client" to do OpenIdConnect and get an access token which doesn't come from Microsoft/Azure but from another Identity Provider.
Thanks in advance.
Can someone tell me if it's possible with the "Microsoft.Identity.Client" to do OpenIdConnect and get an access token which doesn't come from Microsoft/Azure but from another Identity Provider
No, it's not possible to get an access token from third party identity provider if you are using Microsoft.Identity.Client with OpenIdConnect.
As per documentation:
With OIDC, this flow does authentication and authorization for most app types. These types include single page apps, web apps, and natively installed apps. The flow enables apps to securely acquire an access_token that can be used to access resources secured by the Microsoft identity platform.
All confidential clients have a choice of using client secrets or certificate credentials. Symmetric shared secrets are generated by the Microsoft identity platform.
You can refer to Microsoft identity platform and OpenID Connect protocol, Validating access tokens and Request an access token with a client_secret

Azure AD B2C Open ID Connectivity Vs OAuth 2.0

On this Microsoft documentation on Azure AD B2C, I read
OpenID Connect is recommended if you're building a web application that's hosted on a server and accessed through a browser. If you want to add identity management to your mobile or desktop applications using Azure AD B2C, you should use OAuth 2.0 rather than OpenID Connect.
What are the roles of OpenID Connect and OAuth 2.0 in Azure AD B2C and what features they separately support?
The question is not quite correct. On the same page you can read
OpenID Connect extends the OAuth 2.0 authorization protocol for use as
an authentication protocol. This authentication protocol allows you to
perform single sign-on. It introduces the concept of an ID token,
which allows the client to verify the identity of the user and obtain
basic profile information about the user.
OpenID Connect (OIDC) is an extension or superset standard/RFC for OAuth 2.0. Both protocols define authentication flows, while OAuth2 is a bit generic, a general framework, that gives a lot of freedom of choice, OIDC specifies important aspects in detail. OIDC adds id_token in JWT format in addition to access token, flows like Hybrid flow, token introspection endpoints etc to OAuth2.
Usually OAuth2 comes together with OIDC. If you want to know difference in detail then there are RFCs for OIDC and OAuth2
So your questions is about protocol difference, you can find a lot of information in addition to RFCs. Here is IMO good article link.
In short:
OAuth2
access token use but not format specified
Authorization Code Grant
Implicit Grant
Resource Owner Password Credential Grant
Client Credential Grant
OIDC
extension of access token by id_token use. id_token in JWT format
token endpoints, self issued token, offline access
Authorization Code Flow (extension to Authorization Code Grant)
Implicit Flow (extension Authorization Code Grant)
Hybrid Flow
B2C is focused on use from client application side from consumer applications. When you will be creating IdP provider Azure B2C support already existing social providers (Facebook, Microsoft etc), which in fact are OIDC with proprietary extensions, or custom OIDC IdP provider. In terms of API and authentication flows, and it is very typical for any IdP provider, it supports both, so you can use HTTP API for OAuth2 or OIDC, and OIDC is recommended.

OAuth Application Identity extension class

I'm new to OAuth and its app identity method. I use app identity to access an API using OAuth. I found a tutorial here.
In the source code, since both web application and API will be using AAD, why does it not have AADAuthenticationExtensions.cs and AADOptions.cs classes?
It is an asp.net sampe which uses ADAL library to obtain the access token. Here is the the client credential flows.
The AzureAdAuthenticationBuilderExtensions.cs and AzureAdOptions.cs apply to ASP.NET Core and you find the sample here.

How to configure Appid Service with IBMid Identity provider

I am searching to configure IBMid Provider using APPID (Bluemix) service, I found there a way by configuring SAML 2.0, but how to get the SAML details.
IBMid do not have SAML interface. Please ping me on Slack/ST.

Service Provider vs Identity Server in OAuth2 and Identity Server

Is there is any service provider in OAuth2 and OpenId Connect? Is Service Provider and Resource server are same or different? Whats the different? I heard Service Provider in SAML.
What is called Service Provider in SAML is called Relying Party in OpenID Connect, which is a comparable concept. OAuth 2.0 is not a federated SSO protocol like SAML is so comparing OAuth 2.0 terminology (i.e. Resource Server) with SAML doesn't work very well.

Resources