Announcing OpenID Connect support in Wt

  • Posted by Roel
  • Tuesday, June 20, 2017 @ 13:06

You may have noticed that many companies, like Google and Facebook, allow you to identify yourself on other websites using their services, like the ubiquitous "Log in with Facebook" button. This means you can create web applications where users can easily log in with their Google or Facebook account.

Wt::Auth already included support for Google and Facebook log in, but we at Emweb are proud to announce that Wt::Auth was now extended with support for OpenID Connect. It is a simple identity layer on top of the well known OAuth 2.0 protocol. Now, instead of needing a slightly different implementation for every identity provider, there’s a standardized way of supporting many of them.

To implement OpenID Connect based user authentication in Wt::Auth, all you need to do is configure the Wt::Auth::OidcService class with a few options. This is all there is to it:

class MyOidcService : public Wt::Auth::OidcService
{
public:
  MyOidcService(const Wt::Auth::AuthService& authService)
    : Wt::Auth::OidcService(authService)
  {
    setRedirectEndpoint("/oauth2/callback");
    setClientId("random-client-id");
    setClientSecret("random-client-secret");

    setAuthEndpoint("https://id-provider/oauth2/authorize");
    setTokenEndpoint("https://id-provider/oauth2/token");
    setUserInfoEndpoint("https://id-provider/oidc/userinfo");

    setName("oidc");
    setDescription("Generic ID Provider");
  }
};

We’ve also made it possible to make your own OpenID Connect identity provider. To make that work, you have to create a log in form for the authorization endpoint and use the Wt::Auth::OAuthAuthorizationEndpointProcess to handle the logic. Use Wt::Auth::OAuthTokenEndpoint and Wt::Auth::OidcUserInfoEndpoint to implement the token and user info endpoint respectively.

We’ve implemented a complete working example that demonstrates the client and identity provider. Like all other examples, it is distributed as part of Wt, and you can find it under examples/feature/oidc.

The OpenID Connect support is now available on the master and wt4 branches on GitHub, and will be part of the 3.3.8 and 4.0.0 releases of Wt.

Tags:
2 comments
  • Posted by anonymous
  • 7 years ago
Great! Thank you!
  • Posted by anonymous
  • 7 years ago
FB is a social FBI.

Contact us for more information
or a personalised quotation