From 0e6267bba2fe26876ef7b42c4ec4ced57b1b710e Mon Sep 17 00:00:00 2001 From: Ryan Crichton Date: Thu, 16 Nov 2023 14:44:47 +0200 Subject: [PATCH] Add optional Openid connect provider issuer url to config and update passport.js to use it. --- config/config.md | 2 ++ src/passport.js | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/config/config.md b/config/config.md index 09c124053..4b36647f2 100644 --- a/config/config.md +++ b/config/config.md @@ -84,6 +84,8 @@ The following config option are provided by the OpenHIM. All of these options ha "openid": { // Openid connect provider realm url link "url": "http://localhost:9088/realms/platform-realm", + // (Optional) Openid connect provider issuer url incase this is different from the api url e.g. if you are using a proxy + "issuerUrl": "http://localhost:9088/realms/platform-realm", // Callback URL used by openid connect provider (should be the same callback URL specified in realm) "callbackUrl": "http://localhost:9000", // CLient ID specified in the realm diff --git a/src/passport.js b/src/passport.js index 596c7cc52..42a701254 100644 --- a/src/passport.js +++ b/src/passport.js @@ -52,7 +52,7 @@ passport.loadStrategies = function () { openid: { strategy: passportOpenid.Strategy, options: { - issuer: openidConfig.url, + issuer: openidConfig.issuerUrl || openidConfig.url, authorizationURL: `${openidConfig.url}/protocol/openid-connect/auth`, tokenURL: `${openidConfig.url}/protocol/openid-connect/token`, userInfoURL: `${openidConfig.url}/protocol/openid-connect/userinfo`,