Skip to content
This repository has been archived by the owner on Jan 4, 2023. It is now read-only.

cjfryer/ova-alpha

 
 

Repository files navigation

Mission 674 Alpha

This is a fork of the GOV.UK Prototype Kit site integrated with GOV.UK Sign In

It requires passport.js and node-openid-client, which is the only node.js library certified for the OpenID Financial-Grade API Spec.

It won't do much unless you register your service with GOV.UK Sign In as a Relying Party. You'll also need to generate keys you can transform into a JWK.

I've done this by generating a public/private keypair and certificate in the normal way (and not the way the Sign In docs recommend, because their method yields headers not understood by rsa-pem-to-jwk. [This might be a n00b problem, and there could easily be a better way to create a JWK]).

openssl genrsa -out private_rsa.pem 2048
openssl req -new -key private_rsa.pem -out csr
# answer annoying questions ...
openssl x509 -in csr -out cert.pem -req -signkey private_rsa.pem -days 365

You'll have a self-signed x509 certificate (cert.pem) and a corresponding private key (private_rsa.pem). You can add these as environment variables (e.g. in .env). But they will need to be base64 encoded so line breaks, etc, don't give you hassle:

echo RSA_PRIVATE_KEY=$(base64 private_rsa.pem) >> .env
echo CERT=$(base64 cert.pem) >> .env

You can now push your application to Gov PaaS or similar.

Any problems, contact chris.fryer@digital.cabinet-office.gov.uk

About

GOV.UK Prototype

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • HTML 49.2%
  • JavaScript 43.6%
  • SCSS 5.8%
  • Shell 1.4%