The LoginService is a service provider that is used as a communication interface between the IdP and an application. This communication interface is used in the LSP (Local Service Provider) context to enable token based login to the NPM repository via the identity proxy.
The identity proxy works as a reverse proxy based on the HTTP/HTTPS protocol, depending on the configuration of the application server on which the identity proxy is running. This authentication interface is used in the Local Service Provider (LSP) context to enable token based logon to the NPM repository.
After the LSP logs on to the identity proxy, the identity token passed, issued by the proNEXT IdP for the LSP, is checked. If the check is successful, the request is forwarded to the NPM repository and the requested artifact is returned to the requestor. If an error occurs during the identity token check, the request is rejected with an error message.
The identity token is transmitted to the identity proxy as an authorization bearer header in the HTTP/HTTPS request.
Communication with the NPM repository is also done via HTTP/HTTPS, but authorization basic is used here instead of authorization bearer.
The identity proxy software component consists of a Java EE Enterprise application that provides an HTTP
/HTTPS interface for communication with the LSP. The identity proxy software component itself invokes the HTTP/HTTPS interface of an NPM repository to query software artifacts.
The identity proxy is an authentication interface for an NPM repository (e.g., Artifactory). This authentication interface is used in the Local Service Provider (LSP) context to enable token based logon to the NPM repository. For token based login, the LSP requests a signed identity token from the proNEXT IdP. This identity token is returned by proNEXT IdP only if the authorization at proNEXT IdP was successful. The signed identity token is passed to the identity proxy in the HTTP/HTTPS header during the request. The identity proxy checks the validity of the identity token (signature, expiration time) and then forwards the request to the NPM repository.
The LoginService enables the connection of an application to the IdP infrastructure.