A professional macOS and iOS application for testing OpenID Connect (OIDC) authentication flows and inspecting JWT tokens.
OIDC Tester is a native SwiftUI application designed to help developers and security professionals test OIDC authentication servers, inspect JWT tokens, and debug authentication flows. The app provides a clean, intuitive interface for configuring OIDC parameters and analyzing authentication responses.
- macOS: Primary platform with full feature support
- iOS: Universal app icon support for future iOS deployment
- Complete OIDC Flow Support: Authorization Code flow with PKCE
- Multiple Authentication Methods: Support for various ACR (Authentication Context Class Reference) values
- Real-time Authentication: Uses
ASWebAuthenticationSessionfor secure, Apple-compliant authentication - Custom Parameters: Support for additional query parameters and login hints
- JWT Token Decoding: Automatic parsing and display of JWT headers, payloads, and signatures
- Multiple Token Types: Support for ID tokens, access tokens, and refresh tokens
- Readable Format: Pretty-printed JSON with proper formatting and syntax highlighting
- Token Validation: Basic JWT structure validation and parsing
- Real-time Activity Logs: Detailed logging of all authentication steps
- Error Handling: Clear error messages and debugging information
- Session Tracking: Complete audit trail of authentication attempts
- Export Capabilities: Easy copying of logs and token data
- Modern Design: Clean, card-based interface with gradient backgrounds
- Tab Organization: Organized workflow with Config β Authentication β Tokens β Logs
- Responsive Layout: Adaptive interface that works on various screen sizes
- macOS Integration: Native macOS appearance with proper system integration
- macOS: 10.15 (Catalina) or later
- Architecture: Apple Silicon (M1/M2) and Intel Macs supported
- Xcode: 14.0 or later (for building from source)
- Swift: 5.7 or later
- Download the latest release from the Releases page
- Open the
.dmgfile and drag OIDC Tester to your Applications folder - Launch the app from Applications or Spotlight
# Clone the repository
git clone https://github.com/[username]/oidc-tester.git
cd oidc-tester
# Open in Xcode
open "OIDC Tester.xcodeproj"
# Or build from command line
xcodebuild -project "OIDC Tester.xcodeproj" -scheme "OIDC Tester" buildSet up your OIDC server parameters:
- Issuer URL: Your OIDC provider's base URL
- Client ID: Your application's client identifier
- Client Secret: (Optional) For confidential clients
- Scopes: Space-separated list of requested scopes
- ACR Values: Authentication Context Class Reference
- Login Hint: Pre-fill username/email for testing
- Click "Start Authentication" to begin the OIDC flow
- The app will open Safari for secure authentication
- Complete login in the browser
- Return to the app to see results
- View decoded JWT tokens with full header and payload information
- Copy token values for external testing
- Inspect token expiration and claims
- Analyze token structure and validation
- Monitor real-time authentication progress
- Review detailed error messages
- Track API calls and responses
- Export logs for debugging
Issuer URL: https://your-keycloak.com/auth/realms/your-realm
Client ID: your-client-id
Scopes: openid profile email
Issuer URL: https://login.microsoftonline.com/your-tenant-id/v2.0
Client ID: your-application-id
Scopes: openid profile email
Issuer URL: https://your-domain.auth0.com
Client ID: your-client-id
Scopes: openid profile email
- Sandboxed Application: Runs in macOS App Sandbox for security
- Ephemeral Sessions: Authentication sessions don't persist cookies
- Secure Storage: Configuration stored securely in UserDefaults
- No Data Collection: All processing happens locally on your device
- β Authorization Code Flow
- β PKCE (Proof Key for Code Exchange)
- β State parameter for CSRF protection
- β Custom redirect URI scheme
- β Multiple response types
- β Custom ACR values
- β Login hints and prompts
- β JWT token parsing and validation
The application is built using modern Swift and SwiftUI:
- SwiftUI: Declarative UI framework for clean, maintainable interfaces
- ASWebAuthenticationSession: Apple's secure authentication framework
- Combine: For reactive data binding and state management
- Foundation: Core networking and JSON processing
- Security Framework: For secure credential storage
"Authentication Error: The operation can not be completed. (com.apple.AuthenticationServices.WebAuthenticationSession error 2)"
- This typically indicates a configuration issue with the OIDC provider
- Verify your redirect URI is properly configured as
ImprivataOIDC://callback - Ensure your issuer URL is correct and accessible
"Failed to parse discovery document"
- Check that your issuer URL includes the correct path
- Verify the OIDC provider supports the
.well-known/openid-configurationendpoint - Test the discovery URL directly in a browser
"No authorization code or tokens received"
- Verify your client ID is correct
- Check that the redirect URI matches exactly:
ImprivataOIDC://callback - Review the logs tab for detailed error information
For additional debugging information:
- Open the Logs tab before starting authentication
- Monitor real-time log messages during the flow
- Copy relevant log entries when reporting issues
We welcome contributions! Please see our Contributing Guidelines for details.
- Fork the repository
- Create a feature branch:
git checkout -b feature/amazing-feature - Make your changes and test thoroughly
- Commit your changes:
git commit -m 'Add amazing feature' - Push to the branch:
git push origin feature/amazing-feature - Open a Pull Request
- Follow Swift naming conventions
- Use SwiftUI best practices
- Include documentation for public APIs
- Write unit tests for new functionality
This project is licensed under the MIT License - see the LICENSE file for details.
- π§ Issues: GitHub Issues
- π¬ Discussions: GitHub Discussions
- π Documentation: Wiki
- Built with Swift and SwiftUI
- Uses Apple's ASWebAuthenticationSession for secure authentication
- Icon design inspired by security and authentication themes
- Thanks to the OIDC community for specifications and standards
Made with β€οΈ for the OIDC community
OIDC Tester is an open-source project designed to make OIDC testing easier and more accessible for developers and security professionals.