Primary IdP Developer Tips and Tricks
If your a developer for an email or identity providing service, you'll want to build out support to be a BrowserID primary. Here are some tips and tricks:
- Your development server must be on the public internet to test against dev.diresworb.org
- If you run a local instance (see below) of BrowserID, you can also have your primary be local
- BrowserID requires a valid SSL certificate and HTTPS protocol. You can use a self-signed cert for development by pointing to dev.diresworb.org
- Look at JS Console, network traffic, etc in your browser's developer tools for interactions between your primary and BrowserID.org
- Try this on multiple browsers. The architecture of this system doesn't have great debugging support on any one browser, they all tend to surface different things (due to iframe, postMessage, etc)
- Bug 1205: BrowserID will cache your /.well-known/browserid file
- If you have anything wrong, it will cache your domain as "secondary"
- If you have everything right, your public key will be cached. Changing your public key will result in bad signature in cert chain error
- To check to see if BrowserID considers your system a primary, try
Running a local BrowserID.org server
This option is not recommended, unless you are comfortable with Node.js and grepping around the source.
To ease development, you can run the set of Node.js BrowserID services from the mozilla/browserid repository.
Grep through the source, but there is a
SHIMMED_PRIMARIES environment variable, which you can point to your local server.