M
M
Maxim Melnikov2016-11-23 17:59:27
Open ID
Maxim Melnikov, 2016-11-23 17:59:27

Working example of express + passport + openid?

Hello. I am building an application based on microservices. there is IdentityServer (written in C#, IdentityServer4, Openid + OAuth). API services are also on sharp.
And the client application on the node. for identification I use passport-openidconnect (rewritten a little, because there is no possibility to work with implict and nonce is not inserted).
The problem is that after successful authorization, the identityserver redirects to the callback url, where I save the received req._passport.authority data - but they are not saved
How can I solve the problem, maybe there is another tool for working with openid.
app.js

var express = require('express');
var path = require('path');
var favicon = require('serve-favicon');
var logger = require('morgan');
var cookieParser = require('cookie-parser');
var cookieSession = require('cookie-session');
var session = require('express-session');
var bodyParser = require('body-parser');
var passport = require('passport');
var Strategy = require('./passport/index').Strategy;

passport.use(new Strategy({
    clientID: 'mvc',
    clientSecret: 'secret',
    authorizationURL: 'http://localhost:5000/connect/authorize',
    callbackURL: 'http://localhost:3308/callback',
    tokenURL: 'http://localhost:5000/connect/token',
    scope: ['profile', 'api1'],
    response_type: 'token id_token'
},
    function (token, tokenSecret, profile, cb) {
        // In this example, the user's Twitter profile is supplied as the user
        // record.  In a production-quality application, the Twitter profile should
        // be associated with a user record in the application's database, which
        // allows for account linking and authentication with other identity
        // providers.
        return cb(null, profile);
    }));

var routes = require('./routes/index');
var users = require('./routes/users');

var app = express();

// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'jade');

// uncomment after placing your favicon in /public
//app.use(favicon(__dirname + '/public/favicon.ico'));
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(require('stylus').middleware(path.join(__dirname, 'public')));
app.use(express.static(path.join(__dirname, 'public')));
app.use(session({
    secret: 'keyboard cat',
    resave: false,
    saveUninitialized: true,
    cookie: { secure: true }
}));
app.use(passport.initialize());
app.use(passport.session());

app.use('/', routes);
app.use('/users', users);

// catch 404 and forward to error handler
app.use(function (req, res, next) {
    var err = new Error('Not Found');
    err.status = 404;
    next(err);
});

// error handlers

// development error handler
// will print stacktrace
if (app.get('env') === 'development') {
    app.use(function (err, req, res, next) {
        res.status(err.status || 500);
        res.render('error', {
            message: err.message,
            error: err
        });
    });
}

// production error handler
// no stacktraces leaked to user
app.use(function (err, req, res, next) {
    res.status(err.status || 500);
    res.render('error', {
        message: err.message,
        error: {}
    });
});



passport.serializeUser(function (user, done) {
    done(null, user.identifier);
});

passport.deserializeUser(function (identifier, done) {
    // For this demo, we'll just return an object literal since our user
    // objects are this trivial.  In the real world, you'd probably fetch
    // your user object from your database here.
    done(null, {
        identifier: identifier,
        steamId: identifier.match(/\d+$/)[0]
    });
});

module.exports = app;

index.js
var express = require('express');
var router = express.Router();
var passport = require('passport');


/* GET home page. */
router.get('/', function (req, res) {
    res.render('index', { title: 'Express' });
});

router.post('/callback', function (req, res, next) {
    req._passport.authority = req.body;
    res.redirect('/');
});

module.exports = router;

Answer the question

In order to leave comments, you need to log in

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question