Last active
September 23, 2019 18:55
-
-
Save trbngr/fb2e6bd2818be93b1d28 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var express = require('express'); | |
var session = require('express-session'); | |
var RedisStore = require('connect-redis')(session); | |
var Strategy = require('./passport-openidconnect/index').Strategy; | |
module.exports.configure = function configure(app, passport) { | |
var identityServer = 'https://users.xxx.com/identity'; | |
var auth = { | |
authorizationURL: identityServer + '/connect/authorize', | |
tokenURL: identityServer + '/connect/token', | |
userInfoURL: identityServer + '/connect/userinfo', | |
clientID: 'spa.eventday', | |
clientSecret: '^secret', | |
callbackURL: '/auth/callback', | |
scope: 'openid email profile offline_access phone manageEvents' | |
}; | |
app.use(session({ | |
secret: 'bleargh', | |
resave: false, | |
saveUninitialized: false, | |
secure: true, | |
store: new RedisStore({ | |
host: '127.0.0.1', | |
port: 6379 | |
}) | |
} | |
)); | |
app.use(passport.initialize()); | |
app.use(passport.session()); | |
passport.use(new Strategy(auth, function (iss, sub, profile, jwtClaims, accessToken, refreshToken, params, verified) { | |
verified(null, Object.assign({}, profile, {token: accessToken})); | |
})); | |
passport.serializeUser(function (user, done) { | |
done(null, {id: user.id, name: user.displayName, token: user.token}); | |
}); | |
passport.deserializeUser(function (user, done) { | |
done(null, user); | |
}); | |
app.get('/auth/login', passport.authenticate('openidconnect', {})); | |
app.get('/auth/callback', passport.authenticate('openidconnect', {}), | |
function (req, res) { | |
if (!req.user) { | |
throw new Error('user null'); | |
} | |
res.redirect("/"); | |
} | |
); | |
app.get('/auth/logout',function(req, res){ | |
var token = req.user.token; | |
req.logout(); | |
var uri = identityServer + '/connect/endsession?id_token=token&post_logout_redirect_uri=https://www.xxx.com'; | |
res.redirect(uri); | |
}); | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var express = require('express'); | |
var passport = require('passport'); | |
var bodyParser = require('body-parser'); | |
var auth = require('./auth.config'); | |
var app = express(); | |
app.use(bodyParser.json()); | |
app.use(bodyParser.urlencoded({extended: false})); | |
auth.configure(app, passport); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello. U did nice job. Many thanks for that big job. I'm a beginner in dealing with passport, OpenID connect and etc. This snippet helped me alot.
But i have error after page with allowing personal information permissions. I have created question on stackoverflow.
Can u help me figure out where is the problem?