-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapp.js
116 lines (96 loc) · 3.18 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
const fs = require('fs');
const express = require("express");
const dotenv = require('dotenv');
const bodyParser = require('body-parser');
const session = require('express-session');
const samlp = require('samlp');
const passport = require('passport');
const { Strategy } = require('passport-local');
const profileMapper = require('./ProfileMapper');
dotenv.config();
passport.serializeUser(function(user, cb) {
cb(null, user);
});
passport.deserializeUser(function(user, cb) {
cb(null, user);
});
userDB = {
email: 'testuser@orgdomain.com',
given_name: 'Leo',
family_name: 'Messi',
password: 'password'
}
passport.use(new Strategy({
usernameField: 'email',
passwordField: 'password',
session: false
},
function(email, password, done) {
if (!email || !password) { return done(null, false, 'please provide email and password'); }
if ( email === userDB.email && password === userDB.password) {
return done(null, userDB);
}
})
);
const app = express();
// Configure view engine to render EJS templates.
app.set('views', __dirname + '/views');
app.set('view engine', 'ejs');
app.use(bodyParser.urlencoded({
extended: true
}));
app.use(bodyParser.json());
app.use(session({
secret: process.env.SESSION_SECRET,
resave: true,
saveUninitialized: true
}));
app.use(passport.initialize());
app.use(passport.session());
function ensureAuthenticated(req, res, next) {
if (req.isAuthenticated())
return next();
else
return res.redirect('/login');
}
app.post('/login',
passport.authenticate('local', { failureRedirect: '/login/fail' }),
function (req, res) {
res.redirect('/samlp');
}
);
app.get('/', ensureAuthenticated, function (req, res) {
res.status(200).send(`User authenticated ${JSON.stringify(req.user)}`);
})
app.get('/user', ensureAuthenticated, function (req, res) {
res.status(200).send(`User authenticate ${JSON.stringify(req.user)}`)
})
app.get('/login', function (req, res) {
res.render('login');
})
app.get('/samlp', ensureAuthenticated, samlp.auth({
issuer: process.env.IDP_ENTITY_ID,
cert: fs.readFileSync(__dirname + '/certs/signing_cert.pem', 'utf8'),
key: fs.readFileSync(__dirname + '/certs/signing_key.pem', 'utf8'),
signResponse: true,
authnContextClassRef: 'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport',
signatureNamespacePrefix: 'ds',
profileMapper: profileMapper,
nameIdentifierFormat: 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
destination: process.env.DESTINATION,
audience: process.env.AUDIENCE,
recipient: process.env.RECIPIENT,
getUserFromRequest: function(req) {
return req.user;
},
getPostURL: function (wtrealm, wreply, req, callback) {
return callback( null, process.env.DESTINATION)
}
}));
app.get('/samlp/FederationMetadata/2007-06/FederationMetadata.xml', samlp.metadata({
issuer: process.env.IDP_ENTITY_ID,
cert: fs.readFileSync(__dirname + '/certs/signing_cert.pem', 'utf8')
}));
const server = app.listen(3000, function () {
console.log('Listening on port %d', server.address().port)
});