A simple example of implementing SSO on WixAnswers

answers-sso-example.js

var express = require('express');
var app = express();

var crypto = require('crypto'); //npm install crypto --save
var base64url = require('base64url'); //npm install base64url --save

var bodyParser = require('body-parser');

var KEY_ID = 'YOUR-KEY-HERE'; //note it's a uuid
var SECRET = 'SECRET GOES HERE';


function encryptUserData(data, key) {
  var iv = new Buffer('');
  var bytes = new Buffer(key, 'utf-8');
  var hashedKey = crypto.createHash('sha1').update(bytes).digest().slice(0, 16);

  var cipher = crypto.createCipheriv('aes-128-ecb', hashedKey, iv);
  var crypted = cipher.update(data, 'UTF-8', 'hex');
  crypted += cipher.final('hex');
  return base64url(new Buffer(crypted, 'hex'));
}


//this assumes there is a login or some UI that will receive the needed redirect url
app.get('/login-form', function (request, response) {
  var url = require('url');
  var urlParts = url.parse(request.url, true);
  var query = urlParts.query;
  var answersRedirectUrl = query.redirectUrl;

  //of course, in a real system the data will come from your own user system
  var dummyUserData = {
    id: 'your-user-id',
    email: 'user@email.com',
    firstName: 'Bob2',
    lastName: 'Bobson',
    profileImage: 'http://www.images.com/avatar.jpg',
    timestamp: Date.now()
  };

  var token = encryptUserData(JSON.stringify(dummyUserData), SECRET);
  response.redirect(answersRedirectUrl + '&token=' + token + '&key=' + KEY_ID);
});