-
-
Save GabiGrin/0c92ecbb071e02e2d91c8d689517acd7 to your computer and use it in GitHub Desktop.
A simple example of implementing SSO on WixAnswers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var express = require('express'); | |
var app = express(); | |
var crypto = require('crypto'); //npm install crypto --save | |
var base64url = require('base64url'); //npm install base64url --save | |
var bodyParser = require('body-parser'); | |
var KEY_ID = 'YOUR-KEY-HERE'; //note it's a uuid | |
var SECRET = 'SECRET GOES HERE'; | |
function encryptUserData(data, key) { | |
var iv = new Buffer(''); | |
var bytes = new Buffer(key, 'utf-8'); | |
var hashedKey = crypto.createHash('sha1').update(bytes).digest().slice(0, 16); | |
var cipher = crypto.createCipheriv('aes-128-ecb', hashedKey, iv); | |
var crypted = cipher.update(data, 'UTF-8', 'hex'); | |
crypted += cipher.final('hex'); | |
return base64url(new Buffer(crypted, 'hex')); | |
} | |
//this assumes there is a login or some UI that will receive the needed redirect url | |
app.get('/login-form', function (request, response) { | |
var url = require('url'); | |
var urlParts = url.parse(request.url, true); | |
var query = urlParts.query; | |
var answersRedirectUrl = query.redirectUrl; | |
//of course, in a real system the data will come from your own user system | |
var dummyUserData = { | |
id: 'your-user-id', | |
email: 'user@email.com', | |
firstName: 'Bob2', | |
lastName: 'Bobson', | |
profileImage: 'http://www.images.com/avatar.jpg', | |
timestamp: Date.now() | |
}; | |
var token = encryptUserData(JSON.stringify(dummyUserData), SECRET); | |
response.redirect(answersRedirectUrl + '&token=' + token + '&key=' + KEY_ID); | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment