Created
February 20, 2015 18:01
-
-
Save mithun-daa/199c437e53e78cc7e652 to your computer and use it in GitHub Desktop.
Authenticating a Node application using Thinktecture Identity Server v2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var express = require('express'), | |
app = express(), | |
bodyParser = require('body-parser'), | |
cookieParser = require('cookie-parser'), | |
session = require('express-session'), | |
passport = require('passport'), | |
wsfedsaml2 = require('passport-wsfed-saml2').Strategy; | |
passport.use('wsfed-saml2', new wsfedsaml2({ | |
realm: 'urn:node:app', | |
identityProviderUrl: 'https://YourIdsrvURL/issue/wsfed', | |
thumbprint: 'yourThumbprint' | |
}, | |
function(profile, done) { | |
console.log(profile); | |
return done(null, new User(profile)); | |
})); | |
passport.serializeUser(function(user, done) { | |
console.log('In Serializer'); | |
done(null, user); | |
}); | |
passport.deserializeUser(function(user, done) { | |
console.log('In DeSerializer'); | |
done(null, user); | |
}); | |
//Add middlewares | |
app.use(cookieParser()); | |
//parse application/x-www-form-urlencoded | |
app.use(bodyParser.urlencoded({ | |
extended: true | |
})); | |
app.use(session({ | |
secret: 'keyboard cat', | |
resave: false, | |
saveUninitialized: true | |
})); | |
app.use(passport.initialize()); | |
app.use(passport.session()); | |
app.get('/', function(req, res) { | |
res.send('hello world'); | |
}); | |
app.get('/secure', ensureAuthenticated, function(req, res) { | |
res.send('you have access to secured resources'); | |
}); | |
app.get('/login', passport.authenticate('wsfed-saml2')); | |
app.post('/login/callback', passport.authenticate('wsfed-saml2'), | |
function(req, res) { | |
res.redirect('/secure'); | |
} | |
); | |
app.listen(3000, function() { | |
console.log('Server started at port 3000'); | |
}); | |
function ensureAuthenticated(req, res, next) { | |
if (req.isAuthenticated()) { | |
return next(); | |
} | |
res.redirect('/login'); | |
} | |
var User = function(user) { | |
this.id = user['http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid']; | |
this.email = user.email; | |
}; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment