Skip to content

Instantly share code, notes, and snippets.

@nzpcmad
Created February 17, 2016 01:12
Show Gist options
  • Save nzpcmad/e1e39694dda719b4dcdf to your computer and use it in GitHub Desktop.
Save nzpcmad/e1e39694dda719b4dcdf to your computer and use it in GitHub Desktop.
Node.js with Express SSL, WS-Fed and ADFS
// http://collectivegarbage.azurewebsites.net/use-thinktecture-identity-server-v2-to-authenticate-your-node-application/
var express = require('express'),
app = express(),
bodyParser = require('body-parser'),
cookieParser = require('cookie-parser'),
session = require('express-session'),
passport = require('passport'),
wsfedsaml2 = require('passport-wsfed-saml2').Strategy;
var fs = require('fs'),
https = require('https');
var options = {
key : fs.readFileSync('server.key'),
cert : fs.readFileSync('server.crt')
};
passport.use('wsfed-saml2', new wsfedsaml2({
realm: 'urn:node:wsfedapp',
identityProviderUrl: 'https://my-adfs.local/adfs/ls',
thumbprint: '5D...D27E'
},
function(profile, done) {
console.log(profile);
return done(null, new User(profile));
}));
passport.serializeUser(function(user, done) {
console.log('In Serializer');
done(null, user);
});
passport.deserializeUser(function(user, done) {
console.log('In DeSerializer');
done(null, user);
});
//Add middlewares
app.use(cookieParser());
//parse application/x-www-form-urlencoded
app.use(bodyParser.urlencoded({
extended: true
}));
app.use(session({
secret: 'keyboard cat',
resave: false,
saveUninitialized: true
}));
app.use(passport.initialize());
app.use(passport.session());
app.get('/', function(req, res) {
res.send('hello world');
});
app.get('/secure', ensureAuthenticated, function(req, res) {
res.send('you have access to secured resources');
});
app.get('/login', passport.authenticate('wsfed-saml2'));
app.post('/login/callback', passport.authenticate('wsfed-saml2'),
function(req, res) {
res.redirect('/secure');
}
);
//app.listen(3000, function() {
// console.log('Server started at port 3000');
//});
https.createServer(options, app).listen(3000, function () {
console.log('Server started at port 3000');
});
function ensureAuthenticated(req, res, next) {
if (req.isAuthenticated()) {
return next();
}
res.redirect('/login');
}
var User = function(user) {
this.id = user['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name'];
this.email = user.email;
};
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment