-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.js
113 lines (93 loc) · 2.93 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
var createError = require("http-errors");
var express = require("express");
var path = require("path");
var cookieParser = require("cookie-parser");
var logger = require("morgan");
var session = require("express-session");
var passport = require("passport");
//var { Strategy } = require("passport-openidconnect");
var { Strategy: OidcStrategy, Issuer, Client } = require("openid-client");
var indexRouter = require("./routes/index");
var usersRouter = require("./routes/users");
var app = express();
// view engine setup
app.set("views", path.join(__dirname, "views"));
app.set("view engine", "ejs");
app.use(logger("dev"));
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, "public")));
app.use(
session({
secret: "MyVoiceIsMyPassportVerifyMe",
resave: false,
saveUninitialized: true,
})
);
app.use(passport.initialize());
app.use(passport.session());
// set up passport
Issuer.discover("{SSI-to-OIDC BRIDGE BASE URL}").then((bridgeIssuer) => {
const client = new bridgeIssuer.Client({
client_id: "{client_id}",
client_secret: "{CLIENT SECRET STRING}",
redirect_uris: ["http://localhost:3000/authorization-code/callback"],
token_endpoint_auth_method: "client_secret_post",
});
passport.use(
"oidc",
new OidcStrategy({ client }, (tokenSet, userinfo, done) => {
// Save user profile or perform other operations
console.log("LOGIN SUCCESS");
console.log(tokenSet);
console.log(userinfo);
return done(null, { displayName: userinfo.sub });
})
);
passport.serializeUser((user, next) => {
next(null, user);
});
passport.deserializeUser((obj, next) => {
next(null, obj);
});
function ensureLoggedIn(req, res, next) {
if (req.isAuthenticated()) {
return next();
}
res.redirect("/login");
}
app.use("/", indexRouter);
app.use("/users", usersRouter);
app.use("/login", passport.authenticate("oidc"));
// not using the passport redirect options and instead adding another handler seems to cause errors
app.use(
"/authorization-code/callback",
passport.authenticate("oidc", {
failureRedirect: "/error",
successRedirect: "/profile",
})
);
app.use("/profile", ensureLoggedIn, (req, res) => {
res.render("profile", { title: "Express", user: req.user });
});
app.get("/logout", (req, res) => {
req.logout();
req.session.destroy();
res.redirect("/");
});
// catch 404 and forward to error handler
app.use(function (req, res, next) {
next(createError(404));
});
// error handler
app.use(function (err, req, res, next) {
// set locals, only providing error in development
res.locals.message = err.message;
res.locals.error = req.app.get("env") === "development" ? err : {};
// render the error page
res.status(err.status || 500);
res.render("error");
});
});
module.exports = app;