This repository has been archived by the owner on Oct 12, 2023. It is now read-only.
/
index.js
60 lines (48 loc) · 1.91 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
const express = require("express");
const morgan = require("morgan");
const passport = require("passport");
const config = require('./config');
const BearerStrategy = require('passport-azure-ad').BearerStrategy;
const options = {
identityMetadata: `https://${config.metadata.authority}/${config.credentials.tenantID}/${config.metadata.version}/${config.metadata.discovery}`,
issuer: `https://${config.metadata.authority}/${config.credentials.tenantID}/${config.metadata.version}`,
clientID: config.credentials.clientID,
audience: config.credentials.audience,
validateIssuer: config.settings.validateIssuer,
passReqToCallback: config.settings.passReqToCallback,
loggingLevel: config.settings.loggingLevel,
scope: config.resource.scope
};
const bearerStrategy = new BearerStrategy(options, (token, done) => {
// Send user info using the second argument
done(null, {}, token);
}
);
const app = express();
app.use(morgan('dev'));
app.use(passport.initialize());
passport.use(bearerStrategy);
// enable CORS (for testing only -remove in production/deployment)
app.use((req, res, next) => {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Authorization, Origin, X-Requested-With, Content-Type, Accept");
next();
});
// API endpoint exposed
app.get("/api",
passport.authenticate('oauth-bearer', {session: false}),
(req, res) => {
console.log('Validated claims: ', req.authInfo);
// Service relies on the name claim.
res.status(200).json({
'name': req.authInfo['name'],
'issued-by': req.authInfo['iss'],
'issued-for': req.authInfo['aud'],
'scope': req.authInfo['scp']
});
}
);
const port = process.env.PORT || 5000;
app.listen(port, () => {
console.log("Listening on port " + port);
});