-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.js
executable file
·107 lines (94 loc) · 2.89 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
const express = require('express');
const routes = require('./routes/routes');
const passport = require("passport");
const passport_azure_ad = require("passport-azure-ad");
const express_session = require("express-session");
const config = require("./passport/config");
const OIDCStrategy = passport_azure_ad.OIDCStrategy;
const app = express();
const users = [];
app.set('view engine','ejs');
app.use(express.static(__dirname + '/public'));
app.use(routes);
app.use(express.json());
app.use(express.urlencoded({ extended: true }));
app.use(express_session({
resave: true,
saveUninitialized: true,
secret: "this should be longer and stored elsewhere"
}));
app.use(passport.initialize());
app.use(passport.session());
passport.serializeUser(function (user, done) {
done(null, user.oid);
});
passport.deserializeUser(function (oid, done) {
findByOid(oid, function (err, user) {
done(err, user);
});
});
var findByOid = function (oid, fn) {
for (let i=0; i<users.length; i++) {
if (users[i].oid === oid) return fn(null, users[i]);
}
return fn(null, null);
};
passport.use(new OIDCStrategy({
identityMetadata: config.metadataUrl,
clientID: config.appID,
responseType: 'code id_token',
responseMode: 'form_post',
redirectUrl: config.redirectUrl,
allowHttpForRedirectUrl: true,
clientSecret: config.appSecret,
loggingLevel: 'error',
}, function (iss, sub, profile, accessToken, refreshToken, done) {
if (!profile.oid) {
return done(new Error('No oid found'), null);
}
findByOid(profile.oid, function (err, user) {
if (err) {
return done(err);
}
if (!user) {
console.log('CREATING USER ', profile.oid);
users.push(profile);
return done(null, profile);
}
console.log('USER EXISTS, RETREVING USER ', profile.oid);
return done(null, user);
});
}));
function ensureAuthenticated(req, res, next) {
if (req.isAuthenticated()) {
return next();
}
res.redirect('/signin');
}
app.get('/signin', function (req, res, next) {
passport.authenticate('azuread-openidconnect', {
failureRedirect: '/fail',
})(req, res, next);
}, function (req, res) {
res.redirect('/account');
});
app.post('/signin', function (req, res, next) {
passport.authenticate('azuread-openidconnect', {
failureRedirect: '/fail',
})(req, res, next);
}, function (req, res) {
res.redirect('/account');
});
app.get('/account', ensureAuthenticated, (req,res) => {
res.render('account', {user: req.user.displayName});
});
app.get('/user', ensureAuthenticated, function (req, res) {
res.send(req.user);
});
app.get('/logout', function (req, res) {
req.session.destroy(function (err) {
req.logOut();
res.redirect(config.logoutUrl);
});
});
app.listen(3000)