Express Middleware for Pivotal Cloud Foundry Single Sign-On

Very much a work in progress, use/extend at your own risk!

The purpose of this module is to wrap the process of interfacing with the Single Sign-On service provided for Pivotal Cloud Foundry into a middleware for express js.

For more information on PCF SSO visit: PCF Single Sign-On Overview

Basic Usage Example:

'use strict';
const Port = process.env.PORT || 8080;
const AUTH_CONDITION = process.env.ENABLE_AUTH || false;

const express = require('express');
const session = require('express-session');
const PcfSSOExpressMw = require('pcf-sso-express-middleware');

const app = express();

// See Note #1
app.use(
  session({
    name: 'server-session',
    secret: 'genericSecret', // See Note #2
    saveUninitialized: true,
    resave: true
  })
);

const auth = new PcfSSOExpressMw(app);
auth.initialize(AUTH_CONDITION);

app.use(/\/(!callback.)*/, (req, res, next) => {
  auth.middleware(req, res, next);
});

app.get('/*', (req, res) => {
  res.send('Hello World!');
});

app.listen(Port, () => {
  console.log(`Express server started on port ${Port}`);
});

Notes:

1. Use an external store once in production, something like Express-Sessions
2. Use a secret provided via environment variables once in procudtion

Module Dependencies:

• Request
• Simple Oauth2

Prerequisites:

• Express JS Application
• Express Session Implemented
• Pivotal Cloud Foundry Platform for Deployment

Testing Tools:

• Mocha
• Chai
• Sinon
• Sinon-Chai