fix conflict of merge openid

2025-10-05 02:29:26 +02:00 · 2015-09-07 18:39:31 +08:00 · 2015-09-07 18:39:31 +08:00 · e8a2a6637f
commit e8a2a6637f
parent 470e1d6a9d
2 changed files with 101 additions and 0 deletions
--- a/lib/units/auth/openid.js
+++ b/lib/units/auth/openid.js
@ -0,0 +1,99 @@
+var http = require('http')
+
+var urljoin = require('url-join')
+var express = require('express')
+var validator = require('express-validator')
+var cookieSession = require('cookie-session')
+var bodyParser = require('body-parser')
+var serveStatic = require('serve-static')
+var csrf = require('csurf')
+var Promise = require('bluebird')
+
+var logger = require('../../util/logger')
+var requtil = require('../../util/requtil')
+var jwtutil = require('../../util/jwtutil')
+var pathutil = require('../../util/pathutil')
+var urlutil = require('../../util/urlutil')
+var lifecycle = require('../../util/lifecycle')
+
+var openid = require('openid');
+var url = require('url');
+var querystring = require('querystring');
+var extensions = [new openid.SimpleRegistration({   
+                    "email" : true, 
+                    "fullname" : true,
+                  })];
+
+
+
+module.exports = function(options) {
+  var verifyUrl = urljoin(options.appUrl, "/auth/verify");
+  console.log(verifyUrl);
+
+  var relyingParty = new openid.RelyingParty(
+    verifyUrl,
+    null,  // Realm (optional, specifies realm for OpenID authentication)
+    false, // Use stateless verification
+    false, // Strict mode
+    extensions);
+
+
+  var log = logger.createLogger('auth-mock')
+    , app = express()
+    , server = Promise.promisifyAll(http.createServer(app))
+
+  // lifecycle.observe(function() {
+  //   log.info('Waiting for client connections to end')
+  //   return server.closeAsync()
+  //     .catch(function() {
+  //       // Okay
+  //     })
+  // })
+
+  app.set('strict routing', true)
+  app.set('case sensitive routing', true)
+
+  app.get('/', function(req, res) {
+    res.redirect('/auth/openid/')
+  })
+
+  app.get('/auth/openid/', function(req, res) {
+    relyingParty.authenticate(options.identifier, false, function(err, authUrl){
+      if (err){
+        res.send("authentication failed");
+      } else if(!authUrl){
+        res.send("authentication failed");
+      } else {
+        log.info("redirect to authUrl: %s", options.identifier);
+        res.redirect(authUrl);
+      }
+    });
+  })
+
+  app.get('/auth/verify', function(req, res){
+    var log = logger.createLogger('auth-openid')
+    log.setLocalIdentifier(req.ip)
+
+    relyingParty.verifyAssertion(req, function(err, result){
+      log.info("openid verify assertion");
+      if (err || !result.authenticated) {
+        res.send("Auth failed");
+        return
+      }
+      var email = req.query['openid.sreg.email'];
+      var name = req.query['openid.sreg.fullname'];
+      log.info('Authenticated "%s:%s"', name, email)
+      var token = jwtutil.encode({
+        payload: {
+          email: email
+        , name: name
+        }
+        , secret: options.secret
+      })
+      res.redirect(urlutil.addParams(options.appUrl, {jwt: token}));
+    })
+  });
+
+  server.listen(options.port)
+  log.info('Listening on port %d', options.port)
+}
--- a/package.json
+++ b/package.json
@ -62,6 +62,7 @@
    "my-local-ip": "^1.0.0",
    "node-uuid": "^1.4.3",
    "passport": "^0.3.2",
+    "openid": "^0.5.13",
    "passport-oauth2": "^1.1.2",
    "passport-saml": "^0.15.0",
    "protobufjs": "^3.8.2",
@ -84,6 +85,7 @@
    "transliteration": "^0.1.1",
    "utf-8-validate": "^1.2.1",
    "ws": "^1.0.1",
+    "url-join": "0.0.1",
    "zmq": "^2.14.0"
  },
  "devDependencies": {