From f942c86aafc7eb141cb0e1cee3e2b2e8c86ee037 Mon Sep 17 00:00:00 2001 From: codeskyblue Date: Wed, 13 Jan 2016 15:40:03 +0800 Subject: [PATCH] format auth-openid options --- lib/cli.js | 13 +-- lib/units/auth/openid.js | 178 +++++++++++++++++++-------------------- 2 files changed, 96 insertions(+), 95 deletions(-) diff --git a/lib/cli.js b/lib/cli.js index 9d3b3ce4..2f21a273 100644 --- a/lib/cli.js +++ b/lib/cli.js @@ -587,12 +587,13 @@ program .option('-a, --app-url ' , 'URL to app' , String) - .option('--identifier ' - , 'identifier' - , String) + .option('--openid-identifier-url ' + , 'openidIdentifierUrl' + , String + , process.env.OPENID_IDENTIFIER_URL) .action(function(options) { - if (!options.identifier) { - this.missingArgument('--identifier') + if (!options.openidIdentifierUrl) { + this.missingArgument('--openid-identifier-url') } if (!options.secret) { this.missingArgument('--secret') @@ -605,7 +606,7 @@ program port: options.port, secret: options.secret, appUrl: options.appUrl, - identifier: options.identifier + identifierUrl: options.openidIdentifierUrl }) }) diff --git a/lib/units/auth/openid.js b/lib/units/auth/openid.js index eb0ae5be..ee23992f 100644 --- a/lib/units/auth/openid.js +++ b/lib/units/auth/openid.js @@ -1,89 +1,89 @@ -var http = require('http') -var urljoin = require('url-join') -var express = require('express') -var validator = require('express-validator') -var cookieSession = require('cookie-session') -var bodyParser = require('body-parser') -var serveStatic = require('serve-static') -var csrf = require('csurf') -var Promise = require('bluebird') - -var logger = require('../../util/logger') -var requtil = require('../../util/requtil') -var jwtutil = require('../../util/jwtutil') -var pathutil = require('../../util/pathutil') -var urlutil = require('../../util/urlutil') -var lifecycle = require('../../util/lifecycle') - -var openid = require('openid'); -var url = require('url'); -var querystring = require('querystring'); -var extensions = [new openid.SimpleRegistration({ - "email" : true, - "fullname" : true, - })]; - - - -module.exports = function(options) { - var verifyUrl = urljoin(options.appUrl, "/auth/verify"); - - var relyingParty = new openid.RelyingParty( - verifyUrl, - null, // Realm (optional, specifies realm for OpenID authentication) - false, // Use stateless verification - false, // Strict mode - extensions); - - - var log = logger.createLogger('auth-mock') - , app = express() - , server = Promise.promisifyAll(http.createServer(app)) - - app.set('strict routing', true) - app.set('case sensitive routing', true) - - app.get('/', function(req, res) { - res.redirect('/auth/openid/') - }) - - app.get('/auth/openid/', function(req, res) { - relyingParty.authenticate(options.identifier, false, function(err, authUrl){ - if (err){ - res.send("authentication failed"); - } else if(!authUrl){ - res.send("authentication failed"); - } else { - log.info("redirect to authUrl: %s", options.identifier); - res.redirect(authUrl); - } - }); - }) - - app.get('/auth/verify', function(req, res){ - var log = logger.createLogger('auth-openid') - log.setLocalIdentifier(req.ip) - - relyingParty.verifyAssertion(req, function(err, result){ - log.info("openid verify assertion"); - if (err || !result.authenticated) { - res.send("Auth failed"); - return - } - var email = req.query['openid.sreg.email']; - var name = req.query['openid.sreg.fullname']; - log.info('Authenticated "%s:%s"', name, email) - var token = jwtutil.encode({ - payload: { - email: email - , name: name - } - , secret: options.secret - }) - res.redirect(urlutil.addParams(options.appUrl, {jwt: token})); - }) - }); - - server.listen(options.port) - log.info('Listening on port %d', options.port) -} +var http = require('http') +var url = require('url'); +var querystring = require('querystring'); + +var openid = require('openid'); +var express = require('express') +var urljoin = require('url-join') +var validator = require('express-validator') +var cookieSession = require('cookie-session') +var bodyParser = require('body-parser') +var serveStatic = require('serve-static') +var csrf = require('csurf') +var Promise = require('bluebird') + +var logger = require('../../util/logger') +var requtil = require('../../util/requtil') +var jwtutil = require('../../util/jwtutil') +var pathutil = require('../../util/pathutil') +var urlutil = require('../../util/urlutil') +var lifecycle = require('../../util/lifecycle') + +var extensions = [new openid.SimpleRegistration({ + "email" : true, + "fullname" : true, + })]; + + +module.exports = function(options) { + var verifyUrl = urljoin(options.appUrl, "/auth/verify"); + + var relyingParty = new openid.RelyingParty( + verifyUrl, + null, // Realm (optional, specifies realm for OpenID authentication) + false, // Use stateless verification + false, // Strict mode + extensions); + + + var log = logger.createLogger('auth-openid'), + app = express(), + server = Promise.promisifyAll(http.createServer(app)) + + app.set('strict routing', true) + app.set('case sensitive routing', true) + + app.get('/', function(req, res) { + res.redirect('/auth/openid/') + }) + + app.get('/auth/openid/', function(req, res) { + log.info('openid identifier url: %s', options.identifierUrl) + relyingParty.authenticate(options.identifierUrl, false, function(err, authUrl){ + if (err){ + res.send("auth failed"); + } else if(!authUrl){ + res.send("auth failed"); + } else { + log.info("redirect to authUrl: %s", options.identifierUrl); + res.redirect(authUrl); + } + }); + }) + + app.get('/auth/verify', function(req, res){ + log.setLocalIdentifier(req.ip) + + relyingParty.verifyAssertion(req, function(err, result){ + log.info("openid verify assertion"); + if (err || !result.authenticated) { + res.send("Auth failed"); + return + } + var email = req.query['openid.sreg.email']; + var name = req.query['openid.sreg.fullname']; + log.info('Authenticated "%s:%s"', name, email) + var token = jwtutil.encode({ + payload: { + email: email, + name: name + }, + secret: options.secret + }) + res.redirect(urlutil.addParams(options.appUrl, {jwt: token})); + }) + }); + + server.listen(options.port) + log.info('Listening on port %d', options.port) +}