yetangitu/OpenSTF
1
0
Fork 0
mirror of https://github.com/openstf/stf synced 2025-10-04 10:19:30 +02:00
Code Issues Releases Wiki Activity

format auth-openid options

Browse source
This commit is contained in:
codeskyblue 2016-01-13 15:40:03 +08:00 committed by Vishal Banthia
parent 4c2da1056d
commit f942c86aaf
2 changed files with 96 additions and 95 deletions
Download patch file Download diff file Expand all files Collapse all files

13
lib/cli.js
View file

@ -587,12 +587,13 @@ program
.option('-a, --app-url <url>' .option('-a, --app-url <url>'
, 'URL to app' , 'URL to app'
, String) , String)
.option('--identifier <identifier>' .option('--openid-identifier-url <openidIdentifierUrl>'
, 'identifier' , 'openidIdentifierUrl'
, String) , String
, process.env.OPENID_IDENTIFIER_URL)
.action(function(options) { .action(function(options) {
if (!options.identifier) { if (!options.openidIdentifierUrl) {
this.missingArgument('--identifier') this.missingArgument('--openid-identifier-url')
} }
if (!options.secret) { if (!options.secret) {
this.missingArgument('--secret') this.missingArgument('--secret')
@ -605,7 +606,7 @@ program
port: options.port, port: options.port,
secret: options.secret, secret: options.secret,
appUrl: options.appUrl, appUrl: options.appUrl,
identifier: options.identifier identifierUrl: options.openidIdentifierUrl
}) })
}) })

178
lib/units/auth/openid.js
View file

@ -1,89 +1,89 @@
var http = require('http') var http = require('http')
var urljoin = require('url-join') var url = require('url');
var express = require('express') var querystring = require('querystring');
var validator = require('express-validator')
var cookieSession = require('cookie-session') var openid = require('openid');
var bodyParser = require('body-parser') var express = require('express')
var serveStatic = require('serve-static') var urljoin = require('url-join')
var csrf = require('csurf') var validator = require('express-validator')
var Promise = require('bluebird') var cookieSession = require('cookie-session')
var bodyParser = require('body-parser')
var logger = require('../../util/logger') var serveStatic = require('serve-static')
var requtil = require('../../util/requtil') var csrf = require('csurf')
var jwtutil = require('../../util/jwtutil') var Promise = require('bluebird')
var pathutil = require('../../util/pathutil')
var urlutil = require('../../util/urlutil') var logger = require('../../util/logger')
var lifecycle = require('../../util/lifecycle') var requtil = require('../../util/requtil')
var jwtutil = require('../../util/jwtutil')
var openid = require('openid'); var pathutil = require('../../util/pathutil')
var url = require('url'); var urlutil = require('../../util/urlutil')
var querystring = require('querystring'); var lifecycle = require('../../util/lifecycle')
var extensions = [new openid.SimpleRegistration({
"email" : true, var extensions = [new openid.SimpleRegistration({
"fullname" : true, "email" : true,
})]; "fullname" : true,
})];
module.exports = function(options) { module.exports = function(options) {
var verifyUrl = urljoin(options.appUrl, "/auth/verify"); var verifyUrl = urljoin(options.appUrl, "/auth/verify");
var relyingParty = new openid.RelyingParty( var relyingParty = new openid.RelyingParty(
verifyUrl, verifyUrl,
null, // Realm (optional, specifies realm for OpenID authentication) null, // Realm (optional, specifies realm for OpenID authentication)
false, // Use stateless verification false, // Use stateless verification
false, // Strict mode false, // Strict mode
extensions); extensions);
var log = logger.createLogger('auth-mock') var log = logger.createLogger('auth-openid'),
, app = express() app = express(),
, server = Promise.promisifyAll(http.createServer(app)) server = Promise.promisifyAll(http.createServer(app))
app.set('strict routing', true) app.set('strict routing', true)
app.set('case sensitive routing', true) app.set('case sensitive routing', true)
app.get('/', function(req, res) { app.get('/', function(req, res) {
res.redirect('/auth/openid/') res.redirect('/auth/openid/')
}) })
app.get('/auth/openid/', function(req, res) { app.get('/auth/openid/', function(req, res) {
relyingParty.authenticate(options.identifier, false, function(err, authUrl){ log.info('openid identifier url: %s', options.identifierUrl)
if (err){ relyingParty.authenticate(options.identifierUrl, false, function(err, authUrl){
res.send("authentication failed"); if (err){
} else if(!authUrl){ res.send("auth failed");
res.send("authentication failed"); } else if(!authUrl){
} else { res.send("auth failed");
log.info("redirect to authUrl: %s", options.identifier); } else {
res.redirect(authUrl); log.info("redirect to authUrl: %s", options.identifierUrl);
} res.redirect(authUrl);
}); }
}) });
})
app.get('/auth/verify', function(req, res){
var log = logger.createLogger('auth-openid') app.get('/auth/verify', function(req, res){
log.setLocalIdentifier(req.ip) log.setLocalIdentifier(req.ip)
relyingParty.verifyAssertion(req, function(err, result){ relyingParty.verifyAssertion(req, function(err, result){
log.info("openid verify assertion"); log.info("openid verify assertion");
if (err || !result.authenticated) { if (err || !result.authenticated) {
res.send("Auth failed"); res.send("Auth failed");
return return
} }
var email = req.query['openid.sreg.email']; var email = req.query['openid.sreg.email'];
var name = req.query['openid.sreg.fullname']; var name = req.query['openid.sreg.fullname'];
log.info('Authenticated "%s:%s"', name, email) log.info('Authenticated "%s:%s"', name, email)
var token = jwtutil.encode({ var token = jwtutil.encode({
payload: { payload: {
email: email email: email,
, name: name name: name
} },
, secret: options.secret secret: options.secret
}) })
res.redirect(urlutil.addParams(options.appUrl, {jwt: token})); res.redirect(urlutil.addParams(options.appUrl, {jwt: token}));
}) })
}); });
server.listen(options.port) server.listen(options.port)
log.info('Listening on port %d', options.port) log.info('Listening on port %d', options.port)
} }