-
Notifications
You must be signed in to change notification settings - Fork 5
/
server.js
120 lines (96 loc) · 2.54 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
'use strict';
require('dotenv').config();
var path = require('path');
var fs = require('fs');
var express = require('express');
var session = require('express-session');
var passport = require('passport');
var saml = require('passport-saml').Strategy;
var bodyParser = require('body-parser');
var userProfile;
var app = express();
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');
app.use(express.static(path.join(__dirname, 'public')));
app.use(bodyParser.urlencoded({ extended: true }));
app.use(session({ secret: process.env.SESSION_SECRET }));
app.use(passport.initialize());
app.use(passport.session());
passport.serializeUser((user, done) => {
done(null, user);
});
passport.deserializeUser((user, done) => {
done(null, user);
});
// saml strategy for passport
var strategy = new saml(
{
entryPoint: process.env.SAML_ENTRYPOINT,
issuer: process.env.SAML_ISSUER,
protocol: process.env.SAML_PROTOCOL,
logoutUrl: process.env.SAML_LOGOUTURL
},
(profile, done) => {
userProfile = profile;
done(null, userProfile);
}
);
passport.use(strategy);
var redirectToLogin = (req, res, next) => {
if (!req.isAuthenticated() || userProfile == null) {
return res.redirect('/app/login');
}
next();
};
app.get('/app', redirectToLogin, (req, res) => {
res.render('index', {
title: 'Express Web Application',
heading: 'Logged-In to Express Web Application'
});
});
app.get(
'/app/login',
passport.authenticate('saml', {
successRedirect: '/app',
failureRedirect: '/app/login'
})
);
app.get('/app/logout', (req, res) => {
if (req.user == null) {
return res.redirect('/app/home');
}
return strategy.logout(req, (err, uri) => {
req.logout();
userProfile = null;
return res.redirect(uri);
});
});
app.get('/app/failed', (req, res) => {
res.status(401).send('Login failed');
});
app.post(
'/saml/consume',
passport.authenticate('saml', {
failureRedirect: '/app/failed',
failureFlash: true
}),
(req, res) => {
// saml assertion extraction from saml response
// var samlResponse = res.req.body.SAMLResponse;
// var decoded = base64decode(samlResponse);
// var assertion =
// ('<saml2:Assertion' + decoded.split('<saml2:Assertion')[1]).split(
// '</saml2:Assertion>'
// )[0] + '</saml2:Assertion>';
// var urlEncoded = base64url(assertion);
// success redirection to /app
return res.redirect('/app');
}
);
app.post('/app/home', (req, res) => {
res.render('home', {
title: 'Express Web Application',
heading: 'Express Web Application'
});
});
app.listen(process.env.PORT || 3000);