apowers313 · June 27, 2018 05:59
diff --git a/client.js b/client.js
 "use strict";

 const { Issuer, Strategy } = require("openid-client");
 const passport = require("passport");
 const express = require("express");
 const session = require("express-session");
 const app = express();

 // passport setup
 passport.serializeUser(function(user, done) {
    done(null, user);
 });
 passport.deserializeUser(function(user, done) {
    done(null, user);
 });

 // setup basic web stuff
 app.use(session({
    secret: "keyboard cat",
    resave: false,
    saveUninitialized: true,
    // cookie: { secure: true }
 }));
 app.use(passport.initialize());
 app.use(passport.session());
 app.get("/profile", function(req, res) {
    res.send("You have arrived.");
 });
 app.get("/fail", function(req, res) {
    res.send("Well, that sure didn't work.");
 });
 app.listen(4040);

 // do OIDC stuff
 (async () => {
    const iss = await Issuer.discover("http://localhost:3000");
    console.log("Discovered issuer", iss);
    const client = new iss.Client({
        client_id: "foo", // eslint-disable-line camelcase
        client_secret: "bar", // eslint-disable-line camelcase
        redirect_uris: ["http://localhost:4040/auth/cb"], // eslint-disable-line camelcase
    }/*, [keystore]*/);

    console.log("client", client);
    passport.use("oidc", new Strategy({
        client: client,
        // params: [params],
        // passReqToCallback: [passReqToCallback],
        // usePKCE: [usePKCE]
    }, (tokenset, userinfo, done) => {
        console.log("tokenset", tokenset);
        console.log("access_token", tokenset.access_token);
        console.log("id_token", tokenset.id_token);
        console.log("claims", tokenset.claims);
        console.log("userinfo", userinfo);

        // User.findOne({ id: tokenset.claims.sub }, function (err, user) {
        //     if (err) return done(err);
        //     return done(null, user);
        // });
        return done(null, { name: "bob" });
    }));

    // start authentication request
    // options [optional], extra authentication parameters
    var options = {
        // acr_values: "phrh phr"
        claims: {
            id_token: { // eslint-disable-line camelcase
                acr: {
                    essential: true,
                    values: [
                        "phrh",
                        "phr"
                    ]
                }
            }
        }
    };
    app.get("/auth", passport.authenticate("oidc", options));

    // authentication callback
    app.get("/auth/cb", passport.authenticate("oidc", { successRedirect: "/profile",
        failureRedirect: "/fail" }));

 })().catch((err) => {
    console.log("ERROR", err);
    process.exitCode = 1;
 });
diff --git a/package.json b/package.json
 {
  "name": "oidc",
  "version": "1.0.0",
  "description": "",
  "main": "provider.js",
  "scripts": {
    "test": "echo \"Error: no test specified\" && exit 1"
  },
  "author": "",
  "license": "ISC",
  "dependencies": {
    "express": "^4.16.3",
    "express-session": "^1.15.6",
    "oidc-provider": "^4.1.1",
    "openid-client": "^2.1.0",
    "passport": "^0.4.0"
  }
 }
diff --git a/provider.js b/provider.js
 "use strict";

 const Provider = require("oidc-provider");
 const configuration = {
    // ... see available options /docs/configuration.md
    // acrValues: [
    //     "phr",
    //     "phrh"
    // ]
 };
 const clients = [{
    client_id: "foo", // eslint-disable-line camelcase
    client_secret: "bar", // eslint-disable-line camelcase
    redirect_uris: ["http://localhost:4040/auth/cb"], // eslint-disable-line camelcase
    // + other client properties
 }];

 const oidc = new Provider("http://localhost:3000", configuration);

 (async () => {
    await oidc.initialize({ clients });
    // oidc.callback => express/nodejs style application callback (req, res)
    // oidc.app => koa2.x application
    oidc.listen(3000);
    console.log("oidc-provider listening on port 3000, check http://localhost:3000/.well-known/openid-configuration");
 })().catch((err) => {
    console.error(err);
    process.exitCode = 1;
 });
	"use strict";

	const { Issuer, Strategy } = require("openid-client");
	const passport = require("passport");
	const express = require("express");
	const session = require("express-session");
	const app = express();

	// passport setup
	passport.serializeUser(function(user, done) {
	done(null, user);
	});
	passport.deserializeUser(function(user, done) {
	done(null, user);
	});

	// setup basic web stuff
	app.use(session({
	secret: "keyboard cat",
	resave: false,
	saveUninitialized: true,
	// cookie: { secure: true }
	}));
	app.use(passport.initialize());
	app.use(passport.session());
	app.get("/profile", function(req, res) {
	res.send("You have arrived.");
	});
	app.get("/fail", function(req, res) {
	res.send("Well, that sure didn't work.");
	});
	app.listen(4040);

	// do OIDC stuff
	(async () => {
	const iss = await Issuer.discover("http://localhost:3000");
	console.log("Discovered issuer", iss);
	const client = new iss.Client({
	client_id: "foo", // eslint-disable-line camelcase
	client_secret: "bar", // eslint-disable-line camelcase
	redirect_uris: ["http://localhost:4040/auth/cb"], // eslint-disable-line camelcase
	}/, [keystore]/);

	console.log("client", client);
	passport.use("oidc", new Strategy({
	client: client,
	// params: [params],
	// passReqToCallback: [passReqToCallback],
	// usePKCE: [usePKCE]
	}, (tokenset, userinfo, done) => {
	console.log("tokenset", tokenset);
	console.log("access_token", tokenset.access_token);
	console.log("id_token", tokenset.id_token);
	console.log("claims", tokenset.claims);
	console.log("userinfo", userinfo);

	// User.findOne({ id: tokenset.claims.sub }, function (err, user) {
	// if (err) return done(err);
	// return done(null, user);
	// });
	return done(null, { name: "bob" });
	}));

	// start authentication request
	// options [optional], extra authentication parameters
	var options = {
	// acr_values: "phrh phr"
	claims: {
	id_token: { // eslint-disable-line camelcase
	acr: {
	essential: true,
	values: [
	"phrh",
	"phr"
	]
	}
	}
	}
	};
	app.get("/auth", passport.authenticate("oidc", options));

	// authentication callback
	app.get("/auth/cb", passport.authenticate("oidc", { successRedirect: "/profile",
	failureRedirect: "/fail" }));

	})().catch((err) => {
	console.log("ERROR", err);
	process.exitCode = 1;
	});
	{
	"name": "oidc",
	"version": "1.0.0",
	"description": "",
	"main": "provider.js",
	"scripts": {
	"test": "echo \"Error: no test specified\" && exit 1"
	},
	"author": "",
	"license": "ISC",
	"dependencies": {
	"express": "^4.16.3",
	"express-session": "^1.15.6",
	"oidc-provider": "^4.1.1",
	"openid-client": "^2.1.0",
	"passport": "^0.4.0"
	}
	}
	"use strict";

	const Provider = require("oidc-provider");
	const configuration = {
	// ... see available options /docs/configuration.md
	// acrValues: [
	// "phr",
	// "phrh"
	// ]
	};
	const clients = [{
	client_id: "foo", // eslint-disable-line camelcase
	client_secret: "bar", // eslint-disable-line camelcase
	redirect_uris: ["http://localhost:4040/auth/cb"], // eslint-disable-line camelcase
	// + other client properties
	}];

	const oidc = new Provider("http://localhost:3000", configuration);

	(async () => {
	await oidc.initialize({ clients });
	// oidc.callback => express/nodejs style application callback (req, res)
	// oidc.app => koa2.x application
	oidc.listen(3000);
	console.log("oidc-provider listening on port 3000, check http://localhost:3000/.well-known/openid-configuration");
	})().catch((err) => {
	console.error(err);
	process.exitCode = 1;
	});