stackoom
  简体   繁体   中英

How to use Single Sign-On with a node.js app on Bluemix

 原文  2017-02-03 13:07:51       node.js/ single-sign-on/ ibm-cloud

Question

I don't understand where is the problem. I followed some tutorials and the doc of SSO. I always have the same problem : my app does not start. My app and my service are well bounded.

cf push

Here is the error : error

Then when I use the cf logs :

cf logs sso-8

Picture of the response : Error 1/3

Here is my code now :

//package.json
{
"name": "NodejsStarterApp",
"version": "0.0.1",
"description": "Insert description here",
"private": true,
"scripts": {
    "start": "node app.js"
},
"dependencies": {
    "express": "latest",
    "passport": "latest",
    "body-parser": "latest",
    "cookie-parser": "latest",
    "express-session": "latest",
    "cfenv": "1.0.x",
    "passport-idaas-openidconnect": "latest"
},
"repository": {},
"engines": {
    "node": "4.x"
} 
}


//app.js
var express = require('express');
var passport = require('passport');
var cookieParser = require('cookie-parser');
var session = require('express-session');
var OpenIDConnectStrategy = require('passport-idaas-openidconnect').IDaaSOIDCStrategy;
var app = express();

app.use(cookieParser());
app.use(session({ secret: 'keyboard cat', resave: false, saveUninitialized: true }));
app.use(passport.initialize());
app.use(passport.session());

passport.serializeUser(function(user, done) {
   done(null, user);
});

passport.deserializeUser(function(obj, done) {
   done(null, obj);
});

var services = JSON.parse(process.env.VCAP_SERVICES || "{}");
var ssoConfig = services.SingleSignOn[0];
var client_id = ssoConfig.credentials.clientId;
var client_secret = ssoConfig.credentials.secret;
var authorization_url = ssoConfig.credentials.authorizationEndpointUrl;
var token_url = ssoConfig.credentials.tokenEndpointUrl;
var issuer_id = ssoConfig.credentials.issuerIdentifier;
var callback_url = 'https://sso-8.mybluemix.net/auth/sso/callback';

var OpenIDConnectStrategy = require('passport-idaas-openidconnect').IDaaSOIDCStrategy;
var Strategy = new OpenIDConnectStrategy({
        authorizationURL : authorization_url,
        tokenURL : token_url,
        clientID : client_id,
        scope: 'openid',
        response_type: 'code',
        clientSecret : client_secret,
        callbackURL : callback_url,
        skipUserProfile: true,
        issuer: issuer_id
    }, function(accessToken, refreshToken, profile, done) {
        process.nextTick(function() {
        profile.accessToken = accessToken;
        profile.refreshToken = refreshToken;
        done(null, profile);
    });
});

passport.use(Strategy);
app.get('/login', passport.authenticate('openidconnect', {}));

function ensureAuthenticated(req, res, next) {
    if(!req.isAuthenticated()) {
        req.session.originalUrl = req.originalUrl;
        res.redirect('/login');
    } else {
        return next();
    }
}

app.get('/auth/sso/callback', function(req, res, next) {               
    var redirect_url = req.session.originalUrl;                
    passport.authenticate('openidconnect', {
        successRedirect: '/hello',                                
        failureRedirect: '/failure',                        
    })(req,res,next);
});

app.get('/hello', ensureAuthenticated, function(request, response) {
    request.send('Hello, '+ request.user['id'] + '!\n' + '<a href="/logout">Log Out</a>');
});

app.get('/logout', function(req, res){
    req.logout();
    res.redirect('/');
});

app.get('/failure', function(req, res) {
    res.send('Login failed');
});

app.get('/', function (req, res) {
    res.send('<h1>Bluemix Service: Single Sign On</h1>' + '<p>Sign In with a Social Identity Source (SIS): Cloud directory, Facebook, Google+ or LinkedIn.</p>' + '<a href="/auth/sso/callback">Sign In with a SIS</a>');
});

var appport = process.env.VCAP_APP_PORT || 8888;
var host = (process.env.VCAP_APP_HOST || 'localhost');
var server = app.listen(appport, function () {
    var host = server.address().address
    var port = server.address().port
    console.log('Example app listening at http://%s:%s', host, port);
});

1 answers

solution1
 1  2017-02-03 15:40:48

The application need to be pushed to Bluemix first and be running before you can bind the SSO Service to it.

Push application to Bluemix and stage it Then you need to create the SSO Service as Unbound, When the SSO Service has been fully created and configured you can then bind it to the application.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Node.js implementation of open.epic single sign-on using HTTP GET? Bluemix Single Sign for Node.js throws 'crypto.createCredentials is deprecated' error How to invoke python scripts in node.js app on Bluemix? How to create a SP (service provider) for SSO (Single Sign-on) for node app? Uploading node.js app in bluemix How to create an application Node.js in bluemix Deploy a Node.js app with a node-jdbc module to Bluemix Single sign-on using node JS HTML while already signed on on Sharepoint Bluemix Error deploying node.js app buildpack Bluemix Node.js app not showing new code
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM