@starzeus/passport-openidconnect-proxy

0.3.1 • Public • Published

Passport-OpenID Connect

Fork of Jared Hanson's Passport strategy for authenticating with OpenID Connect.

This module lets you authenticate using OpenID Connect in your Node.js applications. By plugging into Passport, OpenID Connect authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.

Installation

npm install @techpass/passport-openidconnect

Usage

Setup

const passport = require("passport");
const OidcStrategy = require("@techpass/passport-openidconnect").Strategy;

passport.use(
  "oidc",
  new OidcStrategy(
    {
      issuer: "https://my-oidc-issuer.com",
      authorizationURL: "https://my-oidc-issuer.com/oauth2/authorize",
      tokenURL: "https://my-oidc-issuer.com/oauth2/token",
      userInfoURL: "https://my-oidc-issuer.com/userinfo",
      clientID: "my-oidc-client-id",
      clientSecret: "my-oidc-client-secret",
      callbackURL: "https://my-client-endpoint.com/auth/callback",
      scope: "openid", // Optional values from OIDC spec: profile, email, address, phone
      pkce: "S256" // Optional. Include to perform Proof Key Code Exchange else ignore. Possible values are "S256" || "plain"
      originalReqProp: "query" // Optional. Extra state from any properties in the original auth request which will be sent back in the callback's request.query.state as a json string. Possible values are default properties in req such as path, params, query or any custom properties you assign into req
    },
    async (
      issuer,
      sub,
      profile,
      jwtClaims,
      accessToken,
      refreshToken,
      idToken,
      params,
      done
    ) => {
      User.findOrCreate(
        { exampleId: profile.id },
        function (err, user) {
          return done(err, user);
        }
      );
    }
  )
);

Options

If authorizationURL and tokenURL are undefined, dynamic OIDC metadata discovery will be attempted using the .well-known/openid-configuration endpoint.

Express

app.get('/auth/login', passport.authenticate('oidc'));

app.get("/auth/callback", (req, res, next) => {
  passport.authenticate("oidc", (err, user) => {
    if (err || !user) { 
      return res.redirect("/error-callback"); // Or other error handling
    }
    // Create the express session, calls serializeUser
    req.logIn(user, function(err) {
      if (err) {
        return next(err);
      }
      res.redirect("/success-callback");
    });
  })(req, res, next);
}

Credits

License

The MIT License

Copyright (c) 2011-2013 Jared Hanson <http://jaredhanson.net/>

Sponsor

Package Sidebar

Install

npm i @starzeus/passport-openidconnect-proxy

Weekly Downloads

1

Version

0.3.1

License

MIT

Unpacked Size

47.8 kB

Total Files

17

Last publish

Collaborators

  • starzeus