saml2 working

2024-05-05 03:11:42 +07:00 · 2024-05-05 03:11:42 +07:00 · 33865b9d02
commit 33865b9d02
parent 1876580d86
6 changed files with 184 additions and 38 deletions
--- a/index.js
+++ b/index.js
@ -1,35 +1,94 @@
 let passport = require('passport');
 let express = require('express');
-let http = require('http');
+let https = require('https');
+let fs = require('fs');

 let app = express();
 require('./config/passport.js');

+let session = require('express-session');
+
+app.use(session({
+  secret: 'RLCCDwstDuT6nMJf5kko7C',
+  resave: false,
+  saveUninitialized: true
+}));
+
+// ... rest of your code ...
+
 app.use(passport.initialize());
 app.use(passport.session());

+app.use(express.json());
+app.use(express.urlencoded({ extended: true }));
+
+app.get('/', function (req, res) {
+  res.send('Hello World!<br><a href="/login">Login</a>');
+  console.log('User:', req.user);
+  if (req.user) {
+    console.log('User:', req.user);
+  }
+});
+
 app.get('/login',
  passport.authenticate('saml', { failureRedirect: '/selfservice', failureFlash: true }),
-  function(req, res) {
-    res.redirect('https://sso.satitm.chula.ac.th/selfservice');
+  function (req, res) {
+    res.redirect('https://localhost:3000/');
  }
 );
-app.post('/selfservice/activediretory/postResponse',
-  passport.authenticate('saml', { failureRedirect: '/selfservice', failureFlash: true }),
-  function(req, res) {
-    res.redirect('https://sso.satitm.chula.ac.th/selfservice');
+
+app.use(function(req, res, next) {
+  console.log('Received request:', req.method, req.url);
+  console.log('Data:', req.body);
+  next();
+});
+
+app.post('/selfservice/activedirectory/postResponse',
+  passport.authenticate('saml', { failureRedirect: '/selfservice',successRedirect: '/', failureFlash: true }),
+  function (req, res) {
+    console.log('SAML authentication successful');
+    res.redirect('https://localhost:3000/');
  }
 );
 //app.get('selfservice/secure', validUser, routes.secure);

 function validUser(req, res, next) {
  if (!req.user) {
-    res.redirect('https://sso.satitm.chula.ac.th/selfservice/login');
+    res.redirect('https://localhost:3000/login');
  }
  next();
 }

-let server = http.createServer(app);
-server.listen(3000, function() {
+const options = {
+  key: fs.readFileSync('adfs_connect/urn_satitm_sso_selfservice.key'),
+  cert: fs.readFileSync('adfs_connect/urn_satitm_sso_selfservice.cert'),
+  ciphers: [
+    'ECDHE-RSA-AES128-GCM-SHA256',
+    'ECDHE-ECDSA-AES128-GCM-SHA256',
+    'ECDHE-RSA-AES256-GCM-SHA384',
+    'ECDHE-ECDSA-AES256-GCM-SHA384',
+    'DHE-RSA-AES128-GCM-SHA256',
+    'ECDHE-RSA-AES128-SHA256',
+    'DHE-RSA-AES128-SHA256',
+    'ECDHE-RSA-AES256-SHA384',
+    'DHE-RSA-AES256-SHA384',
+    'ECDHE-RSA-AES256-SHA256',
+    'DHE-RSA-AES256-SHA256',
+    'HIGH',
+    '!aNULL',
+    '!eNULL',
+    '!EXPORT',
+    '!DES',
+    '!RC4',
+    '!MD5',
+    '!PSK',
+    '!SRP',
+    '!CAMELLIA'
+  ].join(':'),
+  honorCipherOrder: true
+};
+
+let server = https.createServer(options, app);
+server.listen(3000, function () {
  console.log('Listening on port 3000');
 });