pre async
This commit is contained in:
parent
f7824d67e5
commit
512a69319c
13 changed files with 633 additions and 362 deletions
129
index.js
129
index.js
|
|
@ -2,26 +2,13 @@ let passport = require('passport');
|
|||
let express = require('express');
|
||||
let https = require('https');
|
||||
let fs = require('fs');
|
||||
let ldap = require('ldapjs');
|
||||
|
||||
let directory = require('./directory.js');
|
||||
let http_config = require('./config/http.js');
|
||||
let app = express();
|
||||
require('./config/passport.js');
|
||||
let session = require('express-session');
|
||||
const { group } = require('console');
|
||||
|
||||
let satitm_directory = ldap.createClient({
|
||||
url: 'ldap://ad.satitm.chula.ac.th:389'
|
||||
});
|
||||
|
||||
satitm_directory.bind('CN=SSOManager,OU=Service Accounts,DC=ad,DC=satitm,DC=chula,DC=ac,DC=th', '39BK5LCeU2NY2oG3beeBJH', function (err) {
|
||||
if (err) {
|
||||
console.log('Error:', err);
|
||||
}
|
||||
else {
|
||||
console.log('Connected to SATITM Active Directory');
|
||||
}
|
||||
});
|
||||
|
||||
app.use(session({
|
||||
secret: 'RLCCDwstDuT6nMJf5kko7C',
|
||||
resave: false,
|
||||
|
|
@ -30,115 +17,17 @@ app.use(session({
|
|||
|
||||
app.use(passport.initialize());
|
||||
app.use(passport.session());
|
||||
|
||||
app.use(express.json());
|
||||
app.use(express.urlencoded({ extended: true }));
|
||||
|
||||
app.get('/', function (req, res) {
|
||||
response = 'Hello World!<br>';
|
||||
console.log('User:', req.user);
|
||||
if (req.user) {
|
||||
// Query Active Directory for user details
|
||||
// username is the UPN
|
||||
let username = req.user.username;
|
||||
let opts = {
|
||||
filter: `(userPrincipalName=${username})`,// replace 'username' with the actual username
|
||||
scope: 'sub',
|
||||
attributes: ['dn', 'memberOf']
|
||||
};
|
||||
let groups = '';
|
||||
satitm_directory.search('DC=ad,DC=satitm,DC=chula,DC=ac,DC=th', opts, function(err, ldapRes) {
|
||||
ldapRes.on('searchEntry', function(entry) {
|
||||
console.log('entry: ' + JSON.stringify(entry.object));
|
||||
groups = entry.object.memberOf;
|
||||
});
|
||||
ldapRes.on('error', function(err) {
|
||||
console.error('error: ' + err.message);
|
||||
});
|
||||
ldapRes.on('end', function(result) {
|
||||
console.log('status: ' + result.status);
|
||||
console.log('User:', req.user);
|
||||
response += 'Username: ' + req.user.username + '<br>';
|
||||
response += 'First Name: ' + req.user.first_name + '<br>';
|
||||
response += 'Last Name: ' + req.user.last_name + '<br>';
|
||||
response += 'Group: ' + groups + '<br>';
|
||||
response += '<a href="/logout">Logout</a>';
|
||||
res.send(response);
|
||||
});
|
||||
});
|
||||
let authRoutes = require('./routes/auth.js');
|
||||
app.use('/', authRoutes);
|
||||
let psRelationStudentRoutes = require('./routes/ps_relation_student.js');
|
||||
app.use('/selfservice/api', psRelationStudentRoutes);
|
||||
let psRelationParentRoutes = require('./routes/ps_relation_parent.js');
|
||||
app.use('/selfservice/api', psRelationParentRoutes);
|
||||
|
||||
|
||||
}
|
||||
else {
|
||||
response += '<a href="/login">Login</a>';
|
||||
res.send(response);
|
||||
}
|
||||
});
|
||||
|
||||
app.get('/logout', function (req, res) {
|
||||
req.logout();
|
||||
res.redirect('/');
|
||||
});
|
||||
|
||||
app.get('/login',
|
||||
passport.authenticate('saml', { failureRedirect: '/selfservice', failureFlash: true }),
|
||||
function (req, res) {
|
||||
res.redirect('https://localhost:3000/');
|
||||
}
|
||||
);
|
||||
|
||||
app.use(function(req, res, next) {
|
||||
console.log('Received request:', req.method, req.url);
|
||||
console.log('Data:', req.body);
|
||||
next();
|
||||
});
|
||||
|
||||
app.post('/selfservice/activedirectory/postResponse',
|
||||
passport.authenticate('saml', { failureRedirect: '/selfservice',successRedirect: '/', failureFlash: true }),
|
||||
function (req, res) {
|
||||
console.log('SAML authentication successful');
|
||||
res.redirect('https://localhost:3000/');
|
||||
}
|
||||
);
|
||||
//app.get('selfservice/secure', validUser, routes.secure);
|
||||
|
||||
function validUser(req, res, next) {
|
||||
if (!req.user) {
|
||||
res.redirect('https://localhost:3000/login');
|
||||
}
|
||||
next();
|
||||
}
|
||||
|
||||
const options = {
|
||||
key: fs.readFileSync('adfs_connect/urn_satitm_sso_selfservice.key'),
|
||||
cert: fs.readFileSync('adfs_connect/urn_satitm_sso_selfservice.cert'),
|
||||
ciphers: [
|
||||
'ECDHE-RSA-AES128-GCM-SHA256',
|
||||
'ECDHE-ECDSA-AES128-GCM-SHA256',
|
||||
'ECDHE-RSA-AES256-GCM-SHA384',
|
||||
'ECDHE-ECDSA-AES256-GCM-SHA384',
|
||||
'DHE-RSA-AES128-GCM-SHA256',
|
||||
'ECDHE-RSA-AES128-SHA256',
|
||||
'DHE-RSA-AES128-SHA256',
|
||||
'ECDHE-RSA-AES256-SHA384',
|
||||
'DHE-RSA-AES256-SHA384',
|
||||
'ECDHE-RSA-AES256-SHA256',
|
||||
'DHE-RSA-AES256-SHA256',
|
||||
'HIGH',
|
||||
'!aNULL',
|
||||
'!eNULL',
|
||||
'!EXPORT',
|
||||
'!DES',
|
||||
'!RC4',
|
||||
'!MD5',
|
||||
'!PSK',
|
||||
'!SRP',
|
||||
'!CAMELLIA'
|
||||
].join(':'),
|
||||
honorCipherOrder: true
|
||||
};
|
||||
|
||||
let server = https.createServer(options, app);
|
||||
let server = https.createServer(http_config.options, app);
|
||||
server.listen(3000, function () {
|
||||
console.log('Listening on port 3000');
|
||||
});
|
||||
Loading…
Add table
Add a link
Reference in a new issue