Add an OAuth2 auth provider.

2026-04-18 08:03:30 +02:00 · 2014-10-30 19:03:17 +09:00
parent 2ff16baf7a
commit af09fc084a
3 changed files with 175 additions and 0 deletions
--- a/lib/units/auth/oauth2/index.js
+++ b/lib/units/auth/oauth2/index.js
@@ -0,0 +1,51 @@
+var http = require('http')
+
+// @todo Figure something out
+process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0"
+
+var express = require('express')
+var passport = require('passport')
+
+var logger = require('../../../util/logger')
+var urlutil = require('../../../util/urlutil')
+var jwtutil = require('../../../util/jwtutil')
+var Strategy = require('./strategy')
+
+module.exports = function(options) {
+  var log = logger.createLogger('auth-oauth2')
+    , app = express()
+    , server = http.createServer(app)
+
+  app.set('strict routing', true)
+  app.set('case sensitive routing', true)
+
+  function verify(accessToken, refreshToken, profile, done) {
+    done(null, profile)
+  }
+
+  passport.use(new Strategy(options.oauth, verify))
+
+  app.use(passport.initialize())
+  app.use(passport.authenticate('oauth2', {
+    failureRedirect: '/auth/oauth/'
+  , session: false
+  }))
+
+  app.get(
+    '/auth/oauth/callback'
+  , function(req, res) {
+      res.redirect(urlutil.addParams(options.appUrl, {
+        jwt: jwtutil.encode({
+          payload: {
+            email: req.user.email
+          , name: req.user.email.split('@', 1).join('')
+          }
+        , secret: options.secret
+        })
+      }))
+    }
+  )
+
+  server.listen(options.port)
+  log.info('Listening on port %d', options.port)
+}