我是身份验证系统或 OIDC 的新手。我目前正在尝试将名为 CILogon (https://www.cilogon.org/oidc) 的 OIDC 工具集成到我正在构建的网站中。基本上,它可以通过 http://localhost:3000/auth 将用户重定向到第三方登录页面,登录成功后,它将用户重定向到 http://localhost:3000/home。
现在我想通过回调获取登录用户信息,但是回调函数好像没有被调用(例如我不能console.log profile对象:
passport.use(
new OIDCStrategy(
oidcConfig,
(issuer, sub, profile, accessToken, refreshToken, done) => {
// This callback will be called after successful authentication
console.log("profile: ", profile); // does not print
return done(null, profile);
}
)
);
下面是完整的代码。
const express = require("express");
const app = express();
const cors = require("cors");
// auth
const config = require("./auth/config"); // saved on server only
const session = require("express-session");
const crypto = require("crypto");
const passport = require("passport");
const OIDCStrategy = require("passport-openidconnect").Strategy;
// Body parser to parse incoming and outgoing requests
app.use(express.json());
app.use(cors());
app.listen(3000, () => console.log("server is up and running"));
// OIDC auth
const oidcConfig = {
issuer: "https://cilogon.org",
clientID: "xx123",
clientSecret: "XXABC123",
callbackURL: "http://localhost:3000/home",
authorizationURL: "https://cilogon.org/authorize",
tokenURL: "https://cilogon.org/oauth2/token ",
userInfoURL: "https://cilogon.org/oauth2/userinfo ",
};
// Generate a random session secret key
const secretKey = crypto.randomBytes(64).toString("hex");
app.use(
session({
secret: secretKey,
resave: false,
saveUninitialized: false,
})
);
app.use(passport.initialize()); // Initialize Passport middleware
app.use(passport.session()); // Enable session support for Passport
passport.use(
new OIDCStrategy(
oidcConfig,
(issuer, sub, profile, accessToken, refreshToken, done) => {
console.log("profile: ", profile); // do not print
console.log("here...");
return done(null, profile);
}
)
);
app.get("/auth", passport.authenticate("openidconnect", { scope: "profile" })); // Initiate authentication
app.get(
"/auth/callback",
passport.authenticate("openidconnect", {
successRedirect: "/home", // Redirect URL after successful authentication
failureRedirect: "/login", // Redirect URL after failed authentication
})
); // Callback URL for handling the OIDC provider's response
app.get("/home", async (req, res) => {
console.log("home");
const html = `<h1>Welcome to the home page!</h1>`; // Example HTML
res.send(html);
});
app.get("/profile", (req, res) => {
// Access the authenticated user's information from 'req.user'
// Render the user's profile page
});
app.get("/logout", (req, res) => {
// Log the user out and redirect to a logout page
});
找到了答案——看来我需要将“/auth/callback”更改为“/home”,因为我将回调 URL 注册为“/home”。