-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathserver.js
More file actions
87 lines (75 loc) · 2.99 KB
/
server.js
File metadata and controls
87 lines (75 loc) · 2.99 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
/** Copyright © 2016, Okta, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
var url = require('url');
var restify = require('restify');
var passport = require('passport-restify');
var Strategy = require('passport-oauth2-jwt-bearer').Strategy;
var gravatar = require('gravatar');
var audience = 'ViczvMucBWT14qg3lAM1';
var issuer = 'https://example.oktapreview.com/as/ors71yywxk0GfFWmC0h7';
// var metadataUrl = 'http://rain.okta1.com:1802/.well-known/openid-configuration';
var metadataUrl = 'https://example.oktapreview.com/.well-known/openid-configuration';
// Database url
var url = 'mongodb://localhost:27017/'
var server = restify.createServer();
server.use(restify.bodyParser());
server.use(
function crossOrigin(req,res,next){
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "X-Requested-With");
return next();
}
);
server.use(passport.initialize());
var strategy = new Strategy({
audience: audience,
issuer: issuer,
metadataUrl: metadataUrl,
loggingLevel: 'debug'
}, function(token, done) {
// done(err, user, info)
return done(null, token);
});
passport.use(strategy);
// Add CORS Access
server.use(restify.CORS());
restify.CORS.ALLOW_HEADERS.push( "authorization" );
restify.CORS.ALLOW_HEADERS.push( "withcredentials" );
restify.CORS.ALLOW_HEADERS.push( "x-requested-with" );
restify.CORS.ALLOW_HEADERS.push( "x-forwarded-for" );
restify.CORS.ALLOW_HEADERS.push( "x-real-ip" );
restify.CORS.ALLOW_HEADERS.push( "x-customheader" );
restify.CORS.ALLOW_HEADERS.push( "user-agent" );
restify.CORS.ALLOW_HEADERS.push( "keep-alive" );
restify.CORS.ALLOW_HEADERS.push( "host" );
restify.CORS.ALLOW_HEADERS.push( "accept" );
restify.CORS.ALLOW_HEADERS.push( "connection" );
restify.CORS.ALLOW_HEADERS.push( "content-type" );
server.get({path: '/protected'},
passport.authenticate('oauth2-jwt-bearer', { session: false , scopes: ['gravatar']}),
function respond(req, res, next) {
console.log('Accessing protected resource as ' + req.user.user_email);
if(scopes.indexOf('gravatar') > -1){
// Send gavatar image
res.send({'image' : "https:" + gravatar.url(req.user.user_email, {s: '200', r: 'pg', d: 'retro'}), 'name' : req.user.user_email});
} else {
res.send({'Error' : 'Scope "gravatar" not defined'});
}
return next();
}
);
server.listen(9000, function() {
console.log('listening: %s', server.url);
});