路由控制器框架中的passport.authenticate()

Question

我是JavaScript/TypeScript开发的新手，目前正在使用单点登录扩展express应用程序。express应用程序使用routing-controllers框架来处理请求，并且应该使用passport-saml进行身份验证。我已经设法让身份验证与标准的快速路由一起工作：

export class SsoRoutes {
    public router: Router;

    constructor() {
        this.router = Router();
    }


    this.router.get('/login-sso', passport.authenticate('saml'));

    this.router.post('/login-sso/consume', passport.authenticate('saml', {
        failureRedirect: '/',
        failureFlash: true,
        session: false
    }), function (req, res) {
        // handle callback

    });
}

但是我不知道如何在路由控制器框架中使用passport.authenticate(...)方法。有人能给我解释一下吗？

Answer 1

我选择的解决方案是创建您自己的中间件来处理passport.authenticate() (查看here如何做到这一点)。然后，您可以将自己的中间件与@UseBefore()装饰器一起使用。

@Get("/login-sso")
@UseBefore(yourFirstMiddleware)
loginSso() {
    // ... something you want to do after passport.authenticate()
}

对于第二个端点也是如此：

@Post("/login-sso/consume")
@UseBefore(yourSecondMiddleware)
loginSso() {
    // ... some other action you want to do after
}

对于其他解决方案，请检查您正在使用的框架的documentation。

Answer 2

当直接在路由器设置中使用passportJS方法时，request/ response/ next函数将从闭包中“神奇地”使用。因此，如果您在另一个类中提取并应用它们，则需要显式地提供它们。

路由器类中的

...
this.router.get('/login', (req, res, next) => this.authenticate(req, res, next)); // Called by user
this.router.get('/callback', (req, res, next) => this.callback(req, res, next)); // Called by OAuth2 provider
...
/**
 * Authenticate the user
 * @param req
 * @param res
 * @param next
 */
private authenticate(req: Request, res: Response, next: NextFunction){
    this.logger.debug('Performing authentication');
    this.customController.authenticate(req, res, next);
}
/**
 * Callback after OAuth2 provider has authenticated the user
 * @param req
 * @param res
 * @param next
 */
private callback(req: Request, res: Response, next: NextFunction){
    this.logger.debug('Callback from OAuth provider');
    this.customController.callback(req, res, next);
}

自定义控制器中的

/**
 * Executes the authentication using passportJS
 */
public executeAuthenticate(req: Request, res: Response, next: NextFunction): void {
    this.logger.debug('Authenticate using passport');

    passport.authenticate('<strategy>', { scope: ['email', 'profile'] })(req, res, next);  // <== Here! See that the function is called using the parameters (req,res,next)
}

/**
 * Callback after login completion
 * @param req 
 * @param res 
 * @param next 
 */
public callback(req: Request, res: Response, next: NextFunction): void {
    this.logger.debug('Callback from oAuth provider');
    // Ask passportJS to verify that the user is indeed logged in
    passport.authenticate('<strategy>', (err, user, info)=> {
        this.logger.debug('Authentication check done');
        if (err) {
            this.logger.debug('Authentication error');
            return next(err);
        }
        if (!user) { 
            this.logger.debug('Could not extract user');
            return next('Could not find user object');
        }
        this.logger.debug('Authentication succeeded');
        return res.json(user);

    })(req, res, next); // <== Here! See that the function is called using the parameters (req,res,next)
}