1. Advisor
  2. openid
  3. openid code examples
View all openid analysis

How to use openid - 10 common examples

To help you get started, we’ve selected a few openid examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github sandiz / rs-manager / src / preload.js View on Github external
else if (this[i] != array[i]) {
            // Warning - two different object instances will never be equal: {x:20} != {x:20}
            return false;
        }
    }
    return true;
}
// Hide method from for-in loops
Object.defineProperty(Array.prototype, "equals", { enumerable: false });

/* we start a local youtube http proxy because youtube doesnt like serving monetized videos to file:// sources */
exp.listen(window.YT_PORT, () => console.log(`RSManager listening on port ${window.YT_PORT} for yt requests (/yt/:vid).`))
exp.get('/yt/:vid', (req, res) => res.send(``))

window.STEAM_AUTH_URL = "http://localhost:" + window.YT_PORT
const relyingParty = new openid.RelyingParty(
    window.STEAM_AUTH_URL + "/verify-steam",
    window.STEAM_AUTH_URL,
    true,
    false,
    []
);
const getCookie = filter => new Promise((resolve, reject) => {
    window.remote.session.defaultSession.cookies.get(filter, (error, cookies) => {
        if (error) reject(error);
        else resolve(cookies);
    })
});

exp.get('/verify-steam', async (req, res) => {
    relyingParty.verifyAssertion(req, async (err, result) => {
        if (err) {
github G33kLabs / Node.VaSH / libs / server / passports / passport-openid / strategy.js View on Github external
if (req.query && req.query['openid.mode']) {
    // The request being authenticated contains an `openid.mode` parameter in
    // the query portion of the URL.  This indicates that the OpenID Provider
    // is responding to a prior authentication request with either a positive or
    // negative assertion.  If a positive assertion is received, it will be
    // verified according to the rules outlined in the OpenID 2.0 specification.
    
    // NOTE: node-openid (0.3.1), which is used internally, will treat a cancel
    //       response as an error, setting `err` in the verifyAssertion
    //       callback.  However, for consistency with Passport semantics, a
    //       cancel response should be treated as an authentication failure,
    //       rather than an exceptional error.  As such, this condition is
    //       trapped and handled prior to being given to node-openid.

    if (req.query['openid.mode'] === 'cancel') { return this.fail(); }
    
    var self = this;
    this._relyingParty.verifyAssertion(req.url, function(err, result) {
      console.log(err, result, req.query)
      if (err) { return self.error(err); }
      if (!result.authenticated) { return self.error(new Error('OpenID authentication error')); }
      
      var profile = self._parseProfileExt(result);
      
      function validated(err, user) {
        if (err) { return self.error(err); }
        if (!user) { return self.fail(); }
        self.success(user);
      }
      
      var arity = self._validate.length;
github havard / node-openid / openid.js View on Github external
{
      // OpenID 1.0/1.1 response without a claimed identifier
      // We need to load discovered information using the
      // local identifier
      useLocalIdentifierAsKey = true;
    }
    else {
      // OpenID 2.0+:
      // If there is no claimed identifier, then the
      // assertion is not about an identity
      return callback(null, { authenticated: false }); 
      }
  }

  if (useLocalIdentifierAsKey) {
    claimedIdentifier = params['openid.identity'];  
  }

  claimedIdentifier = _getCanonicalClaimedIdentifier(claimedIdentifier);
  openid.loadDiscoveredInformation(claimedIdentifier, function(error, provider)
  {
    if(error)
    {
      return callback({ message: 'An error occured when loading previously discovered information about the claimed identifier' });
    }

    if(provider)
    {
      return _verifyAssertionAgainstProviders([provider], params, stateless, extensions, callback);
    }
    else if (useLocalIdentifierAsKey) {
      return callback({ message: 'OpenID 1.0/1.1 response received, but no information has been discovered about the provider. It is likely that this is a fraudulent authentication response.' });
github CodeArtemis / TriggerRally / server / node_modules / passport-google / node_modules / passport-openid / node_modules / openid / openid.js View on Github external
{
      // OpenID 1.0/1.1 response without a claimed identifier
      // We need to load discovered information using the
      // local identifier
      useLocalIdentifierAsKey = true;
    }
    else {
      // OpenID 2.0+:
      // If there is no claimed identifier, then the
      // assertion is not about an identity
      return callback(null, { authenticated: false }); 
      }
  }

  if (useLocalIdentifierAsKey) {
    claimedIdentifier = params['openid.identity'];  
  }

  claimedIdentifier = _getCanonicalClaimedIdentifier(claimedIdentifier);
  openid.loadDiscoveredInformation(claimedIdentifier, function(error, provider)
  {
    if(error)
    {
      return callback({ message: 'An error occured when loading previously discovered information about the claimed identifier' });
    }

    if(provider)
    {
      return _verifyAssertionAgainstProvider(provider, params, stateless, extensions, callback);
    }
    else if (useLocalIdentifierAsKey) {
      return callback({ message: 'OpenID 1.0/1.1 response received, but no information has been discovered about the provider. It is likely that this is a fraudulent authentication response.' });
github havard / node-openid / openid.js View on Github external
var _verifyDiscoveredInformation = function(params, stateless, extensions, strict, callback)
{
  var claimedIdentifier = params['openid.claimed_id'];
  var useLocalIdentifierAsKey = false;
  if(!_isDef(claimedIdentifier))
  {
    if(!_isDef(params['openid.ns']))
    {
      // OpenID 1.0/1.1 response without a claimed identifier
      // We need to load discovered information using the
      // local identifier
      useLocalIdentifierAsKey = true;
    }
    else {
      // OpenID 2.0+:
      // If there is no claimed identifier, then the
      // assertion is not about an identity
      return callback(null, { authenticated: false }); 
      }
github havard / node-openid / openid.js View on Github external
if(provider.claimedIdentifier)
  {
    params['openid.claimed_id'] = provider.claimedIdentifier;
    if(provider.localIdentifier)
    {
      params['openid.identity'] = provider.localIdentifier;
    }
    else
    {
      params['openid.identity'] = provider.claimedIdentifier;
    }
  }
  else if(provider.version.indexOf('2.0') !== -1)
  {
    params['openid.claimed_id'] = params['openid.identity'] =
      'http://specs.openid.net/auth/2.0/identifier_select';
  }
  else {
    return callback({ message: 'OpenID 1.0/1.1 provider cannot be used without a claimed identifier' });
  }

  if(assoc_handle)
  {
    params['openid.assoc_handle'] = assoc_handle;
  }

  if(returnUrl)
  {
    // Value should be missing if RP does not want
    // user to be sent back
    params['openid.return_to'] = returnUrl;
github openstf / stf / lib / units / auth / openid.js View on Github external
module.exports = function(options) {
  var extensions = [new openid.SimpleRegistration({
    email: true
  , fullname: true
  })]

  var relyingParty = new openid.RelyingParty(
    urljoin(options.appUrl, '/auth/openid/verify')
  , null  // Realm (optional, specifies realm for OpenID authentication)
  , false // Use stateless verification
  , false // Strict mode
  , extensions)

  var log = logger.createLogger('auth-openid')
  var app = express()

  app.set('strict routing', true)
  app.set('case sensitive routing', true)

  app.get('/', function(req, res) {
    res.redirect('/auth/openid/')
  })
github ciaranj / connect-auth / lib / auth.strategies / openid.js View on Github external
that.verifyPath = url.parse(that.callback, false).pathname;

  // Build the authentication routes required
  that.setupRoutes = function(server) {
    server.use('/', connect.router(function routes(app){
      app.get( that.verifyPath, function(req, res){
        req.authenticate([that.name], function(error, authenticated) {
          res.writeHead(303, { 'Location': req.session.openid_redirect_url });
          res.end('');
        });
      });
    }));
  };

   var relyingParty = new openid.RelyingParty(
        that.callback, // Verification URL (yours)
        that.realm, // Realm (optional, specifies realm for OpenID authentication)
        that.stateless, // Use stateless verification
        that.strictMode, // Strict mode
        that.extensions); // List of extensions to enable and include


  that.authenticate= function(request, response, callback) {

    var self= this;
    var parsedUrl= url.parse(request.url, true);
    if( request.getAuthDetails()['openid_login_attempt_failed'] === true ) {
      // Because we bounce through authentication calls across multiple requests
      // we use this to keep track of the fact we *Really* have failed to authenticate
      // so that we don't keep re-trying to authenticate forever.
      delete request.getAuthDetails()['openid_login_attempt_failed'];
github havard / node-openid / openid.js View on Github external
var _verifyDiscoveredInformation = function(params, stateless, extensions, strict, callback)
{
  var claimedIdentifier = params['openid.claimed_id'];
  var useLocalIdentifierAsKey = false;
  if(!_isDef(claimedIdentifier))
  {
    if(!_isDef(params['openid.ns']))
    {
      // OpenID 1.0/1.1 response without a claimed identifier
      // We need to load discovered information using the
      // local identifier
      useLocalIdentifierAsKey = true;
    }
    else {
      // OpenID 2.0+:
      // If there is no claimed identifier, then the
      // assertion is not about an identity
      return callback(null, { authenticated: false }); 
      }
  }

  if (useLocalIdentifierAsKey) {
    claimedIdentifier = params['openid.identity'];
github CodeArtemis / TriggerRally / server / node_modules / passport-google / node_modules / passport-openid / lib / passport-openid / strategy.js View on Github external
if (req.query && req.query['openid.mode']) {
    // The request being authenticated contains an `openid.mode` parameter in
    // the query portion of the URL.  This indicates that the OpenID Provider
    // is responding to a prior authentication request with either a positive or
    // negative assertion.  If a positive assertion is received, it will be
    // verified according to the rules outlined in the OpenID 2.0 specification.
    
    // NOTE: node-openid (0.3.1), which is used internally, will treat a cancel
    //       response as an error, setting `err` in the verifyAssertion
    //       callback.  However, for consistency with Passport semantics, a
    //       cancel response should be treated as an authentication failure,
    //       rather than an exceptional error.  As such, this condition is
    //       trapped and handled prior to being given to node-openid.
    
    if (req.query['openid.mode'] === 'cancel') { return this.fail({ message: 'OpenID authentication canceled' }); }
    
    var self = this;
    this._relyingParty.verifyAssertion(req.url, function(err, result) {
      if (err) { return self.error(new InternalOpenIDError('Failed to verify assertion', err)); }
      if (!result.authenticated) { return self.error(new Error('OpenID authentication failed')); }
      
      var profile = self._parseProfileExt(result);
      var pape = self._parsePAPEExt(result);
      var oauth = self._parseOAuthExt(result);

      function verified(err, user, info) {
        if (err) { return self.error(err); }
        if (!user) { return self.fail(info); }
        self.success(user, info);
      }

openid

OpenID 1.1/2.0 library for Node.js

GitHub
MIT
Latest version published 1 month ago

Package Health Score

78 / 100
Full package analysis

Popular openid functions

Similar packages