OpenID for node.js is (yes, you guessed it) an OpenID implementation for node.js.
Highlights and features include:
The library can be reviewed and retrieved from GitHub.
If you use npm, simply do npm install openid.
If you don’t use npm, you should. Alternatively, you can download the library, and move the
lib folder and openid.js to where you want them, and then require('openid').
(Remember to do require.paths.unshift on the directory you put the file in unless it’s
already in your require.paths.)
Instead of walking through step-by-step, here’s a very simple server
using OpenID for node.js for authentication:
var openid = require('openid');
var url = require('url');
var querystring = require('querystring');
var server = require('http').createServer(
function(req, res)
{
var parsedUrl = url.parse(req.url);
if(parsedUrl.pathname == '/verify')
{
// Verify identity assertion
var result = openid.verifyAssertion(req); // or req.url
var attributes = [];
var sreg = new openid.SimpleRegistration(result);
for (var k in sreg)
attributes.push(k + ": " + sreg[k]);
var ax = new openid.AttributeExchange(result);
for (var k in ax)
attributes.push(k + ": " + ax[k]);
res.writeHead(200);
res.end(result.authenticated ? 'Success :)\n' + attributes.join("\n") : 'Failure :(\n' + result.error);
}
else if(parsedUrl.pathname == '/authenticate')
{
// Resolve identifier, associate, build authentication URL
openid.authenticate(
querystring.parse(parsedUrl.query).openid_identifier, // user supplied identifier
'http://example.com/verify', // our callback URL
null, // realm (optional)
false, // attempt immediate authentication first?
function(authUrl)
{
res.writeHead(302, { Location: authUrl });
res.end();
}, [new openid.UserInterface(), new openid.SimpleRegistration({
"nickname" : true, "email" : true, "fullname" : true,
"dob" : true, "gender" : true, "postcode" : true,
"country" : true, "language" : true, "timezone" : true}),
new openid.AttributeExchange({
"http://axschema.org/contact/email": "required",
"http://axschema.org/namePerson/friendly": "required",
"http://axschema.org/namePerson": "required"})]);
}
else
{
// Deliver an OpenID form on all other URLs
res.writeHead(200);
res.end('<!DOCTYPE html><html><body>'
+ '<form method="get" action="/authenticate">'
+ '<p>Login using OpenID</p>'
+ '<input name="openid_identifier" />'
+ '<input type="submit" value="Login" />'
+ '</form></body></html>');
}
});
server.listen(80);
To provide a way to save/load association state, you need to mix-in two functions in
the openid module:
saveAssociation(type, handle, secret, expiry_time) is called when a new association is established during authenticationloadAssociation(handle) is used to retrieve the association identified by handle when verification happensThe openid module includes default implementations for these functions using a simple object to store the associations in-memory.
OpenID for node.js is licensed under the MIT license. See LICENSE for further details.
The libary includes bigint functionality released by Tom Wu under the BSD license,
and Base64 functions released by Nick Galbreath under the MIT license. Please see
lib/bigint.js and lib/base64.js for the details of the licenses for these functions.
We use cookies
We use cookies to analyze traffic and improve your experience. You can accept or reject analytics cookies.