npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

passport-wsfed-idp-compiler

v0.0.10-rc

Published

![Imgur](http://i.imgur.com/ENPFOYp.gif?1) This project provides a simple interface for creating a simple nodejs idp using wsfed, it uses the passport-custom strategy and exposes it as a wsfed server, which can be used to create proof of concepts, example

Downloads

18

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

darkyen00darkyen00

Keywords

Readme

Passport-WsFed IdP

Imgur This project provides a simple interface for creating a simple nodejs idp using wsfed, it uses the passport-custom strategy and exposes it as a wsfed server, which can be used to create proof of concepts, examples, and or implement weird authentication strategies using passport and expose them as WsFED to Auth0 Server. As of now it works only and only with Auth0 Server.

API

The compiler accepts the following parameters in an object returned by calling the function initially

  • strategy: A valid Passport Strategy which can then be used to authenticate the user.
  • serializeUser(user, done): [Optional] This will be passed as is to passport.serializeUser
  • deserializeUser(user, done): [Optional] This will be passed as is to passport.deserializeUser
  • loginRouteHandler(req, res, next): [Optional] This will be passed to the route handler for GET /login if this is set the passport.authenticate will be called on GET & POST /login this can therefore used to implement more custom authentication flows.

You can skip passing the extra options and just pass the Passport strategy directly to the authorizer.

Examples

Steam OPENID

const SteamStrategy = require('passport-steam');

module.exports = function (config, database) {    
    return new new SteamStrategy({
        returnURL: config('SELF_URL'),
        realm: config('STEAM_REALM'),
        apiKey: config('STEAM_KEY')
    }, function (identifier, profile, done) {
        profile.id = identifier;
        done(profile);
    });
}

Full blown

@Todo: Add more stuff here

Meta stuff

Why WSFED?

  • Because its a single transaction.
  • Because its easy and all we care about is authentication here, no authorization or anything.

Why passport strategies?

  • They are extensible and a good standard.
  • There are 368 already, chances are you already are using one.

Why Auth0?

  • Auth0 does a lot more than just authentication, this allows Auth0 to focus on Rules etc.
  • Allows quick building POCs

Why Webtask?

  • Simple.
  • Very fast iteration process.
  • Takes care of provisioning and everything else
  • Your auth is all matters to you.

How it works ?

You just write a simple webtask, which is as the following

const CustomStrategy = require('passport-custom');

module.exports = function (config) {

    return new CustomStrategy(function (req, done) {
    
        if (req.query.login_hint === config('secret_sauce')) {
            return done({
                user_id: req.query.login_hint
            });
        }
        
        const error = new Error();
        error.code = 'login_failed';
        error.description = 'You did not know the secret';

        done(error);
    });
}

This compiler also expects the following environment variables, you can set them locally by creating dev.env or in cloud using the Webtask's Secrets API

SESSION_SECRET=A random string as secret for storing sessions
AUTH0_DOMAIN=The Auth0 domain that will be called back after authenticating
ISSUER_NAME=The issuer this instance will name itself as.
NODE_ENV=Only set it locally to "dev"

Localhosting ;)

Just run

# first time only
$ npm install 
# Subsquently
$ npm run dev
... Redacted log ...

Tunnel created, you can now use the following in Auth0 https://[random chars].ngrok.io
Your webtask is now listening for IPv4 traffic on 127.0.0.1:8080
... Redacted Log

Use the https://[random chars].ngrok.io as the WSFed URL wherever you are testing this, like the Auth0 Dashboard, and you can run this locally and test it against the Auth0 instance.