以下是我一直收到的錯誤 「CWOAU0062E:由於重定向URI無效,OAuth服務提供者無法重定向請求,因此請聯繫您的系統管理員以解決問題。無法在BlueMix中爲NodeJS獲取SSO
var express = require('express');
// Add for SSO
var cookieParser = require('cookie-parser');
var session = require('express-session');
var passport = require('passport');
var OpenIDConnectStrategy = require('passport-idaas-openidconnect').IDaaSOIDCStrategy;
var redis = require('redis');
var RedisStore = require('connect-redis')(session);
// cfenv provides access to your Cloud Foundry environment
// for more info, see: https://www.npmjs.com/package/cfenv
var cfenv = require('cfenv');
// get the app environment from Cloud Foundry
var appEnv = cfenv.getAppEnv();
// create a new express server
var app = express();
var services = JSON.parse(process.env.VCAP_SERVICES || null);
// get configuration for redis backing service and connect to service
var redisConfig = appEnv.getService(/Redis.*/);
if(redisConfig == null) {
console.log('ERROR: Failed to create REDDISCONFIG!!!');
} else {
var redisPort = redisConfig.credentials.port;
var redisHost = redisConfig.credentials.hostname;
var redisPasswd = redisConfig.credentials.password;
var redisclient = redis.createClient(redisPort, redisHost, {no_ready_check: true});
redisclient.auth(redisPasswd, function (err) {
if (err) {
throw err;
}
});
redisclient.on('connect', function() {
console.log('Connected to Redis');
});
}
// define express session services, etc for SSO
app.use(cookieParser());
// app.use(session({resave: 'true', saveUninitialized: 'true' , secret: 'keyboard cat'}));
if(redisConfig != null) {
app.use(session({
store: new RedisStore({ client: redisclient }),
resave: 'true',
saveUninitialized: 'true',
secret: 'top secr8t'
}));
}
app.use(passport.initialize());
app.use(passport.session());
passport.serializeUser(function(user, done) {
done(null, user);
});
passport.deserializeUser(function(obj, done) {
done(null, obj);
});
// find config object for the SSO services from VCAP_SERVICES through cfenv/appEnv
var ssoConfig = services.SingleSignOn[0];
//appEnv.getService(/Single Sign On.*/)
if(ssoConfig == null) {
console.log('ERROR: Failed to instantiate SSOCONFIG. Its not available!!!');
} else {
var client_id = ssoConfig.credentials.clientId;
var client_secret = ssoConfig.credentials.secret;
var authorization_url = ssoConfig.credentials.authorizationEndpointUrl;
var token_url = ssoConfig.credentials.tokenEndpointUrl;
var issuer_id = ssoConfig.credentials.issuerIdentifier;
}
// you MUST change the host route to match your application name
// var callback_url = 'https://scaleSSO-TOR0815.mybluemix.net/auth/sso/callback';
var callback_url = 'https://krishnodejs.mybluemix.net/auth/sso/callback';
var OpenIDConnectStrategy = require('passport-idaas-openidconnect').IDaaSOIDCStrategy;
var Strategy = new OpenIDConnectStrategy({
authorizationURL : authorization_url,
tokenURL : token_url,
clientID : client_id,
scope: 'openid',
response_type: 'code',
clientSecret : client_secret,
callbackURL : appEnv.url + '/auth/sso/callback',
// callbackURL : callback_url,
skipUserProfile: true,
issuer: issuer_id},
function(accessToken, refreshToken, profile, done) {
process.nextTick(function() {
profile.accessToken = accessToken;
profile.refreshToken = refreshToken;
done(null, profile);
})
});
passport.use(Strategy);
app.get('/login', passport.authenticate('openidconnect', {}));
function ensureAuthenticated(req, res, next) {
if(!req.isAuthenticated()) {
// req.session.originalUrl = 'https://krishnodejs.mybluemix.net';
res.redirect('/login');
} else {
return next();
}
}
app.get('/auth/sso/callback',function(req,res,next) {
var redirect_url = 'https://krishnodejs.mybluemix.net/hello';
// req.session.originalUrl;
passport.authenticate('openidconnect',{
successRedirect: redirect_url,
failureRedirect: '/failure',
})(req,res,next);
});
app.get('/hello', ensureAuthenticated, function(req, res) {
res.send('Hello, '+ req.user['id'] + '!'); }
);
app.get('/failure', function(req, res) {
res.send('login failed'); });
// serve the files out of ./public as our main files
app.use(express.static(__dirname + '/public'));
// start server on the specified port and binding host
app.listen(appEnv.port, function() {
// print a message when the server starts listening
console.log("server starting on " + appEnv.url);
});
我在SSO的返回URL設置以下網址「https://krishnodejs.mybluemix.net/hello」
任何意見,建議,解決是更受歡迎。
失敗重定向URL有我的回調網址吧,除了怪異&範圍= OpenID的....但我想,這可能不是一個問題
我看着服務器端日誌錯誤。但沒有。讓我不知道到哪裏的問題