-
Notifications
You must be signed in to change notification settings - Fork 49
/
Copy pathserver.js
108 lines (88 loc) · 2.84 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
// index.js
const path = require('path');
const express = require('express');
const engine = require('express-handlebars');
const Keycloak = require('keycloak-connect');
var session = require('express-session');
const Client = require('node-radius-client');
const {dictionaries} = require('node-radius-utils');
const bodyParser = require('body-parser');
const memoryStore = new session.MemoryStore();
const keycloak = new Keycloak({
store: memoryStore
});
const app = express();
app.use(bodyParser.urlencoded({extended: true}));
app.use(session({
secret: 'mySecret',
resave: false,
saveUninitialized: true,
store: memoryStore
}));
app.use(keycloak.middleware({
logout: '/logout',
}));
app.engine('handlebars', engine());
app.set('view engine', 'handlebars');
app.set('main', './views');
app.set('view engine', '.hbs');
app.set('views', path.join(__dirname, 'views'));
function tokenInfo(accessToken) {
const oneTimePassword = accessToken[accessToken.np];
const userName = accessToken[accessToken.n];
const realm = getRealmName(accessToken.iss);
return {
oneTimePassword,
userName,
realm,
exp: accessToken.exp,
}
}
function getRealmName(url) {
const n = url.lastIndexOf('/');
return url.substring(n + 1);
}
function renderUI(request, response, status) {
// console.log("Access Token: "+JSON.parse(request.session['keycloak-token']).access_token);
const accessToken = request.kauth.grant.access_token.content;
const {oneTimePassword, userName, exp, realm} = tokenInfo(accessToken);
response.render('home', {
name: userName,
password: oneTimePassword,
status,
realm,
exp: new Date(1000 * exp).toISOString()
})
}
const radiusClient = new Client({
host: 'localhost',
dictionaries: [
dictionaries.rfc2865.file,
dictionaries.mikrotik.file
],
});
app.post('/', (request, response) => {
radiusClient.accessRequest({
secret: request.body.secret,
attributes: [
[dictionaries.rfc2865.attributes.USER_NAME, request.body.userName],
[dictionaries.rfc2865.attributes.USER_PASSWORD, request.body.oneTimePassword],
// [],
['Vendor-Specific', 14988,
[[dictionaries.mikrotik.attributes.MIKROTIK_REALM, Buffer.from(request.body.realm)]]],
],
}).then((result) => {
console.log('result', result.code);
renderUI(request, response, 'SUCCESS');
}).catch((error) => {
console.log('error', error);
renderUI(request, response,
error.response && error.response.code === 'Access-Reject' ? 'REJECT' : error);
});
});
app.get('/', keycloak.protect(), (request, response) => {
renderUI(request, response, "<<==");
});
app.listen(3000, ()=>{
console.log('server: http://localhost:3000')
});