Passport strategy for authenticating with PingFederate using the OpenToken API.
This is a work in progress, but usable.
Install
npm install passport-opentoken
Usage
Create a login redirect to your PingFederate / OpenToken server,
with a URL containing PartnerSpId
and TargetResource
parameters,
a login callback route and a logout route.
app; app; appall'/logout/opentoken' { reqsession; res;};
Configuration
Before the above will work, you need to configure passport to use
the opentoken strategy. Create a verify callback
and instantiate an OpenTokenStrategy
object for passport
to use.
{ // see http://passportjs.org/guide/configure/ for an example // of a verify callback.}); var otkOptions = tokenName: 'mytoken' password: 'blahblah' cipherSuite: 2; passport;
If using sessions, you'll need passport.serializeUser
and passport.deserializeUser
functions as per the passport documentation.
CipherSuites are defined in the node-opentoken module:
0 = no encryption
1 = aes-256-cbc
2 = aes-128-cbc
3 = 3des