Passport strategy for authenticating with FranceConnect.
This module lets you authenticate using FranceConnect in your Node.js applications. By plugging into Passport, FranceConnect authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.
$ npm install passport-franceconnect
Before using passport-franceconnect
, you must register as a "service provider" with FranceConnect.
If you have not already done so, you can register at
Inscription FranceConnect .
You will be provided with a client ID and client secret, which
need to be provided to the strategy. You will also need to configure a callback
URL which matches the route in your application.
The consumer key and consumer secret obtained when registering as a service provider
are supplied as options when creating the strategy. The strategy
also requires a verify
callback, which receives the access token and
corresponding secret as arguments, as well as profile
which contains the
authenticated user's FranceConnect profile. The verify
callback must call cb
providing a user to complete authentication.
passport.use(new FranceConnectStrategy({
clientID: FRANCECONNECT_CLIENT_ID,
clientSecret: FRANCECONNECT_CLIENT_SECRET,
callbackURL: "http://127.0.0.1:3000/auth/france-connect/callback"
},
function(token, tokenSecret, profile, cb) {
User.findOrCreate({ twitterId: profile.id }, function (err, user) {
return cb(err, user);
});
}
));
Other options include:
scope
: an array of scopesserviceURL
(optional): the URL of the FranceConnect API to use (https://fcp.integ01.dev-franceconnect.fr by default),authorizationURL
(optional): the authorization API endpoint URL (serviceURL + '/api/v1/authorize'
by default),tokenURL
(optional): the token API endpoint URL (serviceURL + '/api/v1/token'
by default),userInfoURL
(optional): the user info API endpoint URL (serviceURL + '/api/v1/userinfo'
by default),acrValues
(optional): the EIDAS level to be used (see https://doc.integ01.dev-franceconnect.fr/fournisseur-service)
By default, the serviceURL
is set to the FranceConnect development backend URL (https://fcp.integ01.dev-franceconnect.fr).
When using this service URL, you can sign in using the following identity providers and the corresponding test users:
Identity Provider | Login | Password |
---|---|---|
ameli.fr | 111 | 123 |
ameli.fr | 112 | 123 |
ameli.fr | 113 | 123 |
ameli.fr | 114 | 123 |
ameli.fr | 115 | 123 |
ameli.fr | 116 | 123 |
ameli.fr | 117 | 123 |
ameli.fr | 118 | 123 |
ameli.fr | 119 | 123 |
Use passport.authenticate()
, specifying the 'france-connect'
strategy, to
authenticate requests.
For example, as route middleware in an Express application:
app.get('/auth/france-connect',
passport.authenticate('france-connect'));
app.get('/auth/france-connect/callback',
passport.authenticate('france-connect', { failureRedirect: '/login' }),
function(req, res) {
// Successful authentication, redirect home.
res.redirect('/');
});
https://github.com/promethe42/passport-franceconnect/issues
Copyright (c) 2016 Jean-Marc Le Roux <https://github.com/promethe42/>