I am trying to get my IIS hosted website to allow me to login to Auth0 application and proceed back. My issue is it all works fine on http. Then I make the correct Node.js adjustments to turn my app https. But then my issues are the following:
This is my IIS web.config settings:
<system.webServer>
</system.webServer>
I will attach my server.js and index.js (route) files for reviewing. I will also attach my application settings from auth0:
Here is server.js
const dotenv = require('dotenv');
const express = require('express');
const https = require('https');
const logger = require('morgan');
const path = require('path');
const router = require('./routes/index');
const fs = require('fs');
const { auth } = require('express-openid-connect');
dotenv.config();
const app = express();
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');
app.use(logger('dev'));
app.use(express.static(path.join(__dirname, 'public')));
app.use(express.json());
const config = {
authRequired: false,
auth0Logout: true,
secret: '',
baseURL: 'https://testing.dupps.com',
clientID: 'oPqqTSH4b6k3FlZGZqdItV2KBVPVR3w8',
issuerBaseURL: 'https://dev-wg2ioezy8v4cunjl.us.auth0.com'
};
const port = process.env.PORT || 3067;
if (!config.baseURL && !process.env.BASE_URL && process.env.PORT && process.env.NODE_ENV !== 'production') {
config.baseURL = `https://testing.dupps.com`;
}
app.use(auth(config));
// Middleware to make the `user` object available for all views
app.use(function (req, res, next) {
res.locals.user = req.oidc.user;
next();
});
app.use('/', router);
// Catch 404 and forward to error handler
app.use(function (req, res, next) {
const err = new Error('Not Found');
err.status = 404;
next(err);
});
// Error handlers
app.use(function (err, req, res, next) {
res.status(err.status || 500);
res.render('error', {
message: err.message,
error: process.env.NODE_ENV !== 'production' ? err : {}
});
});
// Path to your PFX file and passphrase if needed
const pfxPath = path.join(__dirname, 'key.pfx'); // Adjust the path accordingly
const passphrase = '1234'; // Change this to your actual passphrase
// Create HTTPS options with PFX certificate
const httpsOptions = {
pfx: fs.readFileSync(pfxPath),
passphrase: passphrase // If there's no passphrase, you can omit this
};
// Start the HTTPS server
https.createServer(httpsOptions, app)
.listen(port, () => {
console.log(`Listening securely on ${config.baseURL}`);
});
and here is index.js (route):
var router = require('express').Router();
const { requiresAuth } = require('express-openid-connect');
router.get('/', function (req, res, next) {
res.render('index', {
title: 'Auth0 Webapp sample Nodejs',
isAuthenticated: req.oidc.isAuthenticated()
});
});
router.get('/profile', requiresAuth(), function (req, res, next) {
res.render('profile', {
userProfile: JSON.stringify(req.oidc.user, null, 2),
title: 'Profile page'
});
});
module.exports = router;