Node.js 验证程序

improve this page | report issue


IBM Mobile Foundation 提供 Node.js 框架以对外部资源实施安全功能。
提供了 Node.js 框架作为 npm 模块 (passport-mfp-token-validation)。

本教程显示如何使用作用域 (accessRestricted) 来保护简单 Node.js 资源 GetBalance


passport-mfp-token-validation 模块

passport-mfp-token-validation 模块提供认证机制以验证 MobileFirst Server 发出的访问令牌。


npm install passport-mfp-token-validation@8.0.X


  • 该样本使用 expresspassport-mfp-token-validation 模块:

    var express = require('express');
    var passport = require('passport-mfp-token-validation').Passport;
    var mfpStrategy = require('passport-mfp-token-validation').Strategy;
  • 如下所示设置 Strategy

    passport.use(new mfpStrategy({
      authServerUrl: 'http://localhost:9080/mfp/api',
      confClientID: 'testclient',
      confClientPass: 'testclient',
      analytics: {
          onpremise: {
              url: 'http://localhost:9080/analytics-service/rest/v3',
              username: 'admin',
              password: 'admin'
  • authServerUrl:将 localhost:9080 替换为您的 MobileFirst Server IP 地址和端口号。
  • confClientIDconfClientPass:将保密客户机标识和密码替换为在 MobileFirst Operations Console 中定义的项。
  • analytics:分析项为可选,仅在想要将分析事件记录到 Mobile Foundation 时才是必需的。
    localhost:9080usernamepassword 替换为分析服务器 IP 地址、端口号、用户名和密码。

  • 通过调用 passport.authenticate 来认证请求:

    var app = express();
    app.get('/getBalance', passport.authenticate('mobilefirst-strategy', {
        session: false,
        scope: 'accessRestricted'
    function(req, res) {
    var server = app.listen(3000, function() {
        var port = server.address().port
        console.log("Sample app listening at http://localhost:%s", port)
  • 要采用的 Strategy 应当是 mobilefirst-strategy
  • session 设置为 false
  • 指定 scope 名称。


下载 Node.js 样本


  1. 导航至样本的根文件夹并运行命令:npm install,后跟:npm start
  2. 确保更新保密客户机和 MobileFirst Operations Console 中的密钥值。
  3. 部署安全性检查:UserLoginPinCodeAttempts
  4. 注册匹配应用程序。
  5. accessRestricted 作用域映射到安全性检查。
  6. 更新客户机应用程序以针对 servlet URL 生成 WLResourceRequest
Inclusive terminology note: The Mobile First Platform team is making changes to support the IBM® initiative to replace racially biased and other discriminatory language in our code and content with more inclusive language. While IBM values the use of inclusive language, terms that are outside of IBM's direct influence are sometimes required for the sake of maintaining user understanding. As other industry leaders join IBM in embracing the use of inclusive language, IBM will continue to update the documentation to reflect those changes.
Last modified on June 19, 2020