1. 技术文章
  2. Node.js passport-saml redirects to localhost:3000/login/callback all the time

Node.js passport-saml redirects to localhost:3000/login/callback all the time

孤街醉人 提交于 2020-01-05 20:20:41

问题


I am using the tutorial from www.npmjs.org/package/passport-saml for the SAML. I am a beginner in SAML.

The tutorial says

The SAML identity provider will redirect you to the URL provided by the path configuration

I already have a OpenIdp account. It seems I can successfully login but the redirect URL always sends me to localhost:3000/login/callback which is not present in my code because I changed the 'path' to '/users/login-user-db-saml' or 'www.passporttoken.com:1234/users/login-user-db-saml' (both doesn't work and still sends me to the default login/callback).

I have the code below. What I am doing wrong?

/**start FOR SAML**/
passport.use(new SamlStrategy(
    {
        path: '/users/login-user-db-saml',
        entryPoint: 'https://openidp.feide.no/simplesaml/saml2/idp/SSOService.php',
        issuer: 'passport-saml'
    },
    function(profile, done) {
        findByEmail(profile.email, function(err, user) {
            if (err) {
                return done(err);
            }
            return done(null, user);
        });
    })
);

app.post('/users/login-user-db-sam',
    passport.authenticate('saml', { failureRedirect: '/users/login-user-saml', failureFlash: true }),
    function(req, res) {
        res.redirect('/');
    }
);

app.get('/users/login-user-saml',
    passport.authenticate('saml', { failureRedirect: '/users/login-user-saml', failureFlash: true }),
    function(req, res) {
        res.redirect('/');
    }
);
/**End for SAML**/

回答1:


I removed the 'path' from the SAML configuration, and instead use a 'callbackUrl' with the full path to the callback specified. I also set 'issuer' as shown below:

    saml : {
      entryPoint : 'https://openidp.feide.no/simplesaml/saml2/idp/SSOService.php',
      issuer : 'http://192.168.56.101:3000',
      callbackUrl : 'http://192.168.56.101:3000/login/callback' 
    }

You should also configure your SAML SP at OpenIdP on the metadata configuration page: https://openidp.feide.no/simplesaml/module.php/metaedit/edit.php - set the AssertionConsumerServiceURL on the SAML 2.0 tab to be your callbackUrl, and set the entityID to be the 'issuer' above.




回答2:


Have you considered making your SAML Login route a POST request?

SAML wants it to be POST




回答3:


The problem is in your strategy configuration; especially issuer. Your configuration point to the entity 'passport-saml', which is configured as is. Define your own entity and create settings you need.



来源:https://stackoverflow.com/questions/21870767/node-js-passport-saml-redirects-to-localhost3000-login-callback-all-the-time

标签
node.js
passport.js
saml
saml-2.0
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!