Menu
I've implemented Passport-SAML into my site, and now I've been tasked with connecting our site with two other Identity Providers. In my code, it seems to use only the most recent definition of the SamlStrategy. How can I set up Passport to allow multiple different implementations of the same Strategy?
My implementation looks like this:
passport.use(new SamlStrategy(
{
path: '/saml',
entryPoint: "https://idp.identityprovider.net/idp/profile/SAML2/Redirect/SSO",
issuer: 'https://www.serviceprovider.com/saml',
identifierFormat: 'urn:domain:safemls:nameid-format:loginid'
},
function(profile, done) {
console.log("SamlStrategy done", profile)
User.findOne({email:profile.Email}, function(err, user) {
if (err) {
return done(err);
}
if(!user) return done(null, false, {message: 'No account associated with this email.'})
return done(null, user);
});
}
));
497
You can give each strategy a name
passport.use('config1', new SamlStrategy(..), callback);
passport.use('config2', new SamlStrategy(..), callback);
and then
app.post('/login/callback',
function(req, res) {
var config = // extract config name somehow
passport.authenticate(config, { failureRedirect: '/', failureFlash: true })();
}
function(req, res) {
res.redirect('/');
}
);
little fixes (and a lot of time saving :) ) to @woloski answer:
Giving strategy name:
passport.use( new SamlStrategy(name:'config1', ...), callback);
passport.use( new SamlStrategy(name:'config2', ...), callback);
and handling the post response:
app.post('/login/callback',
function(req, res, next) {
var config = // extract config name somehow
passport.authenticate(config, { failureRedirect: '/', failureFlash: true })(req, res, next);
}
function(req, res) {
res.redirect('/');
}
);
Cheers
31
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
