I'm setting up a web application with express and ejs and need to integrate SAML authentication. I've got a metadata.xml, a public cert and a private key. Now I want to set up this strategy and use it for authentication. I tried to use a module called passport-saml-metadata, but whenever I try to authenticate it says: Error: Unknown authentication strategy "saml" although it is defined and exported within the same file as other strategies which work.
First I tried to manually configure SAML with the passport-saml module, but then I noticed that their is a passport-saml-metadata which can process my metadata file and build up the strategy, so I decided to use this one. I now have a 'valid' (it does not complain at any time in execution), but the stragety is not found when I call the route. Other strategys in the same file, are recognized and working without hassle.
passport config:
// Read the metadata
const reader = new MetadataReader(
fs.readFileSync(path.join(__dirname, './metadata.xml'), 'utf8')
);
const ipConfig = toPassportConfig(reader);
const spPublicCertificate = path.join(__dirname, './server.crt');
const spPrivateKey = path.join(__dirname, './private_key.pem');
const spConfig = {
callbackUrl: `http://localhost:3300/auth/saml/sso/callback`,
logoutCallbackUrl: `http://localhost:3300/auth/saml/slo/callback`,
issuer: '/shibboleth',
privateCert: spPrivateKey
};
const strategyConfig = {
...ipConfig,
...spConfig,
validateInResponseTo: false,
disableRequestedAuthnContext: true,
};
const verifyProfile = (profile, done) => {
return done(null, { ...profile, test: 'xxx' });
};
const samlStrategy = new saml.Strategy(strategyConfig, verifyProfile);
passport.use(samlStrategy);
call in app.js
// Login Oauth
router.get('/okta', passport.authenticate('oauth2'));
// Login SAML
router.get('/saml', passport.authenticate('saml'));
I expect that the strategy is recognized by passport like oauth2 which is defined in the same file as saml. Because both files are exported and no error is shown during execution (besided that the strategy cannot be found), I expect that at least it would call the auth and that I can spot any error.
SAML metadata is an XML document which contains information necessary for interaction with SAML-enabled identity or service providers. The document contains e.g. URLs of endpoints, information about supported bindings, identifiers and public keys.
This is an XML document that contains information necessary for interaction with SAML-enabled identity or service providers. This XML document contains information about the CAS endpoint URLs, supported bindings, identifiers, and public keys.
This is a SAML 2.0 authentication provider for Passport, the Node. js authentication library. The code was originally based on Michael Bosworth's express-saml library. Passport-SAML has been tested to work with both SimpleSAMLphp based Identity Providers, and with Active Directory Federation Services.
Just had to set
passport.use(samlStrategy);
to
passport.use('saml',samlStrategy);
because it would not recognize the strategy otherwise...
Sorry for asking
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With