Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Same passport js strategy with different configuration (SAML)

I'm trying to create SSO in my Nest.js application using Okta as Identity Provider and passport-saml library. I read documentation of Nest authentication and passport-saml. I have no problems with understanding of examples, but I really need to use SAML strategy with different configuration which depend on request body value of POST api/auth/saml. In other words, I have one strategy, but with different entryPoint, issuer, cert params for my custom LoginSSOStrategy class which extends PassportStrategy class of Nest.js. Any ideas how can I handle this?

like image 408
Dikcha Avatar asked Dec 09 '19 13:12

Dikcha


1 Answers

I'm not quite sure if this is a good approach, but if you want, you can make the class request scoped and inject the request via the constructor, then have access to the request object and be able to work with a new instance of your passport strategy each request. You can use the request to pass req.whatever to the super() class's constructor.

@Injectable({ scope: Scope.REQUEST })
export class LoginSSOStrategy exends PassportStrategy(Strategy) {

  constructor(@Inject(REQUEST) request: Request, ...) {
    super({/* options matching to request.field */});
  }

  validate(/* validate params*/) {
    /* validate functionality */
  }
}

This seems like something you'll want to do a lot of testing around and making sure it works with concurrent requests, but overall it could work, in theory at least.

like image 188
Jay McDoniel Avatar answered Oct 15 '22 15:10

Jay McDoniel