87 questions
0
votes
1
answer
32
views
So does Passport req.login() persist User in Session?
Though I've been working with node express for over two years now, passport/saml authentication is brand new to me. I've noticed that documentation about this is very thin, incomplete and sometimes ...
- 117
0
votes
1
answer
184
views
SAML Response Validation Fails with "Invalid Document Signature" in Node.js
I'm working with SAML authentication using node-saml in my Node.js application. The SAML response status is success, but when I attempt to validate the response, I get the following error:
Error: ...
- 125
1
vote
1
answer
147
views
Public signing cert for simplesaml
I am trying to config simplesamlphp to test my saml client which uses passport js. Passport saml requires a certificate to be set. However when trying to setup simplesaml w/ a cert I am getting an ...
- 24.5k
0
votes
0
answers
247
views
Why Microsoft Entra ID's Identifier (EntityID) doesn't match Metadata XML EntityID?
I'm setting up a nodeJs SAML application. My users can create an org, connect it to Azure Entra ID and authenticate against Entra.
I want to enable my users to set up their SAML connection to Azure ...
- 73
0
votes
1
answer
416
views
How to validate assertion in verify callback of passport SAML strategy during saml/callback?
This is Sample code I got from passport-saml documentation. Instead of checking email id I want to validate saml assertion, which in turn will indicate that user is authenticated at idp as well, right?...
- 75
0
votes
0
answers
39
views
Will callback function gets executed only in error scenario - Passport SAML SSO
I am learning about passport and working on SAML strategy, will this (err) => {} callback only run during case of error or it will run in all scenario, i.e successful, unsuccessful, error.
Thanks ...
- 75
1
vote
1
answer
200
views
MultiSamlStrategy in NestJs
I see that passport-saml provides multi saml strategy to use as following (reference).
const { MultiSamlStrategy } = require('passport-saml');
passport.use(new MultiSamlStrategy(
{
...
- 3,757
1
vote
0
answers
1k
views
Upgrading Passport-Saml to @node-saml/passport-saml Error
I've notice the passport-saml package is deprecated and I thought of upgrading the package to @node-saml/passport-saml. I've written my code similar to the one in the given github example. This is the ...
- 75
0
votes
1
answer
454
views
Access the http request object from a passport strategy constructor
I need to configure my saml strategy dynamically.
Specifically I need to retrieve a parameter from the login URL.
I paste here some of my code to better explain my situation:
// auth.controller.ts
@...
- 41
1
vote
1
answer
2k
views
Why passport-saml can't find a signature - Invalid document signature
Why a signature can't be found?
I've checked the code during execution and saw that signatures was empty:
if (signatures.length !== 1) {
return false;
}
Because an ID from Response didn't match ...
- 73
0
votes
1
answer
342
views
Passport-js: Express-Session gets regenerated when callback endpoint is called
I am trying to use passport-saml to authenticate users with a SAML IdP. As Frontend I am using React JS with Vite and as Backend I am using express.js with express-session as session manager.
My ...
- 1
0
votes
1
answer
575
views
Error: SAMLResponse is not valid base64-encoded XML - error in passport-saml while authenticating with okta
I am currently using passport.js and passport-saml package to authenticate my nodejs application via okta. My current package.json includes below versions for passport related packages:
"passport&...
- 30
0
votes
1
answer
742
views
Node JS passport-saml authentication fails with "preflight request doesn't pass access control check" when deploying multiple instance using pm2
I have tried plenty of answers posted for a similar question but my issue is slightly different from straight forward CORS issue.
I am using passport-saml with my Node JS app to authenticate my web-...
- 5,618
1
vote
0
answers
665
views
How to get user details using passport-SAML in node js
I'm using passport-SAML in node js for SAML authentication.
my SAML Saml Strategy
passport.use(new SamlStrategy({
protocol: 'https://',
entryPoint: 'https://accounts.google.com/o/saml2/idp?...
- 123
1
vote
1
answer
449
views
Persist session id in passport-saml login login callback
I'm using passport-saml and express-session. I login with my original session id but when the idp response reach the login callback handler, I have another sessionId. Also, since my browser has the ...
- 363
1
vote
1
answer
1k
views
Implementing SAML with Passport-saml fails: PEM_read_bio_ex:bad base64 decode
I am trying to configure my nestjs app with passport-saml for a new client (a new Okta test account). The code has been proven in the past and my old okta account has been disabled.
I created a new ...
- 1,803
1
vote
0
answers
333
views
Passport.use will not take an instance of passport-saml.Strategy
I am using two libraries to implement auth. Passport.js and passport-saml (which is just a strategy implementation for passport.js). After creating the passport-saml strategy the passport.use function ...
0
votes
1
answer
1k
views
PassportJS with passport-saml, how to get SAML request ID?
I'm using PassportJS and passport-saml to connect to a SSO server.
I want to have the ID that is into the SAML request (/login route) in order to store a key with this ID. Then in the callback (/login/...
- 41
0
votes
0
answers
127
views
okta does not validate issuer, coming from sp
I'm using okta as IDP for saml2 authentification, howver its works well, but I noticed that that octa does not check issuer , im confused about that, he shouldnt accept a request from any source ...
- 41
0
votes
1
answer
1k
views
How can I implement Single Logout using Passport.js on a node / express middleware
Am implementing SAML SSO using Passport and passport-saml in a node/express middleware.
Have the following express user and strategy defined:
User
const savedUsers = [];
passport.serializeUser((...
- 478
1
vote
0
answers
134
views
How to login into Onelogin via custom UI and redirect to a preconfigured APP
We need to be able to login to onelogin and redirect to an APP on clicking a button in our home page. We should also be able to send some custom params. We tried using passport-saml for this but we ...
- 492
2
votes
1
answer
2k
views
How to do Single Sign-Out SAML using passport-saml npm package?
The application using single sign on flow in Azure AD using the npm package passport-saml.
Application built in nodejs express framework.
passport saml Configuration looks like this snippet:
filename -...
- 426
0
votes
1
answer
555
views
SSO. How to use IdP as a Proxy?
Implement SSO flow for authentication. I'm a newbee here and cannot get some places. I tried to implement service provider initiated flow. And it looks like this:
User clicks on button on my frontend ...
- 225
0
votes
1
answer
1k
views
Passport-SAML. How to avoid calling getSamlOptions after authentication on external IdP?
Try to setup Passport-SAML on my project. Here is an code example
export const samlFederationAuthentication = () => {
const multiSamlStrategy: MultiSamlStrategy = new MultiSamlStrategy(
{
...
- 225
1
vote
0
answers
367
views
How to add `<Extensions>` element in SAML request using passport-saml?
I am using passport-saml as a SAML client and requesting to external IDP. I want to add <Extensions> element in SAML request like below:
<samlp:AuthnRequest AssertionConsumerServiceURL="...
- 657
1
vote
1
answer
882
views
How to use dynamic passport SAML stratagey?
I am trying to implement SAML for google and okta for the different enterprises. Now, I have multiple entry points for that.
passport.use(
"saml",
new SamlStrategy(
{
...
- 13
1
vote
0
answers
386
views
How to pass X509 certificate in SAML POST
I'm working on migrating our existing SAML implementation from SimpleSAMLphp to passport-saml. I've run into a couple road blocks when using the HTTP-POST binding.
When using a SAML chrome inspector I'...
- 4,891
0
votes
1
answer
1k
views
passport saml how to pass profile data to route
when I created passport-saml strategy, during login, there is a profile object pass to the middleware function, with nameID info there. I need that info to call logout later on.
// passportHandler.js
...
- 517
1
vote
0
answers
517
views
http SAML get request not redirecting to a url location
I'm using passport-saml and trying to get my redirect working on get request. But the response that I get from server is pure HTML. How do I make it load the HTML in a new page?
this.http.get(this....
- 51
2
votes
0
answers
969
views
How to configure ADFS with react js app for sso using passport-saml and express js?
I've my reactjs application which needs sso. I've decided to have ADFS as my IDP. How to configure adfs with my react js application. How to use passport saml in reactjs for sso?can i have detailed ...
- 55
0
votes
1
answer
475
views
Saml Strategy Verify callback not getting called
As per the passportjs documentation, the verifier function is supposed to be called.
But I am not seeing this call back.
I am testing this with okta. In okta the app is configured to send the saml ...
- 931
1
vote
0
answers
2k
views
SSO callback with passport-saml does not work
I'm currently implementing SAML SSO with passport-saml. The flow works with the GET endpoint until the callback to the endpoint, which handles POST requests. If I add passport.authenticate('saml', { ...
- 103
1
vote
0
answers
319
views
Logout of Google IDP with Passport saml
I am using passport-saml to authenticate users via Google IDP(SAML APP)
My SAML Strategy is configured as below
const samlStrategy = new SamlStrategy({
protocol: PROTOCOL,
entryPoint: SSO_URL, ...
2
votes
1
answer
2k
views
Retrieve RelayState value using Passport-SAML
I am unable to retrieve the RelayState value. Can someone please direct me or provide a link to relevant documentation.
This is what I have so far as my setup and routes.
Setup
const saml_strategy = ...
- 439
0
votes
1
answer
1k
views
Passport-saml metadata xml config
I'm trying to use passport-saml for authentication in my project. So far I was able to use passport.generateServiceProviderMetadata(decryptionCert) to generate the following metadata.xml:
<...
- 3,163
0
votes
1
answer
543
views
How do I hook up the authProvider in react-admin to use SAML?
I've tried following the sample code on the passport-saml site, and the advanced tutorial on the react-admin site for OAuth, but haven't been able to figure out what I need to do with the authProvider ...
- 1
0
votes
1
answer
263
views
Creating Application for other enterprise to SSO and list directory users?
I am trying to create a web application. This app is a B2B PAS model.
One of the features of the app is, an organization using GSuite, can onboard our system and then all its users can log in to our ...
- 231
0
votes
2
answers
2k
views
NodeJS/ExpressJS/passport-saml ADFS SingleLogout implementation
I did not know where to go next so I'm going to post my issue here, as I've already seen some related issues on this matter. Unfortunately the solutions provided did not work in my case, and I do not ...
- 201
1
vote
1
answer
389
views
How to login user with Meteor in Server side after Receive A callback from IDP
I need authenticate a user using passport-saml v2.0 and login after the authenticaton callback successful responds to IDP post request.
I’am using React in front-end with flow router and Picker in ...
0
votes
1
answer
488
views
Determine if IDP initiated or SP initiated in SP callback?
I am using passport-saml authentication module in my node application. In the registered IDP callback function that resides in my SP I need to determine if the callback was SP initiated or IDP ...
- 24.5k
0
votes
1
answer
1k
views
Passport saml logout is not working because of callback url
I am using passport saml to logout from IDP here is my code:
module.exports = function logout(app, samlStrategy, config) {
app.get('/logout', (req, res) => {
const { webUser } = req;
...
1
vote
1
answer
4k
views
Manually initiate login session using NestJS and Passport
I'm looking for a way to programatically log in a fake user for development purposes. The end goal is that I open the app for demo/development purposes and there's a fake user forcibly logged in(this ...
- 419
4
votes
0
answers
960
views
Redirect browser to login page with passport-saml
I have an application where the front-end is ReactJs and the back-end is express.
I am trying to implement SSO with SAML2 and I use OKTA as the IDP.
front-end is running on localhost:3000
...
- 121
7
votes
2
answers
2k
views
Same passport js strategy with different configuration (SAML)
I'm trying to create SSO in my Nest.js application using Okta as Identity Provider and passport-saml library. I read documentation of Nest authentication and passport-saml. I have no problems with ...
- 81
0
votes
2
answers
3k
views
ExpressJS/Passport-SAML Single Log Out re-logs in directly
Currently I am working on a passport-saml implementation in our NodeJS application.
The reason to do so is to give our customers the possibility to connect to their AD FS systems and take advantage of ...
- 201
0
votes
1
answer
598
views
Passport callback not being called
While trying to implement the passport-same authentication methods I have hit a roadblock. The callback function passed to the passport.authenticated function does not get called.
router.post("/saml/...
- 5,073
1
vote
1
answer
1k
views
ADFS sso and using passport-saml Express "No decryption key for encrypted SAML response"
I am having this issue while logging ADFS SSO. "No decryption key for encrypted SAML response".
Login from another account is being successful. Someone can help me with this. I am using Express with ...
- 370
4
votes
3
answers
4k
views
passport-saml - express - redirected url not submitting form gives SAML assertion not yet valid
Below is the error that I am getting on my console today as opposed to yesterday when the same code was working fine.
Error: SAML assertion not yet valid
at SAML.checkTimestampsValidityError
...
- 4,013
0
votes
1
answer
932
views
Trying to test SAML auth with open/free SAML IDP
I am trying to test and debug SAML authentication with my app. I currently do not have my own SAML IDP so I am trying to test with free/open SAML IDP providers.
Currently I am testing with SSOCircle:...
- 24.5k
3
votes
2
answers
6k
views
Handle the Identity provider side of SAML using Node.js
I need to implement an Identity provider service (using node.js) that should be able to.
Get, validate and parse (using private key and cretificate) the authentication request from SP example
If ...
- 457