护照- SAML &访问SAML值
护照- SAML &访问SAML值
提问于 2018-04-05 06:15:09
我的passport工作正常,但是我无法访问从claim返回的ADFS属性,例如firstName属性。
以下代码在console.log中单击web浏览器中的/login端点时显示如下内容:
获得/用户认证!req.user:{}
对于为什么下面的内容不起作用,似乎没有填充req对象,有什么想法吗?
var app = express();
var samlStrategy = new saml.Strategy(
{
entryPoint: 'https://adfs.mydomain/adfs/ls/',
issuer: 'https://foo.mydomain/login/callback',
callbackUrl: 'https://foo.mydomain/login/callback',
privateCert: fs.readFileSync('./certs/my.key', 'utf-8'),
cert: fs.readFileSync('./certs/adfs.mydomain.crt', 'utf-8'),
authnContext: 'http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/windows',
acceptedClockSkewMs: -1,
identifierFormat: null,
signatureAlgorithm: 'sha256'
},
function (profile, done) {
return done(null,
{
nameIDFormat: profile.nameIDFormat,
nameID: profile.nameID,
firstName: profile.firstName
}
);
}
);
passport.serializeUser(function (user, done) {
done(null, user);
});
passport.deserializeUser(function (user, done) {
done(null, user);
});
passport.use(samlStrategy);
app.use(cookieParser());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(bodyParser.json());
app.use(session({ resave: true, saveUninitialized: false, secret: 'xxxxx' }));
app.use(passport.initialize());
app.use(passport.session());
app.get('/', function (req, res) {
if (req.isAuthenticated()) {
console.log('GET [/] user authenticated! req.user: %s \n', JSON.stringify(req.user));
} else {
console.log('GET [/] user not authenticated! \n');
}
res.send(200);
});
app.get('/login', passport.authenticate('saml', { failureRedirect: '/' }), function (req, res) { res.redirect('/') });
app.post('/login/callback', passport.authenticate('saml', { failureRedirect: '/login', failureFlash: true }),
function (req, res) {
res.redirect('/');
}
);更新:问题似乎存在于未填充的配置文件详细信息中,如果我设置了一个静态值,它将正确工作:
var samlStrategy = new saml.Strategy(
{
entryPoint: 'https://adfs.mydomain/adfs/ls/',
issuer: 'https://foo.mydomain/login/callback',
callbackUrl: 'https://foo.mydomain/login/callback',
privateCert: fs.readFileSync('./certs/my.key', 'utf-8'),
cert: fs.readFileSync('./certs/adfs.mydomain.crt', 'utf-8'),
authnContext: 'http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/windows',
acceptedClockSkewMs: -1,
identifierFormat: null,
signatureAlgorithm: 'sha256'
},
function (profile, done) {
return done(null,
{
nameIDFormat: profile.nameIDFormat,
nameID: profile.nameID,
firstName: 'test_user'
}
);
}
);获得/用户认证!req.user:{"firstName":"test_user"}
回答 1
Stack Overflow用户
回答已采纳
发布于 2018-04-05 23:55:15
解决方案是从概要文件中获取正确的元素,下面是一个简单的示例。
function (profile, done) {
console.log('passport.use() profile: %s \n', JSON.stringify(profile));
return done(null,
{
upn: profile['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn']
}
);
}页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/49665309
复制相关文章
相似问题
腾讯云开发者
