passport-saml2 callback with request/query parameters, Nodejs

Problem at hand

Recently I got requirement to create a generic route that will use separate Identity Provider for each client.
You can check out my another article, if you want to learn saml2 auth implementation end-to-end.
Token based + sessionless saml2 auth implementation using Passport, NodeJs

Solution

Here I am going to share the solution that I figured out.
To read the configuration for each client, we decided to take client name as a request parameter. So If you have read my another article, you will notice this time I am implementing strategy dynamically using client configuration coming in request parameter.

Before moving forward, let’s have a look of configuration file :

config.js

Nothing special, It is as simple as it shows, configurations for each client. As they could have different Identity Provider, we have separated configurations for each one.

After going through the configurations, It is a time to check the strategy JS file now :

samlStrategies.js

I have wrapped the strategy implementation in a function, it is taking client name as a parameter. I know you got the point already, I am reading configuration using client name & setting up the implementation.
Here I am sure you have a question in mind, when this function will be called ?
Actual magic comes up here now, See below routes.js file.

routes.js

I am calling the function in the route(/saml2/:client’) just before asking passport to authenticate the request. Now “passport saml strategy” has been set up for the client coming in & It will authenticate the request using its specific Identity Provider.
Going forward, I have pass the client name in callback URL as well. So that if we need to read some configuration again for the client,we will get client name again in the route when Identity Provider calls back the route.

Feel free to share your comments if you have any better approach for the same task. I would love to read your idea.

Reference: Narendra Singh (http://blog.sikarnarender.com)

2 Replies to “passport-saml2 callback with request/query parameters, Nodejs”

Leave a Reply

Your email address will not be published. Required fields are marked *