Comments (6)
benheymink
commented on June 3, 2024
4
Late to the party, but take a look at passports: https://www.npmjs.org/package/passports
from passport-saml.
ploer
commented on June 3, 2024
So, the issue is that you have many users with many different identity providers, some of which are different accounts at onelogin, and you need to be able to dispatch to the appropriate identity provider based on some property of the user?
passport-saml is oriented around providing a strategy to authenticate users against one identity provider. If you have multiple identity providers I think you want multiple instances of the passport-saml strategy, and then maybe a middleware wrapper around your passport.authenticate call that dispatches to the appropriate strategy based on your application logic.
from passport-saml.
apriendeau
commented on June 3, 2024
So we are only looking to support onelogin but since they generate a random url, like https://app.onelogin.com/trust/saml2/http-post/sso/{{random_id_generated}}; How do you add that without it being dynamic? So if I have two different companies that are using onelogin. If I can add it to .authenticate(), how would you use suggest that we go about that?
from passport-saml.
ploer
commented on June 3, 2024
Well, I'm not sure I'd call it random, it's just that each company using onelogin as an identity provider has a different id, right? So as part of each company that wants to set up onelogin as their identity provider for you, they need to give you that entrypoint. It may be all at onelogin but it is still multiple identity providers.
So one way I can think of to handle this (not sure if its the best way or not), would be to register multiple strategies for each comany, i.e. passport.use('saml-foo-company', samlStrategy1); passport.use('saml-bar-company', samlStrategy2);, and then instead of putting passport.authenticate in the middleware chain for your route, something like:
function authenticateWithAppropriateIdentityProvider(res, req, next) {
if (userIsWithFooCompany)
passport.authenticate('saml-foo-company')
else if (userIsWithBarCompany)
passport.authenticate('saml-bar'company')
...
}
from passport-saml.
ploer
commented on June 3, 2024
Nice, that looks like just the thing.
from passport-saml.
apriendeau
commented on June 3, 2024
perfect. Thank you.
from passport-saml.
Related Issues (20)
- Audience must be supplied HOT 4
- [BUG] Invalid document signature after upgrading from 2.2.0 to 4.0.1 HOT 12
- [BUG] Passport SAML is always chosen first by NestJS Passport, no matter the order HOT 1
- Invalid Signature While integrating passport-saml with OAM HOT 7
- [BUG] After an upgrade from passport-saml to @node-saml/passport-saml, assertion validation stopped working with HTTP-POST binding with an error: SAML.validatePostResponseAsync, Invalid document signature HOT 9
- Is there a way to test a provider configuration before call done() on MultiSamlStrategy? HOT 1
- Cannot POST /saml/consume HOT 3
- Possible to add custom relay state in SAML login requests? HOT 2
- Assertion signature is missing in SAML Response when using Google Workspace HOT 5
- [BUG] Invalid document signature HOT 7
- Functionality difference between Redhat UBI 8and UBI 9 HOT 3
- Reference id not matching with documentElement id HOT 8
- passport-saml requires session support (session auth) — Is it possible to do with JWT auth instead?
- [BUG] Bug in the implementation of MultiSamlStrategy on NestJS HOT 2
- [BUG] validateInResponseTo = true does not validate responses HOT 6
- Importing passport-saml fails on node v20.6.0 HOT 3
- [BUG] Importing @node-saml/passport-saml gives type error HOT 5
- [BUG] Error: Invalid document signature HOT 2
- Breaking change in v5.0.0, docs not updated (TypeError: callbackUrl is required) HOT 9
- [BUG] Callback URL switches from https to http HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from passport-saml.