护照saml如何将个人资料数据传递给路线
passport saml how to pass profile data to route
当我创建 passport-saml 策略时,在登录期间,有一个配置文件对象传递给中间件函数,其中包含 nameID 信息。我需要该信息以便稍后调用注销。
// passportHandler.js
const passport = require("passport");
const passportSaml = require("passport-saml");
passport.serializeUser((user, done) => {
done(null, user);
});
passport.deserializeUser((user, done) => {
done(null, user);
});
// SAML strategy for passport -- Single IPD
const samlStrategy = new passportSaml.Strategy(
{
entryPoint: process.env.SSO_ENTRYPOINT,
logoutUrl: process.env.SSO_LOGOUT,
issuer: process.env.SSO_ISSUER,
callbackUrl: process.env.SSO_CALLBACK_URL || undefined,
path: process.env.path,
cert: process.env.SSO_CERT.replace(/\n/gm, "\n"), // change "\n" into real line break
},
(profile, done) => {
console.log('profile', profile); // nameID and nameIDFormat are in profile object
done(null, profile)
}
);
passport.use(samlStrategy);
module.exports = passport;
index.js
// index.js of Express server
import passport from "./src/passportHandler";
import { getLogout } from "./src/routes.js";
const app = express();
app.use(passport.initialize());
app.use(passport.session());
app.get('/sso/logout', getLogout); // this route, I need the above 2 data
getLogout 函数从另一个文件导入,我对 nameID 和 nameIDFormat 进行了硬编码,如何从 profile 对象开始获取它们,将它们保存在某处,然后将它们传递给这个路线?
// routes.js
export const getLogout = (req, res) => {
!req.user && (req.user = {})
req.user.nameID = 'Eric1234@outlook.onmicrosoft.com'; // hardcode, how to pass this info?
req.user.nameIDFormat = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'; // hardcode too
const samlStrategy = req._passport?.instance?._strategies?.saml; // is this correct?
samlStrategy.logout(req, (err, request) => {
if (!err) {
res.redirect(request);
}
})
};
我的第二个问题是,我从 req._passport?.instance?._strategies?.saml 获取了 samlStrategy 对象,这是获取它的正确方法吗?或者,同样的问题,我如何从一开始就将 saml 策略对象传递给这条路线?
感谢您的帮助!
回答我自己的愚蠢问题...
在 samlStrategy 中,最后调用 done(null, profile)
const samlStrategy = new passportSaml.Strategy(
{
entryPoint: process.env.SSO_ENTRYPOINT,
logoutUrl: process.env.SSO_LOGOUT,
issuer: process.env.SSO_ISSUER,
callbackUrl: process.env.SSO_CALLBACK_URL || undefined,
path: process.env.path,
cert: process.env.SSO_CERT.replace(/\n/gm, "\n"), // change "\n" into real line break
},
(profile, done) => {
console.log('profile', profile); // nameID and nameIDFormat are in profile object
done(null, profile)
}
);
那么profile对象在Service Provider的登录Post回调函数中会变成req.user对象
然后我可以将用户对象保存在某个地方,并在 logout 被调用时再次使用它。
当我创建 passport-saml 策略时,在登录期间,有一个配置文件对象传递给中间件函数,其中包含 nameID 信息。我需要该信息以便稍后调用注销。
// passportHandler.js
const passport = require("passport");
const passportSaml = require("passport-saml");
passport.serializeUser((user, done) => {
done(null, user);
});
passport.deserializeUser((user, done) => {
done(null, user);
});
// SAML strategy for passport -- Single IPD
const samlStrategy = new passportSaml.Strategy(
{
entryPoint: process.env.SSO_ENTRYPOINT,
logoutUrl: process.env.SSO_LOGOUT,
issuer: process.env.SSO_ISSUER,
callbackUrl: process.env.SSO_CALLBACK_URL || undefined,
path: process.env.path,
cert: process.env.SSO_CERT.replace(/\n/gm, "\n"), // change "\n" into real line break
},
(profile, done) => {
console.log('profile', profile); // nameID and nameIDFormat are in profile object
done(null, profile)
}
);
passport.use(samlStrategy);
module.exports = passport;
index.js
// index.js of Express server
import passport from "./src/passportHandler";
import { getLogout } from "./src/routes.js";
const app = express();
app.use(passport.initialize());
app.use(passport.session());
app.get('/sso/logout', getLogout); // this route, I need the above 2 data
getLogout 函数从另一个文件导入,我对 nameID 和 nameIDFormat 进行了硬编码,如何从 profile 对象开始获取它们,将它们保存在某处,然后将它们传递给这个路线?
// routes.js
export const getLogout = (req, res) => {
!req.user && (req.user = {})
req.user.nameID = 'Eric1234@outlook.onmicrosoft.com'; // hardcode, how to pass this info?
req.user.nameIDFormat = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'; // hardcode too
const samlStrategy = req._passport?.instance?._strategies?.saml; // is this correct?
samlStrategy.logout(req, (err, request) => {
if (!err) {
res.redirect(request);
}
})
};
我的第二个问题是,我从 req._passport?.instance?._strategies?.saml 获取了 samlStrategy 对象,这是获取它的正确方法吗?或者,同样的问题,我如何从一开始就将 saml 策略对象传递给这条路线?
感谢您的帮助!
回答我自己的愚蠢问题...
在 samlStrategy 中,最后调用 done(null, profile)
const samlStrategy = new passportSaml.Strategy(
{
entryPoint: process.env.SSO_ENTRYPOINT,
logoutUrl: process.env.SSO_LOGOUT,
issuer: process.env.SSO_ISSUER,
callbackUrl: process.env.SSO_CALLBACK_URL || undefined,
path: process.env.path,
cert: process.env.SSO_CERT.replace(/\n/gm, "\n"), // change "\n" into real line break
},
(profile, done) => {
console.log('profile', profile); // nameID and nameIDFormat are in profile object
done(null, profile)
}
);
那么profile对象在Service Provider的登录Post回调函数中会变成req.user对象
然后我可以将用户对象保存在某个地方,并在 logout 被调用时再次使用它。