Node.js Passport SAML from multiple Identity Providers
Problem
I've implemented Passport-SAML into my site, and now I've been tasked with connecting our site with two other Identity Providers. In my code, it seems to use only the most recent definition of the SamlStrategy. How can I set up Passport to allow multiple different implementations of the same Strategy?
My implementation looks like this:
passport.use(new SamlStrategy(
{
path: '/saml',
entryPoint: "https://idp.identityprovider.net/idp/profile/SAML2/Redirect/SSO",
issuer: 'https://www.serviceprovider.com/saml',
identifierFormat: 'urn:domain:safemls:nameid-format:loginid'
},
function(profile, done) {
console.log("SamlStrategy done", profile)
User.findOne({email:profile.Email}, function(err, user) {
if (err) {
return done(err);
}
if(!user) return done(null, false, {message: 'No account associated with this email.'})
return done(null, user);
});
}
));
Problem courtesy of: Alex
Solution
You can give each strategy a name
passport.use('config1', new SamlStrategy(..), callback);
passport.use('config2', new SamlStrategy(..), callback);
and then
app.post('/login/callback',
function(req, res) {
var config = // extract config name somehow
passport.authenticate(config, { failureRedirect: '/', failureFlash: true })();
}
function(req, res) {
res.redirect('/');
}
);
Solution courtesy of: woloski
Discussion
View additional discussion.