node.js - How to pass X509 certificate in SAML POST

質問する 2021-02-15T17:35:25.027

81 次

I'm working on migrating our existing SAML implementation from SimpleSAMLphp to passport-saml. I've run into a couple road blocks when using the HTTP-POST binding.

When using a SAML chrome inspector I've noticed the working implementation passes the X509 Certificate in the message body, but passport-saml doesn't seem to include that, only the SignatureValue.

My SAML strategy currently looks like this.

const strategy = new passportSaml.Strategy(
  {
    callbackUrl: 'http://localhost:3000/assert',
    entryPoint: 'https://clientsaml.com/samljct/',
    passReqToCallback: true,
    cert: fs.readFileSync(
      path.resolve(__dirname, '../certs/cert.crt'),
      'utf-8'
    ),
    privateKey: fs.readFileSync(
      path.resolve(__dirname, '../certs/privateKey.pem'),
      'utf-8'
    ),
    authnRequestBinding: 'HTTP-POST',
    skipRequestCompression: true
  },
  (profile, done) => {
    console.log(profile);
    return done(null, profile);
  }
);

node.js - How to pass X509 certificate in SAML POST

0 に答える 0

Related

Reference