如何使用@node-saml/node-saml创建SAML SP?

tpgth1q7  于 11个月前  发布在  Node.js
关注(0)|答案(1)|浏览(112)

我正在开发SAML SP。我使用@node-saml/node-saml库。虽然我做了下面的源代码,但SAML认证不工作。你能告诉我如何修复或制作SAML SP的好参考源代码吗?
vc.ts

export const SAML = async () => {
  const express = require("express");
  const bodyParser = require("body-parser");
  const { SAML } = require("@node-saml/node-saml");

  const app = express();
  const port = 3001;

  app.use(bodyParser.urlencoded({ extended: true }));

  const spOptions = {
    issuer: "saml_XXX",
    cert: "MII...XXX",
    assert_endpoint: "https://5XXX",
    audience: "https://5XXX",
  };

  const sp = new SAML(spOptions);

  // SAMLrequest
  app.get("/login", (req: any, res: { redirect: (arg0: any) => void }) => {
    const request = sp.createLoginRequest();
    res.redirect(request);
  });

  // SAML Assertion
  app.post(
    "/assert",
    (
      req: { body: { SAMLResponse: any } },
      res: {
        status: (arg0: number) => {
          (): any;
          new (): any;
          send: { (arg0: any): any; new (): any };
        };
        redirect: (arg0: string) => any;
        send: (arg0: string) => void;
      }
    ) => {
      const response = req.body.SAMLResponse;
      sp.parseLoginResponse(
        response,
        (err: any, profile: any, loggedOut: any) => {
          if (err) {
            console.log("err:", err);
            return res.status(500).send(err);
          }

          console.log(profile);

          if (loggedOut) {
            return res.redirect("/");
          }

          res.send("Login successful!");
          return "OK!";
        }
      );
    }
  );

  return app;
};

字符串
saml-request.ts

import { error } from "console";
import { SAML } from "../../../lib/vc";

const createSamlRequest = async (req: any, res: any) => {
  const app = await SAML();
  app(req, res);
  try {
    console.log("success");
  } catch {
    console.log("failed", error);
  }
};

export default createSamlRequest;


对不起,我的英语和技术不好,谢谢你的好意。
我可能有一个spOptions内容.如果你知道,请告诉我如何在Azure Entra ID中设置SAML应用程序。(我已经阅读了下面的文档。但我无法为Assert消费者服务URL和实体ID设置正确的内容。现在我为Assert消费者服务URL设置了单个应用程序基URL,该URL可用于此源。
doc https://learn.microsoft.com/en-us/power-pages/security/authentication/saml2-settings-azure-ad

zvokhttg

zvokhttg1#

首先,在你的vc.ts文件中,你正在导出一个返回Express应用程序的函数。我建议直接导出应用程序示例,而不是函数。

import express from "express";
import bodyParser from "body-parser";
import { SAML } from "@node-saml/node-saml";

const app = express();
const port = 3001;

app.use(bodyParser.urlencoded({ extended: true }));

const spOptions = {
  issuer: "saml_XXX",
  cert: "MII...XXX",
  assert_endpoint: "https://5XXX",
  audience: "https://5XXX",
};

const sp = new SAML(spOptions);

// SAMLrequest
app.get("/login", (req, res) => {
  const request = sp.createLoginRequest();
  res.redirect(request);
});

// SAML Assertion
app.post("/assert", (req, res) => {
  const response = req.body.SAMLResponse;
  sp.parseLoginResponse(
    response,
    (err, profile, loggedOut) => {
      if (err) {
        console.log("err:", err);
        return res.status(500).send(err);
      }

      console.log(profile);

      if (loggedOut) {
        return res.redirect("/");
      }

      res.send("Login successful!");
    }
  );
});

export default app;

字符串
在saml-request.ts文件中,使用app示例而不是直接导出的函数。

import { error } from "console";
import app from "../../../lib/vc";

const createSamlRequest = async (req: any, res: any) => {
  app(req, res);
  try {
    console.log("success");
  } catch (err) {
    console.log("failed", err);
  }
};

export default createSamlRequest;

相关问题