0

我有一个基于 NodeJS 的小型 Web 应用程序,使用 Express 4 和 passport-saml 进行身份验证(使用 OneLogin)。我可以调用 OneLogin 的 SAML 测试连接器端点并使用有效的会话 ID 获得授权,但是在passport.authenticate()以下 TypeError 期间抛出:

TypeError: Cannot read property 'stripPrefix' of undefined
   at SAML.processValidlySignedAssertion (/Users/johnellis/supdash/node_modules/passport-saml/lib/passport-saml/saml.js:653:42)
   at /Users/johnellis/supdash/node_modules/passport-saml/lib/passport-saml/saml.js:548:19
   at _fulfilled (/Users/johnellis/supdash/node_modules/q/q.js:794:54)
   at self.promiseDispatch.done (/Users/johnellis/supdash/node_modules/q/q.js:823:30)
   at Promise.promise.promiseDispatch (/Users/johnellis/supdash/node_modules/q/q.js:756:13)
   at /Users/johnellis/supdash/node_modules/q/q.js:516:49
   at flush (/Users/johnellis/supdash/node_modules/q/q.js:110:17)
   at _combinedTickCallback (internal/process/next_tick.js:67:7)
   at process._tickCallback (internal/process/next_tick.js:98:9)

这是主要的 App.js

var express = require('express'),
    app = express(),
    https = require('https'),
    mysql = require('mysql'),
    passport = require('passport'),
    ldapStrategy = require('passport-ldapauth').Strategy,
    samlStrategy = require('passport-saml').Strategy,
    LocalStrategy = require('passport-local').Strategy,
    api = require(__dirname + '/server/routes/api'),
    evapi = require(__dirname + '/server/routes/evapi'),
    nsapi = require(__dirname + '/server/routes/nsapi'),
    sugarapi = require(__dirname + '/server/routes/sugarapi'),
    downloadsapi = require(__dirname + '/server/routes/downloadstats'),
    home = require(__dirname + '/server/routes/home'),
    companyoverview = require(__dirname + '/server/routes/companyoverview'),
    hoops = require(__dirname + '/server/routes/hoops'),
    oem = require(__dirname + '/server/routes/oem'),
    tetra = require(__dirname + '/server/routes/tetra'),
    productsupport = require(__dirname + '/server/routes/productsupport'),
    dashboards = require(__dirname + '/server/routes/dashboards'),
    auth = require(__dirname + '/server/routes/auth'),
    users = require(__dirname + '/server/config/users'),
    isLoggedIn = require('connect-ensure-login').ensureLoggedIn('/auth/login'),
    flash = require('connect-flash'),
    trello = require(__dirname+'/server/routes/trello'),
    sharepointapi = require(__dirname+'/server/routes/sharepoint'),
    fs = require('fs'),
    sp = require('spscript');

app.set('view engine', 'pug');  

/*********MIDDLEWARE*********/
//logging, parsing, and session handling
//app.use(require('morgan')('combined'));
app.use(require('cookie-parser')());
app.use(require('body-parser').urlencoded({ extended: true }));
app.use(require('express-session')({ secret: 'secret', resave: false, saveUninitialized: false, cookie:{expires:new Date(25340230000000)} }))

//static serves up javascript and css files
app.use('/static', express.static(__dirname + '/public'));

//passport
passport.use(new samlStrategy(
    {
        callbackUrl:'https://localhost:4433/auth/login',
        entryPoint: 'https://techsoft3d.onelogin.com/trust/saml2/http-post/sso/123456',
        issuer:'passport-saml',
        signatureAlgorithm:'sha1',
        cert: 'MIIEmTCCA4GgAwIBAgIULiIkAfNWfxZ90myfeMR8mMo5vUowDQYJKoZIhvcNAQEFBQAwgYExCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZPcmVnb24xDTALBgNVBAcMBEJlbmQxGjAYBgNVBAoMEVRlY2ggU29mdCAzRCwgSW5jMRUwEwYDVQQLDAxPbmVMb2dpbiBJZFAxHzAdBgNVBAMMFk9uZUxvZ2luIEFjY291bnQgNzAyOTYwHhcNMTYwOTE0MTYzMTUxWhcNMjEwOTE1MTYzMTUxWjCBgTELMAkGA1UEBhMCVVMxDzANBgNVasdBAgMBk9yZWdvbjENMAsGA1UEBwwEQmVuZDEaMBgGA1UECgwRVGVjaCBTb2Z0IDNELCBJbmMxFTATBgNVBAsMDE9uZUxvZ2luIElkUDEfMB0GA1UEAwwWT25lTG9naW4gQWNjb3VudCA3MDI5NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANQNZOV709aIWLKLPLMmemwFF2/IayhgwpiSiVyxPQpckA8huEsw9kfVlHekvme2cmzI9xDfOc0xecbKs7bsTvuE6xIlJEuPAUXJMQPM0LAGc/xuHsbJpl6IN726sghVLy4Cvwirae3Lb95C8B+VtUEWswgT89S7vckFeKFz+OJarAWsbqv7ZW06L/++nvYEmmJSHZbMoJmlcW+bqTrn6encBONafRB4J4i4J1rT7/WU6+k8pRRD15FjbwtOSY+4y+E7qXo/BmOK2YsPuIGCXRjitv3h55m8oRyEGsgIybHBGF/NxKgwbXzVMXEacBlO7EHQGrcYQqqgj/xN3/8nKuUCAwEAAaOCAQUwggEBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFAoYZQn8L2vfZjAYlvcZanm4ZS7HMIHBBgNVHSMEgbkwgbaAFAoYZQn8L2vfZjAYlvcZanm4ZS7HoYGHpIGEMIGBMQswCQYDVQQGEwJVUzEPMA0GA1UECAwGT3JlZ29uMQ0wCwYDVQQHDARCZW5kMRowGAYDVQQKDBFUZWNoIFNvZnQgM0QsIEluYzEVMBMGA1UECwwMT25lTG9naW4gSWRQMR8wHQYDVQQDDBZPbmVMb2dpbiBBY2NvdW50IDcwMjk2ghQuIiQB81Z/Fn3SbJ94xHyYyjm9SjAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQEFBQADggEBAJdSR30R/pdNWgxf7O1lgBYFB5lxBKYA0IGhA0aXT8EloziSB110TfcX2TiNargPeXVpyJI3BNwG69hQXCAwyMPeRocmAFcvbaMFAQ/7Y1eAsMc2/LFmuPBTF9S52hoRkiyCjju4dPzPKzjkfawiU59iFjrkHgIpl3ql3u6dCEWpHCxQJ5M0m8ghkfSyxIB/nN4SHAB+wO3cM0iKYd896E+c8qpumdUCzje777akdB+BgKVTd3i0wm8fngmY3YErxcb6TXyRvCn1wG4RzfmPIouX5M2Kq8ZS2X5sdQLImMTAzWIXOeYO+10H6s5L2jXEeABFzf3W2AyySqOZw5cVy0k='
    },
    function(profile, done){
        console.log('test')
        return done(null,profile);
    }
));

passport.serializeUser(function(user,done){
    done(null,user);
});

passport.deserializeUser(function(user,done){
    done(null,user);
});

app.use(passport.initialize());
app.use(passport.session());
app.use(flash());


//external APIs
app.use('/api',isLoggedIn, api);
app.use('/evapi',isLoggedIn, evapi);
app.use('/nsapi', isLoggedIn, nsapi);
app.use('/sugarapi',isLoggedIn, sugarapi);
app.use('/downloads', isLoggedIn, downloadsapi);
app.use ('/trello',isLoggedIn,trello);
app.use('/sharepointapi',isLoggedIn,sharepointapi);

//page routes
app.use('/', home);
app.use('/companyoverview', isLoggedIn,companyoverview);
app.use('/hoops', isLoggedIn,hoops);
app.use('/oem', isLoggedIn,oem);
app.use('/tetra', isLoggedIn,tetra);
app.use('/productsupport', isLoggedIn,productsupport);
app.use('/dashboards', isLoggedIn,dashboards);
app.use('/auth', auth);

//404 and 500s
app.use(function(req, res) { res.render('404') });
//app.use(function(error, req, res, next) { res.render('500') });

var options = {
    key:fs.readFileSync(__dirname+'/path/to/key.pem'),
    cert:fs.readFileSync(__dirname+'/path/to/key.pem')
    };

var secureServer = https.createServer(options,app).listen(4433, function() {
    console.log('Reporting Dashboard Started: 4433');
});

auth.js(登录页面和身份验证的路由)

var express = require('express');
var passport = require('passport');
//var LocalStrategy = require('passport-local').Strategy;
//var ldapStrategy = require('passport-ldapauth').Strategy;
//const samlStrategy = require('passport-saml').Strategy;

module.exports = (function(){
    'use strict';
    var router = express.Router();

    router.get('/login', function(request, response) { response.render('login') });

    router.post('/login',
        passport.authenticate('saml',{
            failureRedirect:'/auth/login',
            failureFlash: false
        }),
        function(request,response){
            response.redirect('/home');
        });

    router.get('/logout',
        function(request, response) {
            request.logout();
            response.redirect('/');
        });

    return router;  
})();

passport.authenticate()我尝试更改 OneLogin 连接器以利用加密断言和签名响应,并且能够授权响应,但是由于错误,我无法通过。

我该如何 a) 绕过此错误,或 b) 修改我的 SAML 请求,以便使 authenticate() 方法正常工作?

任何和所有的帮助表示赞赏。

4

1 回答 1

0

我能够通过更新 xml2js 包来解决这个问题,不幸的是,我不完全确定它为什么不起作用。

于 2016-09-15T23:28:33.387 回答