当我创建 passport-saml 策略时,在登录期间,有一个配置文件对象传递给中间件函数,其中包含 nameID 信息。我需要该信息以稍后调用注销。
// passportHandler.js
const passport = require("passport");
const passportSaml = require("passport-saml");
passport.serializeUser((user, done) => {
done(null, user);
});
passport.deserializeUser((user, done) => {
done(null, user);
});
// SAML strategy for passport -- Single IPD
const samlStrategy = new passportSaml.Strategy(
{
entryPoint: process.env.SSO_ENTRYPOINT,
logoutUrl: process.env.SSO_LOGOUT,
issuer: process.env.SSO_ISSUER,
callbackUrl: process.env.SSO_CALLBACK_URL || undefined,
path: process.env.path,
cert: process.env.SSO_CERT.replace(/\\n/gm, "\n"), // change "\n" into real line break
},
(profile, done) => {
console.log('profile', profile); // nameID and nameIDFormat are in profile object
done(null, profile)
}
);
passport.use(samlStrategy);
module.exports = passport;
index.js
// index.js of Express server
import passport from "./src/passportHandler";
import { getLogout } from "./src/routes.js";
const app = express();
app.use(passport.initialize());
app.use(passport.session());
app.get('/sso/logout', getLogout); // this route, I need the above 2 data
getLogout 函数从另一个文件导入,我硬编码,我nameID如何nameIDFormat从开始的profile对象中获取它们,将它们保存在某个地方,并将它们传递给这个路由?
// routes.js
export const getLogout = (req, res) => {
!req.user && (req.user = {})
req.user.nameID = 'Eric1234@outlook.onmicrosoft.com'; // hardcode, how to pass this info?
req.user.nameIDFormat = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'; // hardcode too
const samlStrategy = req._passport?.instance?._strategies?.saml; // is this correct?
samlStrategy.logout(req, (err, request) => {
if (!err) {
res.redirect(request);
}
})
};
我的第二个问题是,我从中获取 samlStrategy 对象req._passport?.instance?._strategies?.saml,这是获取它的正确方法吗?或者,同样的问题,我怎样才能从一开始就将 saml strategy obj 传递给这条路线?
谢谢你的帮助!