Closed LiFaytheGoblin closed 3 years ago
Authentication middleware Passport.js with passport-saml as strategy. RZ probably needs Service Provider Metadata (XML) → Can be generated by passport-saml after setup (SamlStrategy::generateServiceProviderMetadata
).
Frage: Was muss die Metadata alles enthalten?
Supported encryption algorithms:
Supported signature and digest algorithms:
Process:
Passport::use
)GET /login
→ Passport::authenticate
(with successRedirect and failureRedirect → needed? authenticate redirects to IdP anyway)POST /login/callback
→ Passport::authenticate
(with failureRedirect; failureFlash: true for passing login error? → req.flash) as middleware + regular success handler (e.g. redirect to homepage/profile page)Stay logged in between requests → Session token - JWT?