saml2 working

.vscode/c_cpp_properties.json

@@ -0,0 +1,18 @@
+{
+  "configurations": [
+    {
+      "name": "windows-gcc-x64",
+      "includePath": [
+        "${workspaceFolder}/**"
+      ],
+      "compilerPath": "gcc",
+      "cStandard": "${default}",
+      "cppStandard": "${default}",
+      "intelliSenseMode": "windows-gcc-x64",
+      "compilerArgs": [
+        ""
+      ]
+    }
+  ],
+  "version": 4
+}

.vscode/launch.json

@@ -1,17 +1,33 @@
 {
-    // Use IntelliSense to learn about possible attributes.
+  "version": "0.2.0",
-    // Hover to view descriptions of existing attributes.
+  "configurations": [
-    // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
+    {
-    "version": "0.2.0",
+      "type": "node",
-    "configurations": [
+      "request": "launch",
+      "name": "Launch Program",
+      "skipFiles": [
+        "<node_internals>/**"
+      ],
+      "program": "${workspaceFolder}\\index.js"
+    },
+    {
+      "name": "C/C++ Runner: Debug Session",
+      "type": "cppdbg",
+      "request": "launch",
+      "args": [],
+      "stopAtEntry": false,
+      "externalConsole": true,
+      "cwd": "d:/Git/ESPMegaPRO-v3-SDK/ESPMegaPRO-OS-SDK/lib/ESPMegaPRO",
+      "program": "d:/Git/ESPMegaPRO-v3-SDK/ESPMegaPRO-OS-SDK/lib/ESPMegaPRO/build/Debug/outDebug",
+      "MIMode": "gdb",
+      "miDebuggerPath": "gdb",
+      "setupCommands": [
         {
-            "type": "node",
+          "description": "Enable pretty-printing for gdb",
-            "request": "launch",
+          "text": "-enable-pretty-printing",
-            "name": "Launch Program",
+          "ignoreFailures": true
-            "skipFiles": [
-                "<node_internals>/**"
-            ],
-            "program": "${workspaceFolder}\\index.js"
         }
-    ]
+      ]
+    }
+  ]
 }

.vscode/settings.json

@@ -0,0 +1,59 @@
+{
+  "C_Cpp_Runner.cCompilerPath": "gcc",
+  "C_Cpp_Runner.cppCompilerPath": "g++",
+  "C_Cpp_Runner.debuggerPath": "gdb",
+  "C_Cpp_Runner.cStandard": "",
+  "C_Cpp_Runner.cppStandard": "",
+  "C_Cpp_Runner.msvcBatchPath": "",
+  "C_Cpp_Runner.useMsvc": false,
+  "C_Cpp_Runner.warnings": [
+    "-Wall",
+    "-Wextra",
+    "-Wpedantic",
+    "-Wshadow",
+    "-Wformat=2",
+    "-Wcast-align",
+    "-Wconversion",
+    "-Wsign-conversion",
+    "-Wnull-dereference"
+  ],
+  "C_Cpp_Runner.msvcWarnings": [
+    "/W4",
+    "/permissive-",
+    "/w14242",
+    "/w14287",
+    "/w14296",
+    "/w14311",
+    "/w14826",
+    "/w44062",
+    "/w44242",
+    "/w14905",
+    "/w14906",
+    "/w14263",
+    "/w44265",
+    "/w14928"
+  ],
+  "C_Cpp_Runner.enableWarnings": true,
+  "C_Cpp_Runner.warningsAsError": false,
+  "C_Cpp_Runner.compilerArgs": [],
+  "C_Cpp_Runner.linkerArgs": [],
+  "C_Cpp_Runner.includePaths": [],
+  "C_Cpp_Runner.includeSearch": [
+    "*",
+    "**/*"
+  ],
+  "C_Cpp_Runner.excludeSearch": [
+    "**/build",
+    "**/build/**",
+    "**/.*",
+    "**/.*/**",
+    "**/.vscode",
+    "**/.vscode/**"
+  ],
+  "C_Cpp_Runner.useAddressSanitizer": false,
+  "C_Cpp_Runner.useUndefinedSanitizer": false,
+  "C_Cpp_Runner.useLeakSanitizer": false,
+  "C_Cpp_Runner.showCompilationTime": false,
+  "C_Cpp_Runner.useLinkTimeOptimization": false,
+  "C_Cpp_Runner.msvcSecureNoWarnings": false
+}

config/passport.js

@@ -11,24 +11,18 @@ passport.deserializeUser(function (user, done) {
 passport.use(
   new SamlStrategy(
     {
-      entryPoint: "https://sso.satitm.chula.ac.th/adfs/ls/",
+      entryPoint: "https://sso.satitm.chula.ac.th/adfs/ls",
-      issuer: "acme_tools_com",
+      issuer: "https://localhost:3000",
-      callbackUrl: "https://sso.satitm.chula.ac.th/selfservice/activedirectory/postResponse",
+      callbackUrl: "https://localhost:3000/selfservice/activedirectory/postResponse",
       privateKey: fs.readFileSync("adfs_connect/urn_satitm_sso_selfservice.key", "utf-8"),
-      cert: fs.readFileSync("adfs_connect/urn_satitm_sso_selfservice.cert", "utf-8"),
+      acceptedClockSkewMs: -1,
-      // other authn contexts are available e.g. windows single sign-on
-      // see: https://learn.microsoft.com/en-us/dotnet/api/system.identitymodel.tokens.authenticationmethods?view=netframework-4.8#fields
-      authnContext: [
-        "http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/password",
-      ],
       identifierFormat: null,
-      // this is configured under the Advanced tab in AD FS relying party
       signatureAlgorithm: "sha256",
-      racComparison: "exact", // default to exact RequestedAuthnContext Comparison Type
+      racComparison: "exact",
-      // From the metadata document
-      audience: "https://sso.satitm.chula.ac.th/FederationMetadata/2007-06/FederationMetadata.xml",
     },
     function (profile, done) {
+      console.log("profile", profile);
+      let user = profile["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"];
       return done(null, {
         upn: profile["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"],
         // e.g. if you added a Group claim

index.js

@@ -1,35 +1,94 @@
 let passport = require('passport');
 let express = require('express');
-let http = require('http');
+let https = require('https');
+let fs = require('fs');
 
 let app = express();
 require('./config/passport.js');
 
+let session = require('express-session');
+
+app.use(session({
+  secret: 'RLCCDwstDuT6nMJf5kko7C',
+  resave: false,
+  saveUninitialized: true
+}));
+
+// ... rest of your code ...
+
 app.use(passport.initialize());
 app.use(passport.session());
 
+app.use(express.json());
+app.use(express.urlencoded({ extended: true }));
+
+app.get('/', function (req, res) {
+  res.send('Hello World!<br><a href="/login">Login</a>');
+  console.log('User:', req.user);
+  if (req.user) {
+    console.log('User:', req.user);
+  }
+});
+
 app.get('/login',
   passport.authenticate('saml', { failureRedirect: '/selfservice', failureFlash: true }),
-  function(req, res) {
+  function (req, res) {
-    res.redirect('https://sso.satitm.chula.ac.th/selfservice');
+    res.redirect('https://localhost:3000/');
   }
 );
-app.post('/selfservice/activediretory/postResponse',
+
-  passport.authenticate('saml', { failureRedirect: '/selfservice', failureFlash: true }),
+app.use(function(req, res, next) {
-  function(req, res) {
+  console.log('Received request:', req.method, req.url);
-    res.redirect('https://sso.satitm.chula.ac.th/selfservice');
+  console.log('Data:', req.body);
+  next();
+});
+
+app.post('/selfservice/activedirectory/postResponse',
+  passport.authenticate('saml', { failureRedirect: '/selfservice',successRedirect: '/', failureFlash: true }),
+  function (req, res) {
+    console.log('SAML authentication successful');
+    res.redirect('https://localhost:3000/');
   }
 );
 //app.get('selfservice/secure', validUser, routes.secure);
 
 function validUser(req, res, next) {
   if (!req.user) {
-    res.redirect('https://sso.satitm.chula.ac.th/selfservice/login');
+    res.redirect('https://localhost:3000/login');
   }
   next();
 }
 
-let server = http.createServer(app);
+const options = {
-server.listen(3000, function() {
+  key: fs.readFileSync('adfs_connect/urn_satitm_sso_selfservice.key'),
+  cert: fs.readFileSync('adfs_connect/urn_satitm_sso_selfservice.cert'),
+  ciphers: [
+    'ECDHE-RSA-AES128-GCM-SHA256',
+    'ECDHE-ECDSA-AES128-GCM-SHA256',
+    'ECDHE-RSA-AES256-GCM-SHA384',
+    'ECDHE-ECDSA-AES256-GCM-SHA384',
+    'DHE-RSA-AES128-GCM-SHA256',
+    'ECDHE-RSA-AES128-SHA256',
+    'DHE-RSA-AES128-SHA256',
+    'ECDHE-RSA-AES256-SHA384',
+    'DHE-RSA-AES256-SHA384',
+    'ECDHE-RSA-AES256-SHA256',
+    'DHE-RSA-AES256-SHA256',
+    'HIGH',
+    '!aNULL',
+    '!eNULL',
+    '!EXPORT',
+    '!DES',
+    '!RC4',
+    '!MD5',
+    '!PSK',
+    '!SRP',
+    '!CAMELLIA'
+  ].join(':'),
+  honorCipherOrder: true
+};
+
+let server = https.createServer(options, app);
+server.listen(3000, function () {
   console.log('Listening on port 3000');
 });

login.html

@@ -212,7 +212,7 @@
                   <input name="%%PASSWORDID%%" id="ft_pd" type="password" autocomplete="off">
                 </div>
               </div>
-              <div class="form-footer" >
+              <div class="form-footer">
                 <button class="primary" type="submit" style="margin-bottom: 0;">
                   Continue
                 </button>