pre async

config/passport.js

@@ -1,6 +1,8 @@
-let fs = require("fs"),
-  passport = require("passport"),
-  SamlStrategy = require("passport-saml").Strategy;
+let fs = require("fs");
+let passport = require("passport");
+let SamlStrategy = require("passport-saml").Strategy;
+let directory = require("../directory.js");
+
 passport.serializeUser(function (user, done) {
   done(null, user);
 });
@@ -13,7 +15,7 @@ passport.use(
     {
       entryPoint: "https://sso.satitm.chula.ac.th/adfs/ls",
       issuer: "https://localhost:3000",
-      callbackUrl: "https://localhost:3000/selfservice/activedirectory/postResponse",
+      callbackUrl: "https://localhost:3000/selfservice/api/login/postResponse",
       privateKey: fs.readFileSync("adfs_connect/urn_satitm_sso_selfservice.key", "utf-8"),
       acceptedClockSkewMs: -1,
       identifierFormat: null,
@@ -21,13 +23,20 @@ passport.use(
       racComparison: "exact",
     },
     function (profile, done) {
-      console.log("profile", profile);
-      let user = profile["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"];
-      return done(null, {
-        username: profile["username"],
-        first_name: profile["first_name"],
-        last_name: profile["last_name"],
-        org_unit: profile["org_unit"],
+      // Query Active Directory for user details
+      // username is the UPN
+      // Store the user's group and DN in the session
+      let username = profile["username"];
+      attributes = ["dn", "memberOf"];
+      directory.queryUser(username, attributes, function (err, user) {
+        if (err) {
+          console.log("Error:", err);
+        } else {
+          console.log("User:", user);
+          profile["dn"] = user.dn;
+          profile["memberOf"] = user.memberOf;
+          return done(null, profile);
+        }
       });
     }
   )