45 lines
No EOL
1.3 KiB
JavaScript
45 lines
No EOL
1.3 KiB
JavaScript
let fs = require("fs");
|
|
let passport = require("passport");
|
|
let SamlStrategy = require("passport-saml").Strategy;
|
|
let directory = require("../directory.js");
|
|
|
|
passport.serializeUser(function (user, done) {
|
|
done(null, user);
|
|
});
|
|
passport.deserializeUser(function (user, done) {
|
|
done(null, user);
|
|
});
|
|
|
|
passport.use(
|
|
new SamlStrategy(
|
|
{
|
|
entryPoint: "https://sso.satitm.chula.ac.th/adfs/ls",
|
|
issuer: "https://localhost:3000",
|
|
callbackUrl: "https://localhost:3000/selfservice/api/login/postResponse",
|
|
privateKey: fs.readFileSync("adfs_connect/urn_satitm_sso_selfservice.key", "utf-8"),
|
|
acceptedClockSkewMs: -1,
|
|
identifierFormat: null,
|
|
signatureAlgorithm: "sha256",
|
|
racComparison: "exact",
|
|
},
|
|
function (profile, done) {
|
|
// Query Active Directory for user details
|
|
// username is the UPN
|
|
// Store the user's group and DN in the session
|
|
let username = profile["username"];
|
|
attributes = ["dn", "memberOf"];
|
|
directory.queryUser(username, attributes, function (err, user) {
|
|
if (err) {
|
|
console.log("Error:", err);
|
|
} else {
|
|
console.log("User:", user);
|
|
profile["dn"] = user.dn;
|
|
profile["memberOf"] = user.memberOf;
|
|
return done(null, profile);
|
|
}
|
|
});
|
|
}
|
|
)
|
|
);
|
|
|
|
module.exports = passport; |