我有一个基于NodeJS的小型网络应用程序,使用Express 4和passport-saml进行身份验证(使用OneLogin)。我可以调用OneLogin的SAML测试连接器端点并获得具有有效会话ID的授权,但是在passport.authenticate()期间会抛出以下TypeError:
TypeError: Cannot read property 'stripPrefix' of undefined
at SAML.processValidlySignedAssertion (/Users/johnellis/supdash/node_modules/passport-saml/lib/passport-saml/saml.js:653:42)
at /Users/johnellis/supdash/node_modules/passport-saml/lib/passport-saml/saml.js:548:19
at _fulfilled (/Users/johnellis/supdash/node_modules/q/q.js:794:54)
at self.promiseDispatch.done (/Users/johnellis/supdash/node_modules/q/q.js:823:30)
at Promise.promise.promiseDispatch (/Users/johnellis/supdash/node_modules/q/q.js:756:13)
at /Users/johnellis/supdash/node_modules/q/q.js:516:49
at flush (/Users/johnellis/supdash/node_modules/q/q.js:110:17)
at _combinedTickCallback (internal/process/next_tick.js:67:7)
at process._tickCallback (internal/process/next_tick.js:98:9)
这是主要的App.js
var express = require('express'),
app = express(),
https = require('https'),
mysql = require('mysql'),
passport = require('passport'),
ldapStrategy = require('passport-ldapauth').Strategy,
samlStrategy = require('passport-saml').Strategy,
LocalStrategy = require('passport-local').Strategy,
api = require(__dirname + '/server/routes/api'),
evapi = require(__dirname + '/server/routes/evapi'),
nsapi = require(__dirname + '/server/routes/nsapi'),
sugarapi = require(__dirname + '/server/routes/sugarapi'),
downloadsapi = require(__dirname + '/server/routes/downloadstats'),
home = require(__dirname + '/server/routes/home'),
companyoverview = require(__dirname + '/server/routes/companyoverview'),
hoops = require(__dirname + '/server/routes/hoops'),
oem = require(__dirname + '/server/routes/oem'),
tetra = require(__dirname + '/server/routes/tetra'),
productsupport = require(__dirname + '/server/routes/productsupport'),
dashboards = require(__dirname + '/server/routes/dashboards'),
auth = require(__dirname + '/server/routes/auth'),
users = require(__dirname + '/server/config/users'),
isLoggedIn = require('connect-ensure-login').ensureLoggedIn('/auth/login'),
flash = require('connect-flash'),
trello = require(__dirname+'/server/routes/trello'),
sharepointapi = require(__dirname+'/server/routes/sharepoint'),
fs = require('fs'),
sp = require('spscript');
app.set('view engine', 'pug');
/*********MIDDLEWARE*********/
//logging, parsing, and session handling
//app.use(require('morgan')('combined'));
app.use(require('cookie-parser')());
app.use(require('body-parser').urlencoded({ extended: true }));
app.use(require('express-session')({ secret: 'secret', resave: false, saveUninitialized: false, cookie:{expires:new Date(25340230000000)} }))
//static serves up javascript and css files
app.use('/static', express.static(__dirname + '/public'));
//passport
passport.use(new samlStrategy(
{
callbackUrl:'https://localhost:4433/auth/login',
entryPoint: 'https://techsoft3d.onelogin.com/trust/saml2/http-post/sso/123456',
issuer:'passport-saml',
signatureAlgorithm:'sha1',
cert: 'MIIEmTCCA4GgAwIBAgIULiIkAfNWfxZ90myfeMR8mMo5vUowDQYJKoZIhvcNAQEFBQAwgYExCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZPcmVnb24xDTALBgNVBAcMBEJlbmQxGjAYBgNVBAoMEVRlY2ggU29mdCAzRCwgSW5jMRUwEwYDVQQLDAxPbmVMb2dpbiBJZFAxHzAdBgNVBAMMFk9uZUxvZ2luIEFjY291bnQgNzAyOTYwHhcNMTYwOTE0MTYzMTUxWhcNMjEwOTE1MTYzMTUxWjCBgTELMAkGA1UEBhMCVVMxDzANBgNVasdBAgMBk9yZWdvbjENMAsGA1UEBwwEQmVuZDEaMBgGA1UECgwRVGVjaCBTb2Z0IDNELCBJbmMxFTATBgNVBAsMDE9uZUxvZ2luIElkUDEfMB0GA1UEAwwWT25lTG9naW4gQWNjb3VudCA3MDI5NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANQNZOV709aIWLKLPLMmemwFF2/IayhgwpiSiVyxPQpckA8huEsw9kfVlHekvme2cmzI9xDfOc0xecbKs7bsTvuE6xIlJEuPAUXJMQPM0LAGc/xuHsbJpl6IN726sghVLy4Cvwirae3Lb95C8B+VtUEWswgT89S7vckFeKFz+OJarAWsbqv7ZW06L/++nvYEmmJSHZbMoJmlcW+bqTrn6encBONafRB4J4i4J1rT7/WU6+k8pRRD15FjbwtOSY+4y+E7qXo/BmOK2YsPuIGCXRjitv3h55m8oRyEGsgIybHBGF/NxKgwbXzVMXEacBlO7EHQGrcYQqqgj/xN3/8nKuUCAwEAAaOCAQUwggEBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFAoYZQn8L2vfZjAYlvcZanm4ZS7HMIHBBgNVHSMEgbkwgbaAFAoYZQn8L2vfZjAYlvcZanm4ZS7HoYGHpIGEMIGBMQswCQYDVQQGEwJVUzEPMA0GA1UECAwGT3JlZ29uMQ0wCwYDVQQHDARCZW5kMRowGAYDVQQKDBFUZWNoIFNvZnQgM0QsIEluYzEVMBMGA1UECwwMT25lTG9naW4gSWRQMR8wHQYDVQQDDBZPbmVMb2dpbiBBY2NvdW50IDcwMjk2ghQuIiQB81Z/Fn3SbJ94xHyYyjm9SjAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQEFBQADggEBAJdSR30R/pdNWgxf7O1lgBYFB5lxBKYA0IGhA0aXT8EloziSB110TfcX2TiNargPeXVpyJI3BNwG69hQXCAwyMPeRocmAFcvbaMFAQ/7Y1eAsMc2/LFmuPBTF9S52hoRkiyCjju4dPzPKzjkfawiU59iFjrkHgIpl3ql3u6dCEWpHCxQJ5M0m8ghkfSyxIB/nN4SHAB+wO3cM0iKYd896E+c8qpumdUCzje777akdB+BgKVTd3i0wm8fngmY3YErxcb6TXyRvCn1wG4RzfmPIouX5M2Kq8ZS2X5sdQLImMTAzWIXOeYO+10H6s5L2jXEeABFzf3W2AyySqOZw5cVy0k='
},
function(profile, done){
console.log('test')
return done(null,profile);
}
));
passport.serializeUser(function(user,done){
done(null,user);
});
passport.deserializeUser(function(user,done){
done(null,user);
});
app.use(passport.initialize());
app.use(passport.session());
app.use(flash());
//external APIs
app.use('/api',isLoggedIn, api);
app.use('/evapi',isLoggedIn, evapi);
app.use('/nsapi', isLoggedIn, nsapi);
app.use('/sugarapi',isLoggedIn, sugarapi);
app.use('/downloads', isLoggedIn, downloadsapi);
app.use ('/trello',isLoggedIn,trello);
app.use('/sharepointapi',isLoggedIn,sharepointapi);
//page routes
app.use('/', home);
app.use('/companyoverview', isLoggedIn,companyoverview);
app.use('/hoops', isLoggedIn,hoops);
app.use('/oem', isLoggedIn,oem);
app.use('/tetra', isLoggedIn,tetra);
app.use('/productsupport', isLoggedIn,productsupport);
app.use('/dashboards', isLoggedIn,dashboards);
app.use('/auth', auth);
//404 and 500s
app.use(function(req, res) { res.render('404') });
//app.use(function(error, req, res, next) { res.render('500') });
var options = {
key:fs.readFileSync(__dirname+'/path/to/key.pem'),
cert:fs.readFileSync(__dirname+'/path/to/key.pem')
};
var secureServer = https.createServer(options,app).listen(4433, function() {
console.log('Reporting Dashboard Started: 4433');
});
auth.js(登录页面和身份验证的路由)
var express = require('express');
var passport = require('passport');
//var LocalStrategy = require('passport-local').Strategy;
//var ldapStrategy = require('passport-ldapauth').Strategy;
//const samlStrategy = require('passport-saml').Strategy;
module.exports = (function(){
'use strict';
var router = express.Router();
router.get('/login', function(request, response) { response.render('login') });
router.post('/login',
passport.authenticate('saml',{
failureRedirect:'/auth/login',
failureFlash: false
}),
function(request,response){
response.redirect('/home');
});
router.get('/logout',
function(request, response) {
request.logout();
response.redirect('/');
});
return router;
})();
我已尝试更改OneLogin连接器以利用加密的断言和签名的响应,并且能够授权响应,但由于错误,我无法通过passport.authenticate()。
我如何a)绕过此错误,或b)修改我的SAML请求以便我使authenticate()方法有效?
感谢任何和所有帮助。
答案 0 :(得分:0)
我能够通过更新xml2js包来解决这个问题,不幸的是,我不完全确定它为什么不起作用。