passport.js的身份验证方法正在使用指定的身份验证策略进行身份验证。
它应该和documentation中的示例一样简单:
app.post('/login',
passport.authenticate('local'),
function(req, res) {
// If this function gets called, authentication was successful.
// `req.user` contains the authenticated user.
res.redirect('/users/' + req.user.username);
});
尤其是我正在尝试使用wsfed-saml2 strategy与ADFS服务器连接:
router.post('callbackPath',
passport.authenticate('wsfed-saml2', {
failureFlash: true,
failureRedirect: 'somePath'
}),
function onSuccessfulAuthentication(req, res, next) {
res.redirect('/')
})
就我而言,策略无法成功授权。但是,服务器正在正确发送带有身份验证用户数据的XML。似乎该策略无法以某种方式进行解析。
有什么方法可以从执行的策略中获取详细的错误消息吗?此时,唯一发生的是错误重定向。
使用稍微不同的配置,我得到了以下堆栈跟踪:
TypeError: req.flash is not a function
at allFailed (C:\inetpub\wwwroot\webapi\node_modules\passport\lib\middleware\authenticate.js:131:15)
at attempt (C:\inetpub\wwwroot\webapi\node_modules\passport\lib\middleware\authenticate.js:180:28)
at WsFedSaml2Strategy.strategy.fail (C:\inetpub\wwwroot\webapi\node_modules\passport\lib\middleware\authenticate.js:297:9)
at C:\inetpub\wwwroot\webapi\node_modules\passport-wsfed-saml2\lib\passport-wsfed-saml2\strategy.js:225:32
at C:\inetpub\wwwroot\webapi\node_modules\passport-wsfed-saml2\lib\passport-wsfed-saml2\samlp.js:363:20
at Samlp.ignoreValidationFunction (C:\inetpub\wwwroot\webapi\node_modules\passport-wsfed-saml2\lib\passport-wsfed-saml2\samlp.js:30:10)
at C:\inetpub\wwwroot\webapi\node_modules\passport-wsfed-saml2\lib\passport-wsfed-saml2\samlp.js:343:12
at Samlp.ignoreValidationFunction (C:\inetpub\wwwroot\webapi\node_modules\passport-wsfed-saml2\lib\passport-wsfed-saml2\samlp.js:30:10)
at Samlp.validateSamlResponse (C:\inetpub\wwwroot\webapi\node_modules\passport-wsfed-saml2\lib\passport-wsfed-saml2\samlp.js:338:10)
at loaded (C:\inetpub\wwwroot\webapi\node_modules\passport-wsfed-saml2\lib\passport-wsfed-saml2\strategy.js:224:21)
at NullStore.verify (C:\inetpub\wwwroot\webapi\node_modules\passport-wsfed-saml2\lib\passport-wsfed-saml2\state\null.js:9:3)
at verifyState (C:\inetpub\wwwroot\webapi\node_modules\passport-wsfed-saml2\lib\passport-wsfed-saml2\strategy.js:158:26)
at executeSamlp (C:\inetpub\wwwroot\webapi\node_modules\passport-wsfed-saml2\lib\passport-wsfed-saml2\strategy.js:244:7)
at WsFedSaml2Strategy.authenticate (C:\inetpub\wwwroot\webapi\node_modules\passport-wsfed-saml2\lib\passport-wsfed-saml2\strategy.js:289:5)
at attempt (C:\inetpub\wwwroot\webapi\node_modules\passport\lib\middleware\authenticate.js:361:16)
at authenticate (C:\inetpub\wwwroot\webapi\node_modules\passport\lib\middleware\authenticate.js:362:7)
at Layer.handle [as handle_request] (C:\inetpub\wwwroot\webapi\node_modules\express\lib\router\layer.js:95:5)
at next (C:\inetpub\wwwroot\webapi\node_modules\express\lib\router\route.js:137:13)
at Route.dispatch (C:\inetpub\wwwroot\webapi\node_modules\express\lib\router\route.js:112:3)
at Layer.handle [as handle_request] (C:\inetpub\wwwroot\webapi\node_modules\express\lib\router\layer.js:95:5)
at C:\inetpub\wwwroot\webapi\node_modules\express\lib\router\index.js:281:22
at Function.process_params (C:\inetpub\wwwroot\webapi\node_modules\express\lib\router\index.js:335:12)
但是它也没有说出响应到底出了什么问题。它只是表明该响应对于wsfed-saml2策略是不可接受的。
护照策略失败时如何获得更详细的错误消息?