我正在尝试在NodeJS应用程序中实现passport-saml。
当我通过sso提交请求时,出现此错误(作为响应表idp):
AuthnRequest/NameIDPolicy - attribute: AllowCreate item not allowed
AuthnRequest/Issuer - attribute: NameQualifier required key not provided
AuthnRequest/Issuer - attribute: Format required key not provided
在我的策略选项下:
var decryptionPvk = fs.readFileSync("<my_path>", "utf-8");
var privateCert = fs.readFileSync("<my_path>", "utf-8");
var idpCert = fs.readFileSync("<my_path>", "utf-8");
passport.use(new SamlStrategy(
{
path: '/acs',
entryPoint: 'http://localhost:8088/sso',
issuer: 'http://localhost:3000',
privateCert: privateCert,
decryptionPvk: decryptionPvk,
attributeConsumingServiceIndex: 1,
identifierFormat: "urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
authnContext: "https://www.spid.gov.it/SpidL1",
attributes: {
name: "Required attributes",
attributes: ["fiscalNumber", "name", "familyName", "email"]
},
organization: {
name: "Organization name",
displayName: "Organization display name",
URL: "http://localhost:8088"
}
},
function(profile, done) {
console.log(profile);
findByEmail(profile.email, function(err, user) {
if (err) {
return done(err);
}
return done(null, user);
});
})
);
如何解决此问题?