我有一个使用NodeJS + AngularJS的Web应用程序,我想将OKTA SAML与我的应用程序集成(使用Okta作为IdP,使用我们的Application作为SP),现在在Okta End上进行配置后,我有一些信息,像这样: https://www.pastepic.xyz/image/image.abqL4 https://www.pastepic.xyz/image/image.ab3G3 我有Idp单点登录URL,IdP颁发者,X.509证书以及MetaData。 我的问题是如何将其与NodeJS或AngularJS集成,如何使用okta中的数据。
我试图在NodeJS中使用护照库,像这样的app.js:
var express = require("express");
var path = require("path");
var bodyParser = require("body-parser");
var routes = require("./api/routes");
var http = require("http");
var morgan = require('morgan');
var cookieParser = require('cookie-parser');
var session = require('express-session');
var passport = require('passport');
require("./api/helper/global_function");
// Defining the port and env to run on
const { environment, port, samlUrl } = require('./appconfig.js');
const PORT = port || 8000;
const ENV = environment || 'dev'
const SAMLURL = samlUrl
const config = require('./api/auth/config.js')[ENV];
require('./api/auth/passport.js')(passport, config);
var app = express();
app.set("port", PORT);
app.set("env", ENV)
app.set("samlUrl", SAMLURL)
// To Allow CORS calls
app.use(function (req, res, next) {
res.header('Access-Control-Allow-Origin', '*')
res.header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE');
res.header('Access-Control-Allow-Headers', 'Content-Type, Authorization');
res.header('Access-Control-Allow-Credentials', true);
return next();
});
app.use(morgan('combined'));
app.use(cookieParser());
app.use(session(
{
resave: true,
saveUninitialized: true,
secret: 'something'
}));
// Enable parsing of posted forms
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(passport.initialize());
app.use(passport.session());
// Set static directory before defining routes
app.use(express.static(path.join(__dirname, "dist")));
app.use("/node_modules", express.static(__dirname + "/node_modules"));
// Add some routing
app.use("/", function (req, res, next) {
if (req.isAuthenticated()) {
console.log(req.isAuthenticated())
return next();
}
req.session.returnTo = req.originalUrl;
res.redirect(samlUrl);
});
app.use("/api", routes);
app.use("*", (req, res) => {
res.sendFile(path.join(__dirname, 'dist/index.html'));
});
// To verify the listen is up and running
var server = app.listen(app.get("port"), function () {
var port = server.address().port;
console.log("Magic happens on port " + port);
});
它不起作用,因为所有请求都未经身份验证,当我进行api调用时,应用程序会一直将我定向到页面上的单一登录。
也许对此我绝对是错的,有人可以帮我吗?给我一个提示或告诉我一些基本逻辑
有人可以提供SAML帮助吗?如果有任何不清楚的地方,请添加评论或答案,我会在很短的时间内完成检查。