While trying to implement the passport-same authentication methods I have hit a roadblock. The callback function passed to the passport.authenticated function does not get called.
router.post("/saml/callback",
function (req, res, next) {
req.body.SAMLResponse = req.body.SAMLResponse.replace(/[\n\r]/g, "");
next();
},
function (req, res, next) {
console.log("Calling passport handler");
console.log(req.body);
try {
const response = passport.authenticate("saml",
{
failureRedirect: "/saml/error",
failureFlash: true
}, (error, user, info) => {
console.log(error, user, info);
next();
})(req, res, next);
console.log(response);
} catch(e) {
console.log(e);
}
console.log("Line after passport handler");
},
function (req, res) {
res.redirect("/saml/success");
}
);
My express app hangs when entering this method but only with 1 specific saml provider (using https://samltest.id as test provider DOES work with the exact same code). It seems that an error occurs in this authenticate method but I cannot for the live of me find this error.
How do I get the error in this callback.
Log output:
Calling passport handler
{SAMLResponse: 'base64encoded saml response'}
undefined
Line after passport handler
Error: connect ETIMEDOUT ip:443
The problem turned out to not at all be in this piece of code but instead in the initiation of the saml provider.
I have a callback function in Strategy({cert: function(callback)....}); which tries to fetch the signing certificates for the saml response. The IDP was however not accessible from my SP due to it being a test server, therefor the callback never got called.
TL;DR; If you are using the cert key in your Strategy definition; and said key utilises a callback, check if that callback gets called!