passport-saml

Saml Strategy Verify callback not getting called


As per the passportjs documentation, the verifier function is supposed to be called. But I am not seeing this call back.

I am testing this with okta. In okta the app is configured to send the saml response to /fromokta The okta is redirecting to /fromokta What am I missing?

const saml = require('passport-saml').Strategy;

var strategy = new saml({
    entryPoint: "<some oktka entiry point>",
    issuer: "http://www.okta.com/foobar",
    protocol: "http://"
    
},(profile, done) => {
    console.log(">>>> callback from okta");
    console.log(profile);
    done(profile)
})

app.post('/login', function(req, res) {
    passport.authenticate(
        'saml', 
        {
            //successRedirect: '/success',
            failureRedirect: '/'
        }
    )}
)

app.post('/fromokta', function(req, resp){
    // this gets called
})

Solution

  • This most likely means your POST /login route never gets the request. Look at the network requests and see if there is indeed a POST /login to the URL, make sure the protocol is the same too (http and https)