I am currently using passport.js and passport-saml package to authenticate my nodejs application via okta. My current package.json includes below versions for passport related packages:
"passport": "^0.3.2",
"passport-azure-ad": "^4.0.0",
"passport-oauth2": "^1.4.0",
"passport-saml": "^3.2.0",
With these packages the authentication flow was working as expected before.
If I reinstall node_modules and try to login from okta, I am getting below error:
Error: SAMLResponse is not valid base64-encoded XML
at SAML.validatePostResponseAsync (/opt/apache-tomcat-8.5.82/raptor-management-ui/node_modules/passport-saml/lib/node-saml/saml.js:562:23)
at MultiSamlStrategy.authenticate (/opt/apache-tomcat-8.5.82/raptor-management-ui/node_modules/passport-saml/lib/passport-saml/strategy.js:80:18)
at /opt/apache-tomcat-8.5.82/raptor-management-ui/node_modules/passport-saml/lib/passport-saml/multiSamlStrategy.js:28:32
at fetchSamlConfig (/opt/apache-tomcat-8.5.82/raptor-management-ui/routes/api-config/passport.js:31:14)
at Object.getSamlOptions (/opt/apache-tomcat-8.5.82/raptor-management-ui/routes/api-config/passport.js:37:9)
at MultiSamlStrategy.authenticate (/opt/apache-tomcat-8.5.82/raptor-management-ui/node_modules/passport-saml/lib/passport-saml/multiSamlStrategy.js:21:23)
at attempt (/opt/apache-tomcat-8.5.82/raptor-management-ui/node_modules/passport/lib/middleware/authenticate.js:348:16)
at authenticate (/opt/apache-tomcat-8.5.82/raptor-management-ui/node_modules/passport/lib/middleware/authenticate.js:349:7)
at /opt/apache-tomcat-8.5.82/raptor-management-ui/node_modules/newrelic/lib/shim/shim.js:1313:22
at LegacyContextManager.runInContext (/opt/apache-tomcat-8.5.82/raptor-management-ui/node_modules/newrelic/lib/context-manager/legacy-context-manager.js:59:23)
at WebFrameworkShim.applySegment (/opt/apache-tomcat-8.5.82/raptor-management-ui/node_modules/newrelic/lib/shim/shim.js:1303:25)
at _applyRecorderSegment (/opt/apache-tomcat-8.5.82/raptor-management-ui/node_modules/newrelic/lib/shim/shim.js:934:20)
at _doRecord (/opt/apache-tomcat-8.5.82/raptor-management-ui/node_modules/newrelic/lib/shim/shim.js:907:17)
at authenticate (/opt/apache-tomcat-8.5.82/raptor-management-ui/node_modules/newrelic/lib/shim/shim.js:867:24)
at Layer.handle [as handle_request] (/opt/apache-tomcat-8.5.82/raptor-management-ui/node_modules/express/lib/router/layer.js:95:5)
at next (/opt/apache-tomcat-8.5.82/raptor-management-ui/node_modules/express/lib/router/route.js:137:13)
With the old build where node_modules was installed more than 15 days ago it is working without any issue. There are no code changes and no package updates in my repo. Will appriciate any help on how to resolve this issue.
I have tried upgrading all the packages mentioned above. But that didn't solve the issue.There was a new version upgrade in @xmldom/xmldom 7 days ago which might be causing the issue. I am not sure how to circumvent this issue since @xmldom/xmldom is a dependency of passport-saml itself.
Related PR: https://github.com/xmldom/xmldom/pull/454
Fixed the issue by adding @xmldom/xmldom as a direct dependency and by fixing the passport-saml and passport packages to the last working versions.
my updated package.json includes:
"@xmldom/xmldom": "0.7.6",
"passport": "0.3.2",
"passport-saml": "3.2.3",
after making these changes, delete the node_modules and do npm install again.