I implemented ADFS SSO in node api using passport-saml. Logging in works, but when I don’t refuse any credentials and submit the login form, the ADFS server returns the following error:
"SAML Provider Returns Responder Error: Not Specified"
When I try to log in again, ADFS will go back to the callback url and the error will appear again.
passport.use('saml', new SAMLStrategy({
entryPoint: adfsEntryPoint,
issuer: '{adfs-url}/login/adfs',
callbackUrl: '{adfs-url}/login/adfs/callback',
cert: "{CERT}",
authnContext:'http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/windows',
identifierFormat: null,
signatureAlgorithm: 'sha256'
}, (profile, done) => {
const upn = profile["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"];
const windowsAccountName = profile["http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname"];
const user = new userModel.User(upn, "user");
user.enabled = true;
return done(null, user);
}));
passport.serializeUser((user, done) => {
done(null, user);
});
passport.deserializeUser(function (user, done) {
done(null, user);
});
router.get('/auth/adfs', passport.authenticate('saml', { failureRedirect: "/" }), (req, res) => {
res.redirect('/');
});
router.get('/auth/adfs/callback', passport.authenticate('saml', { failureRedirect: "/" }), (req, res) => {
res.redirect('/');
});
source
share