我使用passport-saml在节点api中实现了ADFS SSO.登录有效但当我不放弃任何凭据并提交登录表单时,ADFS服务器会返回以下错误:
"SAML提供程序返回响应程序错误:未指定"
当我尝试再次登录后,ADFS直接返回到回调URL并再次弹出错误.
passport.use('saml', new SAMLStrategy({
entryPoint: adfsEntryPoint,
issuer: '{adfs-url}/login/adfs',
callbackUrl: '{adfs-url}/login/adfs/callback',
cert: "{CERT}",
authnContext:'http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/windows',
identifierFormat: null,
signatureAlgorithm: 'sha256'
}, (profile, done) => {
const upn = profile["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"];
const windowsAccountName = profile["http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname"];
const user = new userModel.User(upn, "user");
user.enabled = true;
return done(null, user);
}));
passport.serializeUser((user, done) => {
done(null, user);
});
passport.deserializeUser(function (user, done) {
done(null, user);
});
router.get('/auth/adfs', passport.authenticate('saml', { failureRedirect: "/" }), (req, res) => {
res.redirect('/');
});
router.get('/auth/adfs/callback', passport.authenticate('saml', { failureRedirect: "/" }), (req, res) …