Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RelayState missing in callback URL post query | okta : #320

Open
fas3r opened this issue Nov 7, 2018 · 2 comments
Open

RelayState missing in callback URL post query | okta : #320

fas3r opened this issue Nov 7, 2018 · 2 comments
Labels
documentation Request for or contribution to documentation pr-welcome

Comments

@fas3r
Copy link

fas3r commented Nov 7, 2018
edited

Hello,

I'm using Okta as SAML 2 endpoint to authenticate my user. Authentication is working as expected but I'm trying to set the "RelayState" to get the user redirected to a dynamic URL after been authenticated, but in the POST HTTP CALLBACK URL, the "RelayState" is empty in req.body even if I set it in the passport.authenticate().

app.use('/login', passport.authenticate('saml', {
failureRedirect: '/',
failureFlash: true
}));

app.post('/login/callback', (req, res, next) => {
passport.authenticate('saml',
{
failureRedirect: '/',
failureFlash: true
})(req, res, next)
}
)

Example of req.body on the post callback :

{
SAMLResponse: 'PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c2FtbDJwOlJlc3BvbnNlIHhtbG5zOn NhbWwycD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiBEZXN0aW5hdGlvbj0ia HR0cDovL2xvY2FsaG9zdDo4MDgwL2xvZ2luIiBJRD0iaWQ1MzM0MDQyODE4NjUyNzg3NTgyNjg5MjMi IElzc3VlSW5zdGFudD0iMjAxOC0xMS0wN1QxNToyMzoyMC45MzdaIiBWZXJzaW9uPSIyLjAiIHhtbG5zO nhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSI+PHNhbWwyOklzc3VlciB4bWxuczpzY W1sMj0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF................',
RelayState: ''
}

I also confirm that the req.query.RelayState is set correctly in the GET login method, with the URL where the user is suppose to be redirected.

I also tried using the additionalParams : { "RelayState" : req.query.RelayState }

I also tried with a fix value, like : 'RelayState': '/dashboard' ( for example ), and it seems that RelayState is not given to the call back URL.

Thanks by advance

BR,
fas3r.
@markstos
Copy link
Contributor

markstos commented Dec 2, 2018

Is this a bug report? Our README makes no mention of handling RelayState.

If this is a place where you believe we could include our spec compliance or implementation, please provide specific references to the sections of the SAML spec that apply here.

@cjbarth
Copy link
Collaborator

cjbarth commented Mar 4, 2021

I did note that we do handle RelayState and I've used it successfully before, so I know it works for at least some use-cases. It does appear that we need to document it though.

@cjbarth cjbarth added documentation Request for or contribution to documentation pr-welcome and removed need-more-info labels Sep 21, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation Request for or contribution to documentation pr-welcome
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@markstos @cjbarth @fas3r