New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Breaking change in v5.0.0, docs not updated (TypeError: callbackUrl is required) #909
Comments
You are right, |
This is related to node-saml/node-saml#214 While I completely agree that removing complexity is a good thing, I now miss the possibility to dynamically configure the |
So the "new" way when you can only use passport.use(
new SamlStrategy(
{
callbackUrl: 'http://some-random-host/some-random-url/', // required but not used, see below
...
}
)
);
app.get(
"/login",
(req, res, next) => {
path = '/login/callback';
callbackUrl = (req.protocol || 'http').concat('://') + (req.headers?.host || 'localhost') + path;
passport.authenticate("saml", { callbackUrl })(req, res, next),
}
); Right? |
I would probably use Basically, the |
I agree. However there are legitimate cases where the service does not know its hostname, e.g. when it is deployed in staging branches, etc. I cannot hard-code a I'll try to make a sensible README PR... |
Our official suggestion is to pass in a constructed URL, like you're currently doing. We'd be open to a PR that would take a function for |
Ok I need to withdraw my solution: |
Honestly, I don't know why you don't have some parameters for your different environments that you can use to build a URL specific to the environment. An environment variable could be used to switch which URL is passed in. Or, you could use the multi-SAML functionality. I'm open to the function idea still, but it seems that this might be pointing to a more endemic situation. How do you change your DB config or other such-like things per environment? |
@nicokaiser as @cjbarth is trying to say: Multisaml approach provides access to request (to extract whatever request specific information) and it provides mechanism to return e.g. fixed set of other config variables and change callbackUrl config per request (which would solve this issue reporter's case). This comment entry's actual point is: why even consider new round of fine-grained configuration stuff because (and especially in this case/for this case) there is goarse-grained approach (from passport-saml pov) already available which provides mechanism to change about everything per request. Sidenote: Seems that those were missed during node-saml/node-saml#214 review. Unfortunately removing those is breaking change. |
With the update to v5.0.0, the
path
configuration option does not seem to work anymore:(This is the example from README.md)
This throws "TypeError: callbackUrl is required". There is no migration guide from passport-saml 4.x to 5.0.0, so I assumed, apart from the Node.js 18 requirement nothing changed.
callbackUrl
is relative, so we used to usepath
, like in the example)The text was updated successfully, but these errors were encountered: