I'm using passport-saml/multiSamlStrategy
(using IdP initiated flow only if that matters somehow).
I want to verify periodically that the user is still logged in to the IdP and logging him out in case he isn't.
The problem is that req.isAuthenticated()
always returns true
since it consider only the session of the web app and not the IdP session.
In case the user is connecting directly to the IdP and log out himself from the IdP, I would expect the req.isAuthenticated()
to return false
.
How can I achieve that? Is that Possible?