I have tried to find answers for this issue before posting the question but unfortunately those solutions have not worked for me so I am posting my questions after exhausting my options
I am trying to authenticate my node js app with passport saml and Azure AD and I am trying this for the first time.
I have configured the app and following attributes in the Azure portal:
- Entity ID https://sampleserver.com/
- Reply URL https://sampleserver.com/login/saml/callback
- Logout URL https://sampleserver.com/logout
This is my passport config
passport.use(
new SamlStrategy(
{
path: "/login/saml/callback",
entryPoint: "https://my-azure-server/ls/adfs,
issuer: "https://sampleserver.com/",
decryptionPvk: fs.readFileSync('privateKey.pem'),
cert: fs.readFileSync('publicCert.pem')
},
function (profile, done) {
console.log("This is what is returned by Saml", profile);
return done(null, {
id: profile.uid,
email: profile.mail,
displayName: profile.givenname,
firstName: profile.givenname
});
}
)
);
The decryptionPvk is the key is used to create my server
The cert is the certificate I got from my IDP i.e. Azure
Problem: When I hit the URL https://sampleserver.com it navigates me to the login URL configured in the application but after the authentication, it gives me the following error:
AADSTS50011: The reply URL 'http://sampleserver.com/login/saml/callback' specified in the request
does not match the reply URLs configured for the application 'https://sampleserver.com/'
The callback URL should be https://sampleserver.com/login/saml/callback but for some reason the request builds the absolute URL to be http://sample...... instead of https://sample...
I am not able to understand why it picks http vs https
I have been stuck on this for a couple of days now and I have tried to read as much as possible before posting this question. I would really appreciate some help with this.
