score:20

Accepted answer

after some thinking, i came up with the following solution which worked quite nicely for me.

saml has something called relaystate which is a property that the service provider has to respond with. so now the process looks like this:

  1. user accesses http://frontendserver.com and gets server the static page with the react application (not signed in.).
  2. user clicks 'login' and gets redirected to http://backendserver.com/login/?relaystate=http://frontendserver.com which authenticates via passport-saml and redirects user to sp. so i pass the origin of the request in relaystate.
  3. user calls back to http://backendserver.com/callback with the samlresponse, which includes the relaystate.
  4. i create a token, and redirect the user to relaystate/#token.
  5. i can then parse the url in the react application, and add the token as a header for any further requests.

this might've seemed like the obvious way to do it, but it took me quite a while to figure out that this would work.

score:0

i know this question is for node backend, but i found an article of the implementation for a php/apache webserver backend here and i think it can help someone trying to understand the flow of the process of how this type of thing works.


Related Query

More Query from same tag