How to get user information from request object after login? Because currently, the user data looks empty!

[MrPhyaeSoneThwim]

I followed the instructions from ADFS Doucmentation and generated key, cert & xml file for localhost using

./mellon_create_metadata.sh https://localhost:3000 https://localhost:3000/adfs/saml

And the following is my code implementation in index.js file.

var passport = require('passport');
var express = require('express');

var app = express();
require('./config/passport.js');

app.use(session({
   secret:"token-secret",
   resave: false,
   saveUninitialized: true
}));

app.use(passport.initialize());
app.use(passport.session());

app.get('/login',
    passport.authenticate('saml', { failureRedirect: '/', failureFlash: true }),
    function(req, res) {
      res.redirect('https://localhost:3000');
    }
);

app.post('/adfs/saml/postResponse',
    passport.authenticate('saml', { failureRedirect: '/', failureFlash: true }),
    function(req, res) {
      res.redirect('https://localhost:3000');
    }
);

app.get('/', validUser, (req,res){
     res.status(200).json({ user: req.user })
});

function validUser(req, res, next) {
    if (!req.user) {
      res.redirect('https://localhost:3000/login');
    }
    next();
}

const server = https.createServer({
    key: fs.readFileSync('scripts/https_localhost_3000.key'),
    cert: fs.readFileSync('scripts/https_localhost_3000.cert')
}, app);

server.listen(3000)

And this one is passport.js file

const fs = require("fs");
const passport = require("passport");
const SamlStrategy = require("passport-saml").Strategy;

passport.serializeUser((user, done) => {
    done(null, user);
});

passport.deserializeUser((user, done) => {
    done(null, user);
});

passport.use(
    new SamlStrategy(
        {
            entryPoint: "https://adfs.example.com/adfs/ls",
            issuer: "https://localhost:3000", 
            callbackUrl: "https://localhost:3000/adfs/saml/postResponse",
            privateKey: fs.readFileSync("scripts/https_localhost_3000.key", "utf-8"), 
            cert: fs.readFileSync("scripts/adfs.example.com.cert", "utf-8"),
            acceptedClockSkewMs: -1,
            identifierFormat: null,
            signatureAlgorithm: "sha256",
            racComparison: "exact",
            audience: "https://adfs.example.com/FederationMetadata/2007-06/FederationMetadata.xml",
        },
        (profile, done) => {
            console.log(profile);
            return done(null, {
                upn: profile["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"],
            });
        }
    )
);

module.exports = passport;

I'm trying to setup ADFS authentication as first time. Is my code flow correct? And, is there any things I need to configure to access user information after login succeeded. I hope someone can give me a piece of advice for that. And the another issue is redirecting so many times to ADFS SAML login page after navigate to /adfs/saml/postResponse url.

And I followed the steps from the last Discussion for the same issue from Discusstion 703 but not really solved my issue.

[srd90]

Seems that you are missing body-parser.

const bodyParser = require("body-parser");

app.use(bodyParser.urlencoded({encoded: true}));

second opinions:

• Redirects in infinite loop if a body parser is not set up for express #128 (comment)
• question: https://stackoverflow.com/q/34632674
  • answer: https://stackoverflow.com/a/35643041

and what comes to #703 it seems that at the heart of that problem was also lack of bodyparser but due to some unknown reason questioner resolved issue by adding bodyparser.json() instead of urlencoded ( #703 (reply in thread) )

btw. remove this due obvious attack vectors it enables (see e.g. #703 (comment) ):

acceptedClockSkewMs: -1,

[MrPhyaeSoneThwim]

Oh great thanks @srd90 . Let me try fixing the issue according to your answer.