Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Invalid Session Participant #71

Open
jstephens7 opened this issue Aug 6, 2018 · 7 comments
Open

Invalid Session Participant #71

jstephens7 opened this issue Aug 6, 2018 · 7 comments

Comments

@jstephens7
Copy link

The documentation provides us with what a session participant object should look like but does not provide information for when or where to store/create session participants.
This may just be my misunderstanding but could some documentation regarding how and when to create session participants be provided?

@jstephens7
Copy link
Author

I would think that this would be created internally upon a successful saml response creation, as it has all the information necessary then. Is there any reason session participants aren't created automatically?

Also, it appears session participants need to be instances of SessionParticipants prototype y'all have internally, but it's not exposed and I don't see any way to add to the list of session participants.

@jstephens7
Copy link
Author

Accidentally closed, apologies.

@jstephens7
Copy link
Author

Also, in considering how this apparently expects you to store the session participants externally, but removes some internally, how are we to know which session participants should still exist externally after they are removed?

@ksmithut
Copy link

ksmithut commented Sep 7, 2018

I'm also having issues with this. I have come to find out that the sessionParticipants object does not need to be an instance of that SessionParticipants prototype, but it does need to have the same signature. It's still not clear how the session stuff works from a SAML point of view (new to SAML), but I'm guessing that the session needs to be initialized on login? Again, I'm new to this, so I'm just reading through the code to figure out how it all works.

@jstephens7
Copy link
Author

Hey @ksmithut, I just saw your reply. I found out how to use this properly after viewing another npm which uses this one. Here is the main source file you need to look through: https://github.com/mcguinness/saml-idp/blob/master/app.js
I decided to store our session participants in mongo so I made our sessionId the object id from in mongo. I didn't realize at first glance we could just pull out the session participant object internally from this npm, but that's what we ended up doing. I can try to help if you have any more questions.

@ksmithut
Copy link

Thanks :) That was super helpful. Going through this now and implementing it. Thanks!

@eightHundreds
Copy link

image

the implement

options.sessionParticipants.get(requestData.issuer, requestData.sessionIndex, requestData.nameId, function (err, session) {
  if (err) { return next(err); }
  if (!session && !options.destination) { return next(new Error('Invalid Session Participant')); }
// ...

In my case, i have no other participants,but this code assumes that there must be other participants

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants