Configure passport strategy with multiple issuers #624
-
|
Hello! I'm would like to integrate From an architectural point of view, imagine the application running on different domains ( I solved this problem by wrapping This is just an high level example: // more code containing issuers and clients.
// ...
app.use((req, res, next) => {
let client;
if (req.rawHeaders[1] === "my-domain-a.com") {
client = clientA;
}
if (req.rawHeaders[1] === "my-domain-b.com") {
client = clientB;
}
passport.use(
"oidc",
new Strategy({ client }, (tokenSet, userinfo, done) => {
return done(null, tokenSet);
}),
);
next();
});it seems that everything works as expected however I'm now sure if this is an anti-pattern within the context of I was wondering if anyone had this problem before? Additionally, I could also deploy two pods with different environment variables but I would like to solve this problem on the application side if possible. I appreciate that this question is a bit on a blurry line between two packages. Thanks! |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
You will eventually have to call // Create two issuers, two clients, two strategies then:
passport.use('oidc-domain-a', strategyA);
passport.use('oidc-domain-b', strategyB);Then on some endpoint: router.post('/login',
passport.authenticate(['oidc-domain-a', 'oidc-domain-b']),
(req, res) => {
// now you have a token which comes from either A or B domain oidc provider
} |
Beta Was this translation helpful? Give feedback.
-
|
It worked! Thank you! The only difference for my use-case is that I need to calculate the strategy on the (or I could just swap the string inside the But the approach worked! 👍 |
Beta Was this translation helpful? Give feedback.
You will eventually have to call
passport.authenticatemiddleware on some endpoint in your app.Here is a nice description on how to do this with multiple strategies.
Now back to your case, you just need to name them differently and do
passport.usetwice during app init.Then on some endpoint: