Generate the XML file!
Recall: before authentication between an IdP and an SP occurs, a trust must be created between the two systems. This trust occurs through a metadata file exchange.
JHU SSO SAML metadata XML file is here: https://idp.jh.edu/idp/shibboleth.
We can have PassportJS to generate a metadata file for us.
app.get("/jhu/metadata", (req, res) => {
res.type("application/xml");
res.status(200);
res.send(samlStrategy.generateServiceProviderMetadata());
});
Run the app (using node index.js
) and point your browser to http://localhost:7000/jhu/metadata to see the content of the metadata.
You need to send the metadata XML file to
enterpriseauth@jhmi.edu
along with your request for your app to be added as a trusted SP.
Once your app is deployed, you can point JHU SSO admins to the metadata route instead of sending an actual file. Keep in mind though, if you make a change to this file, you must resend it to JHU SSO admins (the file is manually uploaded and it will not be linked to your applications metadata route).
Diff
diff --git a/code/index.js b/code/index.js
index 70c4a15..8e59655 100644
--- a/code/index.js
+++ b/code/index.js
@@ -55,6 +55,13 @@ app.post(
}
);
+// route to metadata
+app.get("/jhu/metadata", (req, res) => {
+ res.type("application/xml");
+ res.status(200);
+ res.send(samlStrategy.generateServiceProviderMetadata());
+});
+
// Start the server.
app.listen(port, () => {
console.log(`Listening on http://localhost:${port}/`);