Converting rule to action for wsfed auth

Help
,
1

I am trying to convert a rule that we have in use for applications with the wsfed addon:

function (user, context, callback) {
var roleProperty = ‘roles’;
if (user.hasOwnProperty(‘role’)) {
roleProperty = ‘role’;
}
context.samlConfiguration.mappings = {
http://schemas.microsoft.com/ws/2008/06/identity/claims/role’: roleProperty,
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name’: ‘name’,
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier’: ‘email’
};
callback(null, user, context);
}

Which works with no issue, I am trying to replace it with an action ahead of the deprecation with:

exports.onExecutePostLogin = async (event, api) => {

var roleProperty = ‘roles’;
if (event.user.hasOwnProperty(‘role’)) {
roleProperty = ‘role’;
}

api.samlResponse.setAttribute(‘http://schemas.microsoft.com/ws/2008/06/identity/claims/role’,roleProperty);
api.samlResponse.setAttribute(‘http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name’,event.user.name );
api.samlResponse.setAttribute(‘http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier’,event.user.email );

console.log(api.samlResponse)
};

but I get a http error 403, and the results of my console.log(api.samlResponse) in wetask logs is just:

Kc {}
Blockquote

The actual log itself in Auth0 is type Sucess Login.

I’m not sure what I’m doing wrong

3

Hi @hales8181,

After reviewing your Post Login action script, everything looks good. However, I noticed that you are trying to call console.log(api.samlResponse), which is not a property you can call to view the samlResponse. That’s why the returned response from the Realtime Webtask logs produced Kc{}.

Only the properties defined here can be called in the Post Login action script. In this case, you will have to check the actual samlResponse to see if the mappings are done correctly.

Thanks,
Rueben

4

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.