allow to set a saml client certificate

Signed-off-by: Simeon Keske <git@n0emis.eu>
2020-04-29 18:27:00 +02:00
parent 3db8b0df43
commit 17f0067ab2
4 changed files with 16 additions and 12 deletions
--- a/lib/web/auth/saml/index.js
+++ b/lib/web/auth/saml/index.js
@@ -17,6 +17,7 @@ passport.use(new SamlStrategy({
  entryPoint: config.saml.idpSsoUrl,
  issuer: config.saml.issuer || config.serverURL,
  cert: fs.readFileSync(config.saml.idpCert, 'utf-8'),
+  privateCert: config.saml.clientCert === undefined ? undefined : fs.readFileSync(config.saml.clientCert, 'utf-8'),
  identifierFormat: config.saml.identifierFormat,
  disableRequestedAuthnContext: config.saml.disableRequestedAuthnContext
 }, function (user, done) {