Hi, has anyone developed an authentication plugin for sso authentication? Can anyone point me in the direction of documentation on how to proceed with this?
I have developed a node application using passport-saml and have succeeded in authenticating against our ADFS environment. What I need to figure out is how to write a plugin for Adapt to incorporate this. Any assistance is greatly appreciated.
Thanks
Hi Ryoga
Just to say that it really helps when asking questions like this if you make it clear whether you're developing for the Framework or for the Authoring tool...
Hi Ryoga,
A number of people have asked about this in the past, but I'm not aware of anyone going so far as to build it.
We use http://www.passportjs.org/ for our authentication, which has support for a whole bunch of auth options. Out of the box we only support local authentication (i.e. username/password), but it should be possible to write a plugin to support any of the others.
A good start is to look at the local auth plugin, which you should be able to use as a starting point:
https://github.com/adaptlearning/adapt_authoring/tree/master/plugins/auth/local
It may also be useful to look at auth.js, which consumes the authentication plugins:
https://github.com/adaptlearning/adapt_authoring/blob/master/lib/auth.js
I don't have much more guidance than this unfortunately, as it's not something I've had any experience with directly.
Thanks Tom for the reply.
Yes, I have started looking at both https://github.com/adaptlearning/adapt_authoring/tree/master/plugins/auth/local and https://github.com/adaptlearning/adapt_authoring/blob/master/lib/auth.js and trying to get some understanding but was hoping for some more detailed documentation on these pieces to see how it all fits together.
I'll keep at it.
Hi Ryoga,
Yeah unfortunately, there's no documentation on this.
A good starting point is to look at the AuthPlugin object in auth.js. You'll notice that there are a lot of prototype functions in here that need to be overridden (the ones with the 'must be overridden in extending object' errors) -- you'll need to do this in your plugin.
It should also be useful to compare with the local auth plugin in plugins/auth/local if you're unsure of anything (particularly the way it extends the AuthPlugin and is instantiated). Your job will essentially be to translate that local plugin to work with your own SAML stuff.
Let me know how you get on, and I'll try and give you further advice :)
Hi Tom,
Would you know if it would be a simple process to remove the Passport local authentication completely? or where to start looking if I was to try this?
I am asking this as the way the passport-saml (using ADFS) is that I give it the ADFS end-point and first thing that should happen when the user enters into Adapt is a redirect to that end-point which provides a place for the user to enter a username/password.
So I need to remove the current login page and logic behind it, but it looks like a lot of it is tied into the framework. I am looking at application.js, usermanager.js, rolemanager.js, permissions.js. I can see this as almost a complete re-write of the entire authentication piece. Would like to hear your thoughts?
Thanks