• Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login
FusionAuth
  • Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login

ZOOM and SSO Lambda writing

Scheduled Pinned Locked Moved
Q&A
3
5
3.1k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • O
    onmybus
    last edited by 23 May 2020, 03:15

    As per https://www.reddit.com/r/Zoom/comments/go3s19/sso_with_fusionauth/?utm_source=share&utm_medium=web2x

    How do I write to remove the recipient in Lambda? I am not proficient in writing lambda at all.

    I tried something like this samlResponse.assertion.subject.confirmation.recipient=[''];

    1 Reply Last reply Reply Quote 0
    • D
      dan
      last edited by 23 May 2020, 12:34

      That's how I'd write it. Did that not work?

      You could try samlResponse.assertion.subject.confirmation.recipient = null as well.

      Since the lambda is javascript, you could also try iterating the

      samlResponse.assertion.subject.confirmation object and removing the recipient key, though I'm unsure if that will work.

      Please let us know.

      --
      FusionAuth - Auth for devs, built by devs.
      https://fusionauth.io

      1 Reply Last reply Reply Quote 0
      • O
        onmybus
        last edited by 23 May 2020, 14:17

        @onmybus said in ZOOM and SSO Lambda writing:

        samlResponse.assertion.subject.confirmation.recipient=[''];

        No, a lot of the issues seems it either can't set a method or it's undefined.
        In this case recipient is undefined.

        1 Reply Last reply Reply Quote 0
        • D
          dan
          last edited by 26 May 2020, 14:29

          Hmm. Can you log the samlResponse object using console.log and share the structure?

          I'm kinda shooting in the dark right now, as we haven't tested with Zoom. There's an open issue to do so: https://github.com/FusionAuth/fusionauth-issues/issues/643

          --
          FusionAuth - Auth for devs, built by devs.
          https://fusionauth.io

          1 Reply Last reply Reply Quote 0
          • R
            robotdan
            last edited by robotdan 28 May 2020, 03:57

            @onmybus We'll need to do some more research into that error, @dan had some good insight in the reddit thread. Perhaps we are not building the response correctly.

            If you wan try @dan's suggest, I think the SAML Populate lambda would look like this: ( @dan was really close)

            function populate(samlResponse, user, registration) {
  samlResponse.assertion.subject.subjectConfirmation.recipient = null;
}

            Here is how we are building that subject object:

            String callback = samlv2Configuration.callbackURL.toString();

response.assertion.subject = new Subject();
response.assertion.subject.subjectConfirmation = new SubjectConfirmation();
response.assertion.subject.subjectConfirmation.inResponseTo = request.id;
response.assertion.subject.subjectConfirmation.method = ConfirmationMethod.Bearer;
response.assertion.subject.subjectConfirmation.notBefore = now.minusHours(1);
response.assertion.subject.subjectConfirmation.notOnOrAfter = now.plusHours(1);
response.assertion.subject.subjectConfirmation.recipient = callback;

            As a side note, the way you can debug this, is to dump out the samlResponse object to an event log. For example, add this to your lambda body and the samlResponse object will be pretty printed to an info event log. See System > Event Log.

            console.info(JSON.stringify(samlResponse, null, ' '));
            1 Reply Last reply Reply Quote 2
            5 out of 5
            • First post
              5/5
              Last post