mirror of
https://github.com/LukeHagar/better-auth.git
synced 2025-12-09 20:27:44 +00:00
chore(demo): fix sso (#4934)
This commit is contained in:
Dylan Vanmali
@@ -88,7 +88,7 @@ export const auth = betterAuth({
|
|||||||
},
|
},
|
||||||
account: {
|
account: {
|
||||||
accountLinking: {
|
accountLinking: {
|
||||||
trustedProviders: ["google", "github", "demo-app"],
|
trustedProviders: ["google", "github", "demo-app", "sso"],
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
emailAndPassword: {
|
emailAndPassword: {
|
||||||
@@ -244,8 +244,9 @@ export const auth = betterAuth({
|
|||||||
domain: "http://localhost:3000",
|
domain: "http://localhost:3000",
|
||||||
providerId: "sso",
|
providerId: "sso",
|
||||||
samlConfig: {
|
samlConfig: {
|
||||||
issuer: "http://localhost:3001/api/sso/saml2/sp/metadata",
|
issuer: "http://localhost:3000/api/auth/sso/saml2/sp/metadata",
|
||||||
entryPoint: "http://localhost:3001/api/sso/saml2/sp/acs",
|
entryPoint:
|
||||||
|
"https://dummyidp.com/apps/app_01k16v4vb5yytywqjjvv2b3435",
|
||||||
cert: `-----BEGIN CERTIFICATE-----
|
cert: `-----BEGIN CERTIFICATE-----
|
||||||
MIIDBzCCAe+gAwIBAgIUCLBK4f75EXEe4gyroYnVaqLoSp4wDQYJKoZIhvcNAQEL
|
MIIDBzCCAe+gAwIBAgIUCLBK4f75EXEe4gyroYnVaqLoSp4wDQYJKoZIhvcNAQEL
|
||||||
BQAwEzERMA8GA1UEAwwIZHVtbXlpZHAwHhcNMjQwNTEzMjE1NDE2WhcNMzQwNTEx
|
BQAwEzERMA8GA1UEAwwIZHVtbXlpZHAwHhcNMjQwNTEzMjE1NDE2WhcNMzQwNTEx
|
||||||
@@ -267,7 +268,7 @@ export const auth = betterAuth({
|
|||||||
-----END CERTIFICATE-----`,
|
-----END CERTIFICATE-----`,
|
||||||
spMetadata: {
|
spMetadata: {
|
||||||
metadata: `
|
metadata: `
|
||||||
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://localhost:3000/api/sso/saml2/sp/metadata">
|
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://localhost:3000/api/auth/sso/saml2/sp/metadata">
|
||||||
<md:SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
|
<md:SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
|
||||||
<md:KeyDescriptor use="signing">
|
<md:KeyDescriptor use="signing">
|
||||||
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
@@ -283,10 +284,10 @@ export const auth = betterAuth({
|
|||||||
</ds:X509Data>
|
</ds:X509Data>
|
||||||
</ds:KeyInfo>
|
</ds:KeyInfo>
|
||||||
</md:KeyDescriptor>
|
</md:KeyDescriptor>
|
||||||
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://localhost:3000/api/sso/saml2/sp/sls"/>
|
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://localhost:3000/api/auth/sso/saml2/sp/sls"/>
|
||||||
<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
|
<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
|
||||||
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://localhost:3000/api/sso/saml2/sp/acs" index="1"/>
|
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://localhost:3000/api/auth/sso/saml2/sp/acs/sso" index="1"/>
|
||||||
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://localhost:3000/api/sso/saml2/sp/acs" index="1"/>
|
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://localhost:3000/api/auth/sso/saml2/sp/acs/sso" index="1"/>
|
||||||
</md:SPSSODescriptor>
|
</md:SPSSODescriptor>
|
||||||
<md:Organization>
|
<md:Organization>
|
||||||
<md:OrganizationName xml:lang="en-US">Organization Name</md:OrganizationName>
|
<md:OrganizationName xml:lang="en-US">Organization Name</md:OrganizationName>
|
||||||
@@ -308,7 +309,7 @@ export const auth = betterAuth({
|
|||||||
entityURL:
|
entityURL:
|
||||||
"https://dummyidp.com/apps/app_01k16v4vb5yytywqjjvv2b3435/metadata",
|
"https://dummyidp.com/apps/app_01k16v4vb5yytywqjjvv2b3435/metadata",
|
||||||
entityID:
|
entityID:
|
||||||
"https://dummyidp.com/apps/app_01k16v4vb5yytywqjjvv2b3435/metadata",
|
"https://dummyidp.com/apps/app_01k16v4vb5yytywqjjvv2b3435",
|
||||||
redirectURL:
|
redirectURL:
|
||||||
"https://dummyidp.com/apps/app_01k16v4vb5yytywqjjvv2b3435/sso",
|
"https://dummyidp.com/apps/app_01k16v4vb5yytywqjjvv2b3435/sso",
|
||||||
singleSignOnService: [
|
singleSignOnService: [
|
||||||
@@ -319,24 +320,24 @@ export const auth = betterAuth({
|
|||||||
},
|
},
|
||||||
],
|
],
|
||||||
cert: `-----BEGIN CERTIFICATE-----
|
cert: `-----BEGIN CERTIFICATE-----
|
||||||
MIIDBzCCAe+gAwIBAgIUCLBK4f75EXEe4gyroYnVaqLoSp4wDQYJKoZIhvcNAQEL
|
MIIDBzCCAe+gAwIBAgIUCLBK4f75EXEe4gyroYnVaqLoSp4wDQYJKoZIhvcNAQEL
|
||||||
BQAwEzERMA8GA1UEAwwIZHVtbXlpZHAwHhcNMjQwNTEzMjE1NDE2WhcNMzQwNTEx
|
BQAwEzERMA8GA1UEAwwIZHVtbXlpZHAwHhcNMjQwNTEzMjE1NDE2WhcNMzQwNTEx
|
||||||
MjE1NDE2WjATMREwDwYDVQQDDAhkdW1teWlkcDCCASIwDQYJKoZIhvcNAQEBBQAD
|
MjE1NDE2WjATMREwDwYDVQQDDAhkdW1teWlkcDCCASIwDQYJKoZIhvcNAQEBBQAD
|
||||||
ggEPADCCAQoCggEBAKhmgQmWb8NvGhz952XY4SlJlpWIK72RilhOZS9frDYhqWVJ
|
ggEPADCCAQoCggEBAKhmgQmWb8NvGhz952XY4SlJlpWIK72RilhOZS9frDYhqWVJ
|
||||||
HsGH9Z7sSzrM/0+YvCyEWuZV9gpMeIaHZxEPDqW3RJ7KG51fn/s/qFvwctf+CZDj
|
HsGH9Z7sSzrM/0+YvCyEWuZV9gpMeIaHZxEPDqW3RJ7KG51fn/s/qFvwctf+CZDj
|
||||||
yfGDzYs+XIgf7p56U48EmYeWpB/aUW64gSbnPqrtWmVFBisOfIx5aY3NubtTsn+g
|
yfGDzYs+XIgf7p56U48EmYeWpB/aUW64gSbnPqrtWmVFBisOfIx5aY3NubtTsn+g
|
||||||
0XbdX0L57+NgSvPQHXh/GPXA7xCIWm54G5kqjozxbKEFA0DS3yb6oHRQWHqIAM/7
|
0XbdX0L57+NgSvPQHXh/GPXA7xCIWm54G5kqjozxbKEFA0DS3yb6oHRQWHqIAM/7
|
||||||
mJMdUVZNIV1q7c2JIgAl23uDWq+2KTE2R5liP/KjvjwKonVKtTqGqX6ei25rsTHO
|
mJMdUVZNIV1q7c2JIgAl23uDWq+2KTE2R5liP/KjvjwKonVKtTqGqX6ei25rsTHO
|
||||||
aDpBH/LdQK2txgsm7R7+IThWNvUI0TttrmwBqyMCAwEAAaNTMFEwHQYDVR0OBBYE
|
aDpBH/LdQK2txgsm7R7+IThWNvUI0TttrmwBqyMCAwEAAaNTMFEwHQYDVR0OBBYE
|
||||||
FD142gxIAJMhpgMkgpzmRNoW9XbEMB8GA1UdIwQYMBaAFD142gxIAJMhpgMkgpzm
|
FD142gxIAJMhpgMkgpzmRNoW9XbEMB8GA1UdIwQYMBaAFD142gxIAJMhpgMkgpzm
|
||||||
RNoW9XbEMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBADQd6k6z
|
RNoW9XbEMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBADQd6k6z
|
||||||
FIc20GfGHY5C2MFwyGOmP5/UG/JiTq7Zky28G6D0NA0je+GztzXx7VYDfCfHxLcm
|
FIc20GfGHY5C2MFwyGOmP5/UG/JiTq7Zky28G6D0NA0je+GztzXx7VYDfCfHxLcm
|
||||||
2k5t9nYhb9kVawiLUUDVF6s+yZUXA4gUA3KoTWh1/oRxR3ggW7dKYm9fsNOdQAbx
|
2k5t9nYhb9kVawiLUUDVF6s+yZUXA4gUA3KoTWh1/oRxR3ggW7dKYm9fsNOdQAbx
|
||||||
UUkzp7HLZ45ZlpKUS0hO7es+fPyF5KVw0g0SrtQWwWucnQMAQE9m+B0aOf+92y7J
|
UUkzp7HLZ45ZlpKUS0hO7es+fPyF5KVw0g0SrtQWwWucnQMAQE9m+B0aOf+92y7J
|
||||||
QkdgdR8Gd/XZ4NZfoOnKV7A1utT4rWxYCgICeRTHx9tly5OhPW4hQr5qOpngcsJ9
|
QkdgdR8Gd/XZ4NZfoOnKV7A1utT4rWxYCgICeRTHx9tly5OhPW4hQr5qOpngcsJ9
|
||||||
vhr86IjznQXhfj3hql5lA3VbHW04ro37ROIkh2bShDq5dwJJHpYCGrF3MQv8S3m+
|
vhr86IjznQXhfj3hql5lA3VbHW04ro37ROIkh2bShDq5dwJJHpYCGrF3MQv8S3m+
|
||||||
jzGhYL6m9gFTm/8=
|
jzGhYL6m9gFTm/8=
|
||||||
-----END CERTIFICATE-----`,
|
-----END CERTIFICATE-----`,
|
||||||
},
|
},
|
||||||
callbackUrl: "/dashboard",
|
callbackUrl: "/dashboard",
|
||||||
},
|
},
|
||||||
|
|||||||
@@ -37,3 +37,8 @@ See [Demo](https://demo.better-auth.com)
|
|||||||
pnpm dev
|
pnpm dev
|
||||||
```
|
```
|
||||||
4. Open the browser and navigate to `http://localhost:3000`
|
4. Open the browser and navigate to `http://localhost:3000`
|
||||||
|
|
||||||
|
### SSO Login Example
|
||||||
|
|
||||||
|
For this example, we utilize DummyIDP. Initiate the login from the [DummyIDP login](https://dummyidp.com/apps/app_01k16v4vb5yytywqjjvv2b3435/login), click "Proceed", and from here it will direct you to user's dashboard.
|
||||||
|
|
||||||
Reference in New Issue
Block a user