-
|
Is there a better approach than extending authenticate as done here https://github.com/boxyhq/remix-auth-saml/blob/a023da125ef29264c15bdb5806926317f04b8a2c/src/index.ts#L56 async authenticate(
request: Request,
sessionStorage: SessionStorage,
options: AuthenticateOptions
): Promise<User> {
if (options.context?.clientID && options.context?.clientSecret) {
this.clientID = options.context.clientID;
this.clientSecret = options.context.clientSecret;
}
return super.authenticate(request, sessionStorage, options);
}SAML is multi-tenanted and we set it dynamically based on some user input. For example tenant could come from email. // extracting the tenant from email is one way to set it
const tenant = email.split("@")[1];
return await auth.authenticate("boxyhq-saml", request, {
successRedirect: "/private",
failureRedirect: "/login",
context: {
clientID: `tenant=${tenant}&product=${product}`,
clientSecret: process.env.CLIENT_SECRET_VERIFIER || "dummy",
},
}); |
Beta Was this translation helpful? Give feedback.
Answered by
sergiodxa
May 18, 2024
Replies: 1 comment
-
|
The best way, and what worked for me, is to create the authenticator instance and set strategy on a per request basis, instead of globally. |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
sergiodxa
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The best way, and what worked for me, is to create the authenticator instance and set strategy on a per request basis, instead of globally.