SSO: How does meteor server method knows the identity of a user, when it gets an incoming request forwarded from another server


#1

Hi,

I am using meteor as a single sign on module for an external reporting tool (Qlik Sense).

On the server side, I use a certificate to authenticate against Qlik Sense. So I need the code to run on the server.

Qlik Sense redirects to Meteor:3000/SSO. I have this already working with the the picker module

Picker.route('/sso', function(params, request, response, next) {
    console.log("Meteor's authentication module qlikAuthSSO.js receiced the forwarded request from Qlik Sense proxy. Meteor will now look which user is currently logged in, and request a ticket for this ID, and add his group memberships");
    // console.log(request);

    //Define user directory, user identity and attributes
    var profile = {
        'UserDirectory': '2008ENT',
        'UserId': 'test', //  Session.get('currentUser'),
        'Attributes': [{ 'group': 'Shell' }]
    }
    console.log('Request ticket for this profile: ', profile);
    var options = {
            'Certificate': senseConfig.cert, //'C:/Users/Qlik/Meteor projects/qlikauth-meteor/node_modules/qlik-auth/client.pfx',
            'PassPhrase': ''
        }
        //Make call for ticket request
    qlikauth.requestTicket(request, response, profile, options);
});

But this one uses a static text user, or in this case the not working Session.get, because the session is not available server side. I know I can call a method from the client, and the method then has Meteor.UserId to get the user…

  • How does meteor know which user it is getting a request for, if it is a redirect from a server to the serverside of meteor? Is this working because Meteor.serverside can read a cookie or some other mechanism?
  • in short: user Goes to external server, that redirects to meteor. Meteor should present login screen. And after succes request a ticket/token for the user.
  • I was also thinking of just using a client side router, and forward the request and response to a method on the server. But How do I forward the request and response objects?

Thank you