From bec9d51ed8d01030c20075d52ac403324933a10f Mon Sep 17 00:00:00 2001
From: Prince Ansong <prince.ansong@gmail.com>
Date: Mon, 6 Apr 2020 16:17:03 +0200
Subject: [PATCH] Use default authentication method in SSO redirect URL for low
 sessions

---
 src/middleware/sso.js | 2 +-
 test/sso.js           | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/middleware/sso.js b/src/middleware/sso.js
index 814b770..70001f2 100644
--- a/src/middleware/sso.js
+++ b/src/middleware/sso.js
@@ -78,7 +78,7 @@ export default function sso(options) {
 
       const lowSession = getSessionWithAssuranceLevel(sessions, 'low')
       if (lowSession) {
-        return res.redirect(`${baseRedirectUrl}&auth_methods=${lowSession.authenticationMethod}`);
+        return res.redirect(`${baseRedirectUrl}&auth_methods=iam-aprofiel-userpass`);
       }
 
     } catch (exception) {
diff --git a/test/sso.js b/test/sso.js
index ed7bf1a..bfbc782 100644
--- a/test/sso.js
+++ b/test/sso.js
@@ -210,7 +210,7 @@ describe('test sso middleware', function onDescribe() {
     });
 
     res.on('end', () => {
-      assert(redirectValue.includes(lowSession.authenticationMethod));
+      assert(redirectValue.includes('iam-aprofiel-userpass'));
       done();
     });