@boxyhq/saml-jackson 0.1.5-beta.125 → 0.1.5-beta.135

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/package.json +3 -2
  2. package/src/controller/api.js +46 -0
  3. package/src/jackson.js +16 -0
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@boxyhq/saml-jackson",
3
- "version": "0.1.5-beta.125",
3
+ "version": "0.1.5-beta.135",
4
4
  "license": "Apache 2.0",
5
5
  "description": "SAML 2.0 service",
6
6
  "main": "src/index.js",
@@ -20,7 +20,8 @@
20
20
  "mongo": "cross-env DB_ENGINE=mongo DB_URL=mongodb://localhost:27017/jackson nodemon src/jackson.js",
21
21
  "pre-loaded": "cross-env DB_ENGINE=mem PRE_LOADED_CONFIG='./_config' nodemon src/jackson.js",
22
22
  "test": "tap --timeout=100 src/**/*.test.js",
23
- "dev-dbs": "docker-compose -f ./_dev/docker-compose.yml up -d"
23
+ "dev-dbs": "docker-compose -f ./_dev/docker-compose.yml up -d",
24
+ "dev-dbs-destroy": "docker-compose -f ./_dev/docker-compose.yml down --volumes --remove-orphans"
24
25
  },
25
26
  "tap": {
26
27
  "coverage-map": "map.js",
package/src/controller/api.js CHANGED
@@ -7,11 +7,33 @@ const crypto = require('crypto');
7
7
 
8
8
  let configStore;
9
9
 
10
+ const extractHostName = (url) => {
11
+ try {
12
+ const pUrl = new URL(url);
13
+ if(pUrl.hostname.startsWith('www.')) {
14
+ return pUrl.hostname.substring(4);
15
+ }
16
+ return pUrl.hostname;
17
+ } catch (err) {
18
+ return null;
19
+ }
20
+ };
21
+
10
22
  const config = async (body) => {
11
23
  const { rawMetadata, defaultRedirectUrl, redirectUrl, tenant, product } =
12
24
  body;
13
25
  const idpMetadata = await saml.parseMetadataAsync(rawMetadata);
14
26
 
27
+ // extract provider
28
+ let providerName = extractHostName(idpMetadata.entityID);
29
+ if (!providerName) {
30
+ providerName = extractHostName(
31
+ idpMetadata.sso.redirectUrl || idpMetadata.sso.postUrl
32
+ );
33
+ }
34
+
35
+ idpMetadata.provider = providerName ? providerName : 'Unknown';
36
+
15
37
  let clientID = dbutils.keyDigest(
16
38
  dbutils.keyFromParts(tenant, product, idpMetadata.entityID)
17
39
  );
@@ -59,9 +81,33 @@ const config = async (body) => {
59
81
  };
60
82
  };
61
83
 
84
+ const getConfig = async (body) => {
85
+ const { clientID, clientSecret, tenant, product } = body;
86
+
87
+ if (clientID && clientSecret) {
88
+ const samlConfig = await configStore.get(clientID);
89
+ if (!samlConfig) {
90
+ return {};
91
+ }
92
+
93
+ return { provider: samlConfig.idpMetadata.provider };
94
+ } else {
95
+ const samlConfigs = await configStore.getByIndex({
96
+ name: indexNames.tenantProduct,
97
+ value: dbutils.keyFromParts(tenant, product),
98
+ });
99
+ if (!samlConfigs || !samlConfigs.length) {
100
+ return {};
101
+ }
102
+
103
+ return { provider: samlConfigs[0].idpMetadata.provider };
104
+ }
105
+ };
106
+
62
107
  module.exports = (opts) => {
63
108
  configStore = opts.configStore;
64
109
  return {
65
110
  config,
111
+ getConfig,
66
112
  };
67
113
  };
package/src/jackson.js CHANGED
@@ -87,6 +87,22 @@ internalApp.post(apiPath + '/config', async (req, res) => {
87
87
  }
88
88
  });
89
89
 
90
+ internalApp.get(apiPath + '/config', async (req, res) => {
91
+ try {
92
+ const apiKey = extractAuthToken(req);
93
+ if (!validateApiKey(apiKey)) {
94
+ res.status(401).send('Unauthorized');
95
+ return;
96
+ }
97
+
98
+ res.json(await apiController.getConfig(req.body));
99
+ } catch (err) {
100
+ res.status(500).json({
101
+ error: err.message,
102
+ });
103
+ }
104
+ });
105
+
90
106
  let internalServer = server;
91
107
  if (env.useInternalServer) {
92
108
  internalServer = internalApp.listen(env.internalHostPort, async () => {