@boxyhq/saml-jackson 0.2.2-beta.165 → 0.2.2-beta.170
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/workflows/main.yml +2 -2
- package/Dockerfile +2 -2
- package/README.md +15 -1
- package/package.json +1 -1
- package/src/controller/api.js +20 -0
- package/src/jackson.js +16 -0
- package/src/test/api.test.js +7 -1
|
@@ -98,7 +98,7 @@ jobs:
|
|
|
98
98
|
|
|
99
99
|
- name: Get short SHA
|
|
100
100
|
id: slug
|
|
101
|
-
run: echo "::set-output name=
|
|
101
|
+
run: echo "::set-output name=sha7::$(echo ${GITHUB_SHA} | cut -c1-7)"
|
|
102
102
|
|
|
103
103
|
- name: Set up Docker Buildx
|
|
104
104
|
id: buildx
|
|
@@ -117,7 +117,7 @@ jobs:
|
|
|
117
117
|
context: ./
|
|
118
118
|
file: ./Dockerfile
|
|
119
119
|
push: true
|
|
120
|
-
tags: ${{ github.repository }}:latest,${{ github.repository }}:${{ steps.slug.outputs.
|
|
120
|
+
tags: ${{ github.repository }}:latest,${{ github.repository }}:${{ steps.slug.outputs.sha7 }}
|
|
121
121
|
|
|
122
122
|
- name: Image digest
|
|
123
123
|
run: echo ${{ steps.docker_build.outputs.digest }}
|
package/Dockerfile
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
# Install dependencies only when needed
|
|
2
|
-
FROM node:16.
|
|
2
|
+
FROM node:16.13.1-alpine3.14 AS deps
|
|
3
3
|
# Check https://github.com/nodejs/docker-node/tree/b4117f9333da4138b03a546ec926ef50a31506c3#nodealpine to understand why libc6-compat might be needed.
|
|
4
4
|
RUN apk add --no-cache libc6-compat
|
|
5
5
|
WORKDIR /app
|
|
@@ -8,7 +8,7 @@ COPY package.json package-lock.json ./
|
|
|
8
8
|
RUN npm ci --only=production
|
|
9
9
|
|
|
10
10
|
# Production image, copy all the files and run next
|
|
11
|
-
FROM node:16.
|
|
11
|
+
FROM node:16.13.1-alpine3.14 AS runner
|
|
12
12
|
WORKDIR /app
|
|
13
13
|
|
|
14
14
|
ENV NODE_OPTIONS="--max-http-header-size=81920"
|
package/README.md
CHANGED
|
@@ -85,7 +85,21 @@ router.get('/api/v1/saml/config', async (req, res) => {
|
|
|
85
85
|
});
|
|
86
86
|
}
|
|
87
87
|
});
|
|
88
|
+
// delete config
|
|
89
|
+
router.delete('/api/v1/saml/config', async (req, res) => {
|
|
90
|
+
try {
|
|
91
|
+
// apply your authentication flow (or ensure this route has passed through your auth middleware)
|
|
92
|
+
...
|
|
88
93
|
|
|
94
|
+
// only when properly authenticated, call the config function
|
|
95
|
+
await apiController.deleteConfig(req.body);
|
|
96
|
+
res.status(200).end();
|
|
97
|
+
} catch (err) {
|
|
98
|
+
res.status(500).json({
|
|
99
|
+
error: err.message,
|
|
100
|
+
});
|
|
101
|
+
}
|
|
102
|
+
});
|
|
89
103
|
// OAuth 2.0 flow
|
|
90
104
|
router.get('/oauth/authorize', async (req, res) => {
|
|
91
105
|
try {
|
|
@@ -293,7 +307,7 @@ The short-lived access token can now be used to request the user's profile. You'
|
|
|
293
307
|
|
|
294
308
|
```
|
|
295
309
|
curl --request GET \
|
|
296
|
-
--url https://localhost:5000/oauth/
|
|
310
|
+
--url https://localhost:5000/oauth/userinfo \
|
|
297
311
|
--header 'authorization: Bearer <access token>' \
|
|
298
312
|
--header 'content-type: application/json'
|
|
299
313
|
```
|
package/package.json
CHANGED
package/src/controller/api.js
CHANGED
|
@@ -127,10 +127,30 @@ const getConfig = async (body) => {
|
|
|
127
127
|
}
|
|
128
128
|
};
|
|
129
129
|
|
|
130
|
+
const deleteConfig = async (body) => {
|
|
131
|
+
const { clientID, tenant, product } = body;
|
|
132
|
+
|
|
133
|
+
if (clientID) {
|
|
134
|
+
await configStore.delete(clientID);
|
|
135
|
+
} else {
|
|
136
|
+
const samlConfigs = await configStore.getByIndex({
|
|
137
|
+
name: indexNames.tenantProduct,
|
|
138
|
+
value: dbutils.keyFromParts(tenant, product),
|
|
139
|
+
});
|
|
140
|
+
if (!samlConfigs || !samlConfigs.length) {
|
|
141
|
+
return;
|
|
142
|
+
}
|
|
143
|
+
for (const conf of samlConfigs) {
|
|
144
|
+
await configStore.delete(conf.clientID);
|
|
145
|
+
}
|
|
146
|
+
}
|
|
147
|
+
};
|
|
148
|
+
|
|
130
149
|
module.exports = (opts) => {
|
|
131
150
|
configStore = opts.configStore;
|
|
132
151
|
return {
|
|
133
152
|
config,
|
|
134
153
|
getConfig,
|
|
154
|
+
deleteConfig,
|
|
135
155
|
};
|
|
136
156
|
};
|
package/src/jackson.js
CHANGED
|
@@ -130,6 +130,22 @@ internalApp.get(apiPath + '/config', async (req, res) => {
|
|
|
130
130
|
}
|
|
131
131
|
});
|
|
132
132
|
|
|
133
|
+
internalApp.delete(apiPath + '/config', async (req, res) => {
|
|
134
|
+
try {
|
|
135
|
+
const apiKey = extractAuthToken(req);
|
|
136
|
+
if (!validateApiKey(apiKey)) {
|
|
137
|
+
res.status(401).send('Unauthorized');
|
|
138
|
+
return;
|
|
139
|
+
}
|
|
140
|
+
await apiController.deleteConfig(req.body);
|
|
141
|
+
res.status(200).end();
|
|
142
|
+
} catch (err) {
|
|
143
|
+
res.status(500).json({
|
|
144
|
+
error: err.message,
|
|
145
|
+
});
|
|
146
|
+
}
|
|
147
|
+
});
|
|
148
|
+
|
|
133
149
|
let internalServer = server;
|
|
134
150
|
if (env.useInternalServer) {
|
|
135
151
|
internalServer = internalApp.listen(env.internalHostPort, async () => {
|
package/src/test/api.test.js
CHANGED
|
@@ -143,11 +143,17 @@ tap.test('controller/api', async (t) => {
|
|
|
143
143
|
);
|
|
144
144
|
t.equal(response.provider, PROVIDER);
|
|
145
145
|
|
|
146
|
-
|
|
146
|
+
let savedConf = await apiController.getConfig({
|
|
147
147
|
clientID: CLIENT_ID,
|
|
148
148
|
});
|
|
149
149
|
t.equal(savedConf.provider, PROVIDER);
|
|
150
150
|
|
|
151
|
+
await apiController.deleteConfig({ clientID: CLIENT_ID });
|
|
152
|
+
savedConf = await apiController.getConfig({
|
|
153
|
+
clientID: CLIENT_ID,
|
|
154
|
+
});
|
|
155
|
+
t.same(savedConf, {});
|
|
156
|
+
|
|
151
157
|
dbutils.keyDigest.restore();
|
|
152
158
|
crypto.randomBytes.restore();
|
|
153
159
|
|