@boxyhq/saml-jackson 0.3.6-beta.644 → 0.3.6-beta.645

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/controller/api.js +0 -4
  2. package/dist/controller/oauth.d.ts +1 -0
  3. package/dist/controller/oauth.js +20 -14
  4. package/dist/controller/utils.d.ts +1 -0
  5. package/dist/controller/utils.js +25 -1
  6. package/dist/index.d.ts +1 -1
  7. package/dist/saml/saml.js +1 -1
  8. package/dist/typings.d.ts +1 -0
  9. package/package.json +1 -5
  10. package/dist/opentelemetry/metrics.d.ts +0 -2
  11. package/dist/opentelemetry/metrics.js +0 -42
package/dist/controller/api.js CHANGED
@@ -34,7 +34,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
34
34
  exports.APIController = void 0;
35
35
  const crypto_1 = __importDefault(require("crypto"));
36
36
  const dbutils = __importStar(require("../db/utils"));
37
- const metrics = __importStar(require("../opentelemetry/metrics"));
38
37
  const saml_1 = __importDefault(require("../saml/saml"));
39
38
  const x509_1 = __importDefault(require("../saml/x509"));
40
39
  const error_1 = require("./error");
@@ -125,7 +124,6 @@ class APIController {
125
124
  config(body) {
126
125
  return __awaiter(this, void 0, void 0, function* () {
127
126
  const { encodedRawMetadata, rawMetadata, defaultRedirectUrl, redirectUrl, tenant, product } = body;
128
- metrics.increment('createConfig');
129
127
  this._validateIdPConfig(body);
130
128
  let metaData = rawMetadata;
131
129
  if (encodedRawMetadata) {
@@ -216,7 +214,6 @@ class APIController {
216
214
  getConfig(body) {
217
215
  return __awaiter(this, void 0, void 0, function* () {
218
216
  const { clientID, tenant, product } = body;
219
- metrics.increment('getConfig');
220
217
  if (clientID) {
221
218
  const samlConfig = yield this.configStore.get(clientID);
222
219
  return samlConfig ? { provider: samlConfig.idpMetadata.provider } : {};
@@ -274,7 +271,6 @@ class APIController {
274
271
  deleteConfig(body) {
275
272
  return __awaiter(this, void 0, void 0, function* () {
276
273
  const { clientID, clientSecret, tenant, product } = body;
277
- metrics.increment('deleteConfig');
278
274
  if (clientID && clientSecret) {
279
275
  const samlConfig = yield this.configStore.get(clientID);
280
276
  if (!samlConfig) {
package/dist/controller/oauth.d.ts CHANGED
@@ -14,6 +14,7 @@ export declare class OAuthController implements IOAuthController {
14
14
  });
15
15
  authorize(body: OAuthReqBody): Promise<{
16
16
  redirect_url: string;
17
+ authorize_form: string;
17
18
  }>;
18
19
  samlResponse(body: SAMLResponsePayload): Promise<{
19
20
  redirect_url: string;
package/dist/controller/oauth.js CHANGED
@@ -33,17 +33,13 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
33
33
  Object.defineProperty(exports, "__esModule", { value: true });
34
34
  exports.OAuthController = void 0;
35
35
  const crypto_1 = __importDefault(require("crypto"));
36
- const util_1 = require("util");
37
- const zlib_1 = require("zlib");
38
36
  const dbutils = __importStar(require("../db/utils"));
39
- const metrics = __importStar(require("../opentelemetry/metrics"));
40
37
  const saml_1 = __importDefault(require("../saml/saml"));
41
38
  const error_1 = require("./error");
42
39
  const allowed = __importStar(require("./oauth/allowed"));
43
40
  const codeVerifier = __importStar(require("./oauth/code-verifier"));
44
41
  const redirect = __importStar(require("./oauth/redirect"));
45
42
  const utils_1 = require("./utils");
46
- const deflateRawAsync = (0, util_1.promisify)(zlib_1.deflateRaw);
47
43
  const relayStatePrefix = 'boxyhq_jackson_';
48
44
  function getEncodedClientId(client_id) {
49
45
  try {
@@ -75,7 +71,6 @@ class OAuthController {
75
71
  const { response_type = 'code', client_id, redirect_uri, state, tenant, product, code_challenge, code_challenge_method = '',
76
72
  // eslint-disable-next-line @typescript-eslint/no-unused-vars
77
73
  provider = 'saml', } = body;
78
- metrics.increment('oauthAuthorize');
79
74
  if (!redirect_uri) {
80
75
  throw new error_1.JacksonError('Please specify a redirect URL.', 400);
81
76
  }
@@ -135,13 +130,26 @@ class OAuthController {
135
130
  code_challenge,
136
131
  code_challenge_method,
137
132
  });
138
- // deepak: When supporting HTTP-POST skip deflate
139
- const samlReqEnc = yield deflateRawAsync(samlReq.request);
140
- const redirectUrl = redirect.success(samlConfig.idpMetadata.sso.redirectUrl, {
141
- RelayState: relayStatePrefix + sessionId,
142
- SAMLRequest: Buffer.from(samlReqEnc).toString('base64'),
143
- });
144
- return { redirect_url: redirectUrl };
133
+ const relayState = relayStatePrefix + sessionId;
134
+ const samlReqEnc = Buffer.from(samlReq.request).toString('base64');
135
+ const { sso } = samlConfig.idpMetadata;
136
+ let redirectUrl = '';
137
+ let authorizeForm = '';
138
+ // HTTP redirect binding
139
+ if ('redirectUrl' in sso) {
140
+ redirectUrl = redirect.success(sso.redirectUrl, {
141
+ RelayState: relayState,
142
+ SAMLRequest: samlReqEnc,
143
+ });
144
+ }
145
+ // HTTP POST binding
146
+ if ('postUrl' in sso) {
147
+ authorizeForm = (0, utils_1.createAuthorizeForm)(relayState, samlReqEnc, sso.postUrl);
148
+ }
149
+ return {
150
+ redirect_url: redirectUrl,
151
+ authorize_form: authorizeForm,
152
+ };
145
153
  });
146
154
  }
147
155
  samlResponse(body) {
@@ -264,7 +272,6 @@ class OAuthController {
264
272
  token(body) {
265
273
  return __awaiter(this, void 0, void 0, function* () {
266
274
  const { client_id, client_secret, code_verifier, code, grant_type = 'authorization_code' } = body;
267
- metrics.increment('oauthToken');
268
275
  if (grant_type !== 'authorization_code') {
269
276
  throw new error_1.JacksonError('Unsupported grant_type', 400);
270
277
  }
@@ -342,7 +349,6 @@ class OAuthController {
342
349
  userInfo(token) {
343
350
  return __awaiter(this, void 0, void 0, function* () {
344
351
  const rsp = yield this.tokenStore.get(token);
345
- metrics.increment('oauthUserInfo');
346
352
  if (!rsp || !rsp.claims) {
347
353
  throw new error_1.JacksonError('Invalid token', 403);
348
354
  }
package/dist/controller/utils.d.ts CHANGED
@@ -2,3 +2,4 @@ export declare enum IndexNames {
2
2
  EntityID = "entityID",
3
3
  TenantProduct = "tenantProduct"
4
4
  }
5
+ export declare const createAuthorizeForm: (relayState: string, samlReqEnc: string, postUrl: string) => string;
package/dist/controller/utils.js CHANGED
@@ -1,8 +1,32 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.IndexNames = void 0;
3
+ exports.createAuthorizeForm = exports.IndexNames = void 0;
4
4
  var IndexNames;
5
5
  (function (IndexNames) {
6
6
  IndexNames["EntityID"] = "entityID";
7
7
  IndexNames["TenantProduct"] = "tenantProduct";
8
8
  })(IndexNames = exports.IndexNames || (exports.IndexNames = {}));
9
+ const createAuthorizeForm = (relayState, samlReqEnc, postUrl) => {
10
+ const formElements = [
11
+ '<!DOCTYPE html>',
12
+ '<html>',
13
+ '<head>',
14
+ '<meta charset="utf-8">',
15
+ '<meta http-equiv="x-ua-compatible" content="ie=edge">',
16
+ '</head>',
17
+ '<body onload="document.forms[0].submit()">',
18
+ '<noscript>',
19
+ '<p>Note: Since your browser does not support JavaScript, you must press the Continue button once to proceed.</p>',
20
+ '</noscript>',
21
+ '<form method="post" action="' + encodeURI(postUrl) + '">',
22
+ '<input type="hidden" name="RelayState" value="' + relayState + '"/>',
23
+ '<input type="hidden" name="SAMLRequest" value="' + samlReqEnc + '"/>',
24
+ '<input type="submit" value="Continue" />',
25
+ '</form>',
26
+ '<script>document.forms[0].style.display="none";</script>',
27
+ '</body>',
28
+ '</html>',
29
+ ];
30
+ return formElements.join('');
31
+ };
32
+ exports.createAuthorizeForm = createAuthorizeForm;
package/dist/index.d.ts CHANGED
@@ -1,6 +1,6 @@
1
+ import { JacksonOption } from './typings';
1
2
  import { APIController } from './controller/api';
2
3
  import { OAuthController } from './controller/oauth';
3
- import { JacksonOption } from './typings';
4
4
  export declare const controllers: (opts: JacksonOption) => Promise<{
5
5
  apiController: APIController;
6
6
  oauthController: OAuthController;
package/dist/saml/saml.js CHANGED
@@ -68,7 +68,7 @@ const request = ({ ssoUrl, entityID, callbackUrl, isPassive = false, forceAuthn
68
68
  '@ID': id,
69
69
  '@Version': '2.0',
70
70
  '@IssueInstant': date,
71
- '@ProtocolBinding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
71
+ '@ProtocolBinding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
72
72
  '@Destination': ssoUrl,
73
73
  'saml:Issuer': {
74
74
  '@xmlns:saml': 'urn:oasis:names:tc:SAML:2.0:assertion',
package/dist/typings.d.ts CHANGED
@@ -28,6 +28,7 @@ export interface IAPIController {
28
28
  export interface IOAuthController {
29
29
  authorize(body: OAuthReqBody): Promise<{
30
30
  redirect_url: string;
31
+ authorize_form: string;
31
32
  }>;
32
33
  samlResponse(body: SAMLResponsePayload): Promise<{
33
34
  redirect_url: string;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@boxyhq/saml-jackson",
3
- "version": "0.3.6-beta.644",
3
+ "version": "0.3.6-beta.645",
4
4
  "description": "SAML 2.0 service",
5
5
  "keywords": [
6
6
  "SAML 2.0"
@@ -37,11 +37,8 @@
37
37
  },
38
38
  "dependencies": {
39
39
  "@boxyhq/saml20": "0.2.0",
40
- "@opentelemetry/api-metrics": "0.27.0",
41
40
  "@peculiar/webcrypto": "1.2.3",
42
41
  "@peculiar/x509": "1.6.1",
43
- "cors": "2.8.5",
44
- "express": "4.17.2",
45
42
  "mongodb": "4.3.1",
46
43
  "mysql2": "2.3.3",
47
44
  "pg": "8.7.3",
@@ -56,7 +53,6 @@
56
53
  "xmlbuilder": "15.1.1"
57
54
  },
58
55
  "devDependencies": {
59
- "@types/express": "4.17.13",
60
56
  "@types/node": "17.0.16",
61
57
  "@types/sinon": "10.0.11",
62
58
  "@types/tap": "15.0.5",
package/dist/opentelemetry/metrics.d.ts DELETED
@@ -1,2 +0,0 @@
1
- declare const increment: (action: string) => void;
2
- export { increment };
package/dist/opentelemetry/metrics.js DELETED
@@ -1,42 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.increment = void 0;
4
- const api_metrics_1 = require("@opentelemetry/api-metrics");
5
- const counters = {
6
- createConfig: {
7
- name: 'saml.config.create',
8
- description: 'Number of SAML config create requests',
9
- },
10
- getConfig: {
11
- name: 'saml.config.get',
12
- description: 'Number of SAML config get requests',
13
- },
14
- deleteConfig: {
15
- name: 'saml.config.delete',
16
- description: 'Number of SAML config delete requests',
17
- },
18
- oauthAuthorize: {
19
- name: 'saml.oauth.authorize',
20
- description: 'Number of SAML oauth authorize requests',
21
- },
22
- oauthToken: {
23
- name: 'saml.oauth.token',
24
- description: 'Number of SAML oauth token requests',
25
- },
26
- oauthUserInfo: {
27
- name: 'saml.oauth.userinfo',
28
- description: 'Number of SAML oauth user info requests',
29
- }
30
- };
31
- const createCounter = (action) => {
32
- const meter = api_metrics_1.metrics.getMeterProvider().getMeter('saml-jackson');
33
- const counter = counters[action];
34
- return meter.createCounter(counter.name, {
35
- description: counter.description,
36
- });
37
- };
38
- const increment = (action) => {
39
- const counter = createCounter(action);
40
- counter.add(1);
41
- };
42
- exports.increment = increment;