@boxyhq/saml-jackson 0.3.7-beta.682 → 0.3.7-beta.686
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/controller/api.d.ts +8 -4
- package/dist/controller/api.js +15 -5
- package/dist/controller/oauth.js +6 -0
- package/dist/index.js +1 -0
- package/dist/typings.d.ts +1 -0
- package/package.json +1 -1
package/dist/controller/api.d.ts
CHANGED
|
@@ -25,7 +25,7 @@ export declare class APIController implements IAPIController {
|
|
|
25
25
|
* required: true
|
|
26
26
|
* example: cal-saml-config
|
|
27
27
|
* - name: description
|
|
28
|
-
* description: A short description for the config not more than
|
|
28
|
+
* description: A short description for the config not more than 100 characters
|
|
29
29
|
* type: string
|
|
30
30
|
* in: formData
|
|
31
31
|
* example: SAML login for cal.com app
|
|
@@ -77,6 +77,8 @@ export declare class APIController implements IAPIController {
|
|
|
77
77
|
* client_id: 8958e13053832b5af58fdf2ee83f35f5d013dc74
|
|
78
78
|
* client_secret: 13f01f4df5b01770c616e682d14d3ba23f20948cfa89b1d7
|
|
79
79
|
* type: accounts.google.com
|
|
80
|
+
* 400:
|
|
81
|
+
* description: Please provide rawMetadata or encodedRawMetadata | Please provide a defaultRedirectUrl | Please provide redirectUrl | Please provide tenant | Please provide product | Please provide a friendly name | Description should not exceed 100 characters
|
|
80
82
|
* 401:
|
|
81
83
|
* description: Unauthorized
|
|
82
84
|
*/
|
|
@@ -110,7 +112,7 @@ export declare class APIController implements IAPIController {
|
|
|
110
112
|
* required: true
|
|
111
113
|
* example: cal-saml-config
|
|
112
114
|
* - name: description
|
|
113
|
-
* description: A short description for the config not more than
|
|
115
|
+
* description: A short description for the config not more than 100 characters
|
|
114
116
|
* type: string
|
|
115
117
|
* in: formData
|
|
116
118
|
* example: SAML login for cal.com app
|
|
@@ -150,7 +152,7 @@ export declare class APIController implements IAPIController {
|
|
|
150
152
|
* 204:
|
|
151
153
|
* description: Success
|
|
152
154
|
* 400:
|
|
153
|
-
* description: Please provide clientID | Please provide clientSecret | clientSecret mismatch | Tenant/Product config mismatch with IdP metadata
|
|
155
|
+
* description: Please provide clientID | Please provide clientSecret | clientSecret mismatch | Tenant/Product config mismatch with IdP metadata | Description should not exceed 100 characters
|
|
154
156
|
* 401:
|
|
155
157
|
* description: Unauthorized
|
|
156
158
|
*/
|
|
@@ -212,7 +214,7 @@ export declare class APIController implements IAPIController {
|
|
|
212
214
|
* }
|
|
213
215
|
* }
|
|
214
216
|
* '400':
|
|
215
|
-
* description: Please provide `clientID` or `tenant
|
|
217
|
+
* description: Please provide `clientID` or `tenant` and `product`.
|
|
216
218
|
* '401':
|
|
217
219
|
* description: Unauthorized
|
|
218
220
|
*/
|
|
@@ -255,6 +257,8 @@ export declare class APIController implements IAPIController {
|
|
|
255
257
|
* responses:
|
|
256
258
|
* '200':
|
|
257
259
|
* description: Success
|
|
260
|
+
* '400':
|
|
261
|
+
* description: clientSecret mismatch | Please provide `clientID` and `clientSecret` or `tenant` and `product`.'
|
|
258
262
|
* '401':
|
|
259
263
|
* description: Unauthorized
|
|
260
264
|
*/
|
package/dist/controller/api.js
CHANGED
|
@@ -54,7 +54,7 @@ class APIController {
|
|
|
54
54
|
this.configStore = configStore;
|
|
55
55
|
}
|
|
56
56
|
_validateIdPConfig(body) {
|
|
57
|
-
const { encodedRawMetadata, rawMetadata, defaultRedirectUrl, redirectUrl, tenant, product, name } = body;
|
|
57
|
+
const { encodedRawMetadata, rawMetadata, defaultRedirectUrl, redirectUrl, tenant, product, name, description, } = body;
|
|
58
58
|
if (!rawMetadata && !encodedRawMetadata) {
|
|
59
59
|
throw new error_1.JacksonError('Please provide rawMetadata or encodedRawMetadata', 400);
|
|
60
60
|
}
|
|
@@ -73,6 +73,9 @@ class APIController {
|
|
|
73
73
|
if (!name) {
|
|
74
74
|
throw new error_1.JacksonError('Please provide a friendly name', 400);
|
|
75
75
|
}
|
|
76
|
+
if (description && description.length > 100) {
|
|
77
|
+
throw new error_1.JacksonError('Description should not exceed 100 characters', 400);
|
|
78
|
+
}
|
|
76
79
|
}
|
|
77
80
|
/**
|
|
78
81
|
* @swagger
|
|
@@ -94,7 +97,7 @@ class APIController {
|
|
|
94
97
|
* required: true
|
|
95
98
|
* example: cal-saml-config
|
|
96
99
|
* - name: description
|
|
97
|
-
* description: A short description for the config not more than
|
|
100
|
+
* description: A short description for the config not more than 100 characters
|
|
98
101
|
* type: string
|
|
99
102
|
* in: formData
|
|
100
103
|
* example: SAML login for cal.com app
|
|
@@ -146,6 +149,8 @@ class APIController {
|
|
|
146
149
|
* client_id: 8958e13053832b5af58fdf2ee83f35f5d013dc74
|
|
147
150
|
* client_secret: 13f01f4df5b01770c616e682d14d3ba23f20948cfa89b1d7
|
|
148
151
|
* type: accounts.google.com
|
|
152
|
+
* 400:
|
|
153
|
+
* description: Please provide rawMetadata or encodedRawMetadata | Please provide a defaultRedirectUrl | Please provide redirectUrl | Please provide tenant | Please provide product | Please provide a friendly name | Description should not exceed 100 characters
|
|
149
154
|
* 401:
|
|
150
155
|
* description: Unauthorized
|
|
151
156
|
*/
|
|
@@ -233,7 +238,7 @@ class APIController {
|
|
|
233
238
|
* required: true
|
|
234
239
|
* example: cal-saml-config
|
|
235
240
|
* - name: description
|
|
236
|
-
* description: A short description for the config not more than
|
|
241
|
+
* description: A short description for the config not more than 100 characters
|
|
237
242
|
* type: string
|
|
238
243
|
* in: formData
|
|
239
244
|
* example: SAML login for cal.com app
|
|
@@ -273,7 +278,7 @@ class APIController {
|
|
|
273
278
|
* 204:
|
|
274
279
|
* description: Success
|
|
275
280
|
* 400:
|
|
276
|
-
* description: Please provide clientID | Please provide clientSecret | clientSecret mismatch | Tenant/Product config mismatch with IdP metadata
|
|
281
|
+
* description: Please provide clientID | Please provide clientSecret | clientSecret mismatch | Tenant/Product config mismatch with IdP metadata | Description should not exceed 100 characters
|
|
277
282
|
* 401:
|
|
278
283
|
* description: Unauthorized
|
|
279
284
|
*/
|
|
@@ -289,6 +294,9 @@ class APIController {
|
|
|
289
294
|
if (!(clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientSecret)) {
|
|
290
295
|
throw new error_1.JacksonError('Please provide clientSecret', 400);
|
|
291
296
|
}
|
|
297
|
+
if (description && description.length > 100) {
|
|
298
|
+
throw new error_1.JacksonError('Description should not exceed 100 characters', 400);
|
|
299
|
+
}
|
|
292
300
|
const _currentConfig = (_a = (yield this.getConfig(clientInfo))) === null || _a === void 0 ? void 0 : _a.config;
|
|
293
301
|
if (_currentConfig.clientSecret !== (clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientSecret)) {
|
|
294
302
|
throw new error_1.JacksonError('clientSecret mismatch', 400);
|
|
@@ -382,7 +390,7 @@ class APIController {
|
|
|
382
390
|
* }
|
|
383
391
|
* }
|
|
384
392
|
* '400':
|
|
385
|
-
* description: Please provide `clientID` or `tenant
|
|
393
|
+
* description: Please provide `clientID` or `tenant` and `product`.
|
|
386
394
|
* '401':
|
|
387
395
|
* description: Unauthorized
|
|
388
396
|
*/
|
|
@@ -440,6 +448,8 @@ class APIController {
|
|
|
440
448
|
* responses:
|
|
441
449
|
* '200':
|
|
442
450
|
* description: Success
|
|
451
|
+
* '400':
|
|
452
|
+
* description: clientSecret mismatch | Please provide `clientID` and `clientSecret` or `tenant` and `product`.'
|
|
443
453
|
* '401':
|
|
444
454
|
* description: Unauthorized
|
|
445
455
|
*/
|
package/dist/controller/oauth.js
CHANGED
|
@@ -292,6 +292,12 @@ class OAuthController {
|
|
|
292
292
|
throw new error_1.JacksonError('Invalid client_id or client_secret', 401);
|
|
293
293
|
}
|
|
294
294
|
}
|
|
295
|
+
else {
|
|
296
|
+
// encoded client_id, verify client_secret
|
|
297
|
+
if (client_secret !== this.opts.clientSecretVerifier) {
|
|
298
|
+
throw new error_1.JacksonError('Invalid client_secret', 401);
|
|
299
|
+
}
|
|
300
|
+
}
|
|
295
301
|
}
|
|
296
302
|
}
|
|
297
303
|
else if (codeVal && codeVal.session) {
|
package/dist/index.js
CHANGED
|
@@ -45,6 +45,7 @@ const defaultOpts = (opts) => {
|
|
|
45
45
|
newOpts.db.type = newOpts.db.type || 'postgres'; // Only needed if DB_ENGINE is sql.
|
|
46
46
|
newOpts.db.ttl = (newOpts.db.ttl || 300) * 1; // TTL for the code, session and token stores (in seconds)
|
|
47
47
|
newOpts.db.cleanupLimit = (newOpts.db.cleanupLimit || 1000) * 1; // Limit cleanup of TTL entries to this many items at a time
|
|
48
|
+
newOpts.clientSecretVerifier = newOpts.clientSecretVerifier || 'dummy';
|
|
48
49
|
return newOpts;
|
|
49
50
|
};
|
|
50
51
|
const controllers = (opts) => __awaiter(void 0, void 0, void 0, function* () {
|
package/dist/typings.d.ts
CHANGED