@boxyhq/saml-jackson 0.3.7-beta.731 → 0.3.7-beta.744

package/dist/controller/oauth.d.ts

@@ -14,7 +14,6 @@ export declare class OAuthController implements IOAuthController {
     });
     authorize(body: OAuthReqBody): Promise<{
         redirect_url: string;
-        authorize_form: string;
     }>;
     samlResponse(body: SAMLResponsePayload): Promise<{
         redirect_url: string;

package/dist/controller/oauth.js

@@ -121,20 +121,7 @@ class OAuthController {
             if (!allowed.redirect(redirect_uri, samlConfig.redirectUrl)) {
                 throw new error_1.JacksonError('Redirect URL is not allowed.', 403);
             }
-            let ssoUrl;
-            let post = false;
-            const { sso } = samlConfig.idpMetadata;
-            if ('redirectUrl' in sso) {
-                // HTTP Redirect binding
-                ssoUrl = sso.redirectUrl;
-            }
-            else if ('postUrl' in sso) {
-                // HTTP-POST binding
-                ssoUrl = sso.postUrl;
-                post = true;
-            }
             const samlReq = saml_1.default.request({
-                ssoUrl,
                 entityID: this.opts.samlAudience,
                 callbackUrl: this.opts.externalUrl + this.opts.samlPath,
                 signingKey: samlConfig.certs.privateKey,
@@ -148,24 +135,13 @@ class OAuthController {
                 code_challenge,
                 code_challenge_method,
             });
-            const relayState = relayStatePrefix + sessionId;
-            let redirectUrl;
-            let authorizeForm;
-            if (!post) {
-                // HTTP Redirect binding
-                redirectUrl = redirect.success(ssoUrl, {
-                    RelayState: relayState,
-                    SAMLRequest: Buffer.from(yield deflateRawAsync(samlReq.request)).toString('base64'),
-                });
-            }
-            else {
-                // HTTP POST binding
-                authorizeForm = (0, utils_1.createAuthorizeForm)(relayState, encodeURI(Buffer.from(samlReq.request).toString('base64')), ssoUrl);
-            }
-            return {
-                redirect_url: redirectUrl,
-                authorize_form: authorizeForm,
-            };
+            // deepak: When supporting HTTP-POST skip deflate
+            const samlReqEnc = yield deflateRawAsync(samlReq.request);
+            const redirectUrl = redirect.success(samlConfig.idpMetadata.sso.redirectUrl, {
+                RelayState: relayStatePrefix + sessionId,
+                SAMLRequest: Buffer.from(samlReqEnc).toString('base64'),
+            });
+            return { redirect_url: redirectUrl };
         });
     }
     samlResponse(body) {

package/dist/controller/utils.d.ts

@@ -2,4 +2,3 @@ export declare enum IndexNames {
     EntityID = "entityID",
     TenantProduct = "tenantProduct"
 }
-export declare const createAuthorizeForm: (relayState: string, samlReqEnc: string, postUrl: string) => string;

package/dist/controller/utils.js

@@ -1,32 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.createAuthorizeForm = exports.IndexNames = void 0;
+exports.IndexNames = void 0;
 var IndexNames;
 (function (IndexNames) {
     IndexNames["EntityID"] = "entityID";
     IndexNames["TenantProduct"] = "tenantProduct";
 })(IndexNames = exports.IndexNames || (exports.IndexNames = {}));
-const createAuthorizeForm = (relayState, samlReqEnc, postUrl) => {
-    const formElements = [
-        '<!DOCTYPE html>',
-        '<html>',
-        '<head>',
-        '<meta charset="utf-8">',
-        '<meta http-equiv="x-ua-compatible" content="ie=edge">',
-        '</head>',
-        '<body onload="document.forms[0].submit()">',
-        '<noscript>',
-        '<p>Note: Since your browser does not support JavaScript, you must press the Continue button once to proceed.</p>',
-        '</noscript>',
-        '<form method="post" action="' + encodeURI(postUrl) + '">',
-        '<input type="hidden" name="RelayState" value="' + relayState + '"/>',
-        '<input type="hidden" name="SAMLRequest" value="' + samlReqEnc + '"/>',
-        '<input type="submit" value="Continue" />',
-        '</form>',
-        '<script>document.forms[0].style.display="none";</script>',
-        '</body>',
-        '</html>',
-    ];
-    return formElements.join('');
-};
-exports.createAuthorizeForm = createAuthorizeForm;

package/dist/saml/saml.js

@@ -68,7 +68,7 @@ const request = ({ ssoUrl, entityID, callbackUrl, isPassive = false, forceAuthn
             '@ID': id,
             '@Version': '2.0',
             '@IssueInstant': date,
-            '@ProtocolBinding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
+            '@ProtocolBinding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
             '@Destination': ssoUrl,
             'saml:Issuer': {
                 '@xmlns:saml': 'urn:oasis:names:tc:SAML:2.0:assertion',

package/dist/typings.d.ts

@@ -27,8 +27,7 @@ export interface IAPIController {
 }
 export interface IOAuthController {
     authorize(body: OAuthReqBody): Promise<{
-        redirect_url?: string;
-        authorize_form?: string;
+        redirect_url: string;
     }>;
     samlResponse(body: SAMLResponsePayload): Promise<{
         redirect_url: string;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@boxyhq/saml-jackson",
-  "version": "0.3.7-beta.731",
+  "version": "0.3.7-beta.744",
   "description": "SAML 2.0 service",
   "keywords": [
     "SAML 2.0"
@@ -40,6 +40,8 @@
     "@opentelemetry/api-metrics": "0.27.0",
     "@peculiar/webcrypto": "1.2.3",
     "@peculiar/x509": "1.6.1",
+    "cors": "2.8.5",
+    "express": "4.17.2",
     "mongodb": "4.3.1",
     "mysql2": "2.3.3",
     "pg": "8.7.3",
@@ -54,6 +56,7 @@
     "xmlbuilder": "15.1.1"
   },
   "devDependencies": {
+    "@types/express": "4.17.13",
     "@types/node": "17.0.17",
     "@types/sinon": "10.0.11",
     "@types/tap": "15.0.5",