@boxyhq/saml-jackson 0.3.8-beta.763 → 0.3.8

package/dist/controller/api.d.ts

@@ -18,23 +18,10 @@ export declare class APIController implements IAPIController {
      *     consumes:
      *       - application/x-www-form-urlencoded
      *     parameters:
-     *       - name: name
-     *         description: Name/identifier for the config
-     *         type: string
-     *         in: formData
-     *         example: cal-saml-config
-     *       - name: description
-     *         description: A short description for the config not more than 100 characters
-     *         type: string
-     *         in: formData
-     *         example: SAML login for cal.com app
      *       - name: encodedRawMetadata
      *         description: Base64 encoding of the XML metadata
      *         in: formData
-     *         type: string
-     *       - name: rawMetadata
-     *         description: Raw XML metadata
-     *         in: formData
+     *         required: true
      *         type: string
      *       - name: defaultRedirectUrl
      *         description: The redirect URL to use in the IdP login flow
@@ -76,85 +63,10 @@ export declare class APIController implements IAPIController {
      *             client_id: 8958e13053832b5af58fdf2ee83f35f5d013dc74
      *             client_secret: 13f01f4df5b01770c616e682d14d3ba23f20948cfa89b1d7
      *             type: accounts.google.com
-     *       400:
-     *         description: Please provide rawMetadata or encodedRawMetadata | Please provide a defaultRedirectUrl | Please provide redirectUrl | Please provide tenant | Please provide product | Please provide a friendly name | Description should not exceed 100 characters
      *       401:
      *         description: Unauthorized
      */
     config(body: IdPConfig): Promise<OAuth>;
-    /**
-     * @swagger
-     *
-     * /api/v1/saml/config:
-     *   patch:
-     *     summary: Update SAML configuration
-     *     operationId: update-saml-config
-     *     tags: [SAML Config]
-     *     consumes:
-     *       - application/json
-     *       - application/x-www-form-urlencoded
-     *     parameters:
-     *       - name: clientID
-     *         description: Client ID for the config
-     *         type: string
-     *         in: formData
-     *         required: true
-     *       - name: clientSecret
-     *         description: Client Secret for the config
-     *         type: string
-     *         in: formData
-     *         required: true
-     *       - name: name
-     *         description: Name/identifier for the config
-     *         type: string
-     *         in: formData
-     *         example: cal-saml-config
-     *       - name: description
-     *         description: A short description for the config not more than 100 characters
-     *         type: string
-     *         in: formData
-     *         example: SAML login for cal.com app
-     *       - name: encodedRawMetadata
-     *         description: Base64 encoding of the XML metadata
-     *         in: formData
-     *         type: string
-     *       - name: rawMetadata
-     *         description: Raw XML metadata
-     *         in: formData
-     *         type: string
-     *       - name: defaultRedirectUrl
-     *         description: The redirect URL to use in the IdP login flow
-     *         in: formData
-     *         required: true
-     *         type: string
-     *         example: http://localhost:3000/login/saml
-     *       - name: redirectUrl
-     *         description: JSON encoded array containing a list of allowed redirect URLs
-     *         in: formData
-     *         required: true
-     *         type: string
-     *         example: '["http://localhost:3000/*"]'
-     *       - name: tenant
-     *         description: Tenant
-     *         in: formData
-     *         required: true
-     *         type: string
-     *         example: boxyhq.com
-     *       - name: product
-     *         description: Product
-     *         in: formData
-     *         required: true
-     *         type: string
-     *         example: demo
-     *     responses:
-     *       204:
-     *         description: Success
-     *       400:
-     *         description: Please provide clientID | Please provide clientSecret | clientSecret mismatch | Tenant/Product config mismatch with IdP metadata | Description should not exceed 100 characters
-     *       401:
-     *         description: Unauthorized
-     */
-    updateConfig(body: any): Promise<void>;
     /**
      * @swagger
      *
@@ -184,35 +96,11 @@ export declare class APIController implements IAPIController {
      *         description: Success
      *         schema:
      *           type: object
+     *           properties:
+     *             provider:
+     *               type: string
      *           example:
-     *             {
-     *               "config": {
-     *                 "idpMetadata": {
-     *                   "sso": {
-     *                     "postUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxxx/sso/saml",
-     *                     "redirectUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxxx/sso/saml"
-     *                   },
-     *                   "entityID": "http://www.okta.com/xxxxxxxxxxxxx",
-     *                   "thumbprint": "Eo+eUi3UM3XIMkFFtdVK3yJ5vO9f7YZdasdasdad",
-     *                   "loginType": "idp",
-     *                   "provider": "okta.com"
-     *                 },
-     *                 "defaultRedirectUrl": "https://hoppscotch.io/",
-     *                 "redirectUrl": ["https://hoppscotch.io/"],
-     *                 "tenant": "hoppscotch.io",
-     *                 "product": "API Engine",
-     *                 "name": "Hoppscotch-SP",
-     *                 "description": "SP for hoppscotch.io",
-     *                 "clientID": "Xq8AJt3yYAxmXizsCWmUBDRiVP1iTC8Y/otnvFIMitk",
-     *                 "clientSecret": "00e3e11a3426f97d8000000738300009130cd45419c5943",
-     *                 "certs": {
-     *                   "publicKey": "-----BEGIN CERTIFICATE-----.......-----END CERTIFICATE-----",
-     *                   "privateKey": "-----BEGIN PRIVATE KEY-----......-----END PRIVATE KEY-----"
-     *                 }
-     *               }
-     *             }
-     *       '400':
-     *         description: Please provide `clientID` or `tenant` and `product`.
+     *             type: accounts.google.com
      *       '401':
      *         description: Unauthorized
      */
@@ -220,7 +108,7 @@ export declare class APIController implements IAPIController {
         clientID: string;
         tenant: string;
         product: string;
-    }): Promise<any>;
+    }): Promise<Partial<OAuth>>;
     /**
      * @swagger
      * /api/v1/saml/config:
@@ -255,8 +143,6 @@ export declare class APIController implements IAPIController {
      *     responses:
      *       '200':
      *         description: Success
-     *       '400':
-     *         description: clientSecret mismatch | Please provide `clientID` and `clientSecret` or `tenant` and `product`.'
      *       '401':
      *         description: Unauthorized
      */

package/dist/controller/api.js

@@ -27,17 +27,6 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
-var __rest = (this && this.__rest) || function (s, e) {
-    var t = {};
-    for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
-        t[p] = s[p];
-    if (s != null && typeof Object.getOwnPropertySymbols === "function")
-        for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
-            if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
-                t[p[i]] = s[p[i]];
-        }
-    return t;
-};
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
@@ -55,7 +44,7 @@ class APIController {
         this.configStore = configStore;
     }
     _validateIdPConfig(body) {
-        const { encodedRawMetadata, rawMetadata, defaultRedirectUrl, redirectUrl, tenant, product, description } = body;
+        const { encodedRawMetadata, rawMetadata, defaultRedirectUrl, redirectUrl, tenant, product } = body;
         if (!rawMetadata && !encodedRawMetadata) {
             throw new error_1.JacksonError('Please provide rawMetadata or encodedRawMetadata', 400);
         }
@@ -71,9 +60,6 @@ class APIController {
         if (!product) {
             throw new error_1.JacksonError('Please provide product', 400);
         }
-        if (description && description.length > 100) {
-            throw new error_1.JacksonError('Description should not exceed 100 characters', 400);
-        }
     }
     /**
      * @swagger
@@ -88,23 +74,10 @@ class APIController {
      *     consumes:
      *       - application/x-www-form-urlencoded
      *     parameters:
-     *       - name: name
-     *         description: Name/identifier for the config
-     *         type: string
-     *         in: formData
-     *         example: cal-saml-config
-     *       - name: description
-     *         description: A short description for the config not more than 100 characters
-     *         type: string
-     *         in: formData
-     *         example: SAML login for cal.com app
      *       - name: encodedRawMetadata
      *         description: Base64 encoding of the XML metadata
      *         in: formData
-     *         type: string
-     *       - name: rawMetadata
-     *         description: Raw XML metadata
-     *         in: formData
+     *         required: true
      *         type: string
      *       - name: defaultRedirectUrl
      *         description: The redirect URL to use in the IdP login flow
@@ -146,14 +119,12 @@ class APIController {
      *             client_id: 8958e13053832b5af58fdf2ee83f35f5d013dc74
      *             client_secret: 13f01f4df5b01770c616e682d14d3ba23f20948cfa89b1d7
      *             type: accounts.google.com
-     *       400:
-     *         description: Please provide rawMetadata or encodedRawMetadata | Please provide a defaultRedirectUrl | Please provide redirectUrl | Please provide tenant | Please provide product | Please provide a friendly name | Description should not exceed 100 characters
      *       401:
      *         description: Unauthorized
      */
     config(body) {
         return __awaiter(this, void 0, void 0, function* () {
-            const { encodedRawMetadata, rawMetadata, defaultRedirectUrl, redirectUrl, tenant, product, name, description, } = body;
+            const { encodedRawMetadata, rawMetadata, defaultRedirectUrl, redirectUrl, tenant, product } = body;
             metrics.increment('createConfig');
             this._validateIdPConfig(body);
             let metaData = rawMetadata;
@@ -186,8 +157,6 @@ class APIController {
                 redirectUrl: JSON.parse(redirectUrl),
                 tenant,
                 product,
-                name,
-                description,
                 clientID,
                 clientSecret,
                 certs,
@@ -207,129 +176,6 @@ class APIController {
             };
         });
     }
-    /**
-     * @swagger
-     *
-     * /api/v1/saml/config:
-     *   patch:
-     *     summary: Update SAML configuration
-     *     operationId: update-saml-config
-     *     tags: [SAML Config]
-     *     consumes:
-     *       - application/json
-     *       - application/x-www-form-urlencoded
-     *     parameters:
-     *       - name: clientID
-     *         description: Client ID for the config
-     *         type: string
-     *         in: formData
-     *         required: true
-     *       - name: clientSecret
-     *         description: Client Secret for the config
-     *         type: string
-     *         in: formData
-     *         required: true
-     *       - name: name
-     *         description: Name/identifier for the config
-     *         type: string
-     *         in: formData
-     *         example: cal-saml-config
-     *       - name: description
-     *         description: A short description for the config not more than 100 characters
-     *         type: string
-     *         in: formData
-     *         example: SAML login for cal.com app
-     *       - name: encodedRawMetadata
-     *         description: Base64 encoding of the XML metadata
-     *         in: formData
-     *         type: string
-     *       - name: rawMetadata
-     *         description: Raw XML metadata
-     *         in: formData
-     *         type: string
-     *       - name: defaultRedirectUrl
-     *         description: The redirect URL to use in the IdP login flow
-     *         in: formData
-     *         required: true
-     *         type: string
-     *         example: http://localhost:3000/login/saml
-     *       - name: redirectUrl
-     *         description: JSON encoded array containing a list of allowed redirect URLs
-     *         in: formData
-     *         required: true
-     *         type: string
-     *         example: '["http://localhost:3000/*"]'
-     *       - name: tenant
-     *         description: Tenant
-     *         in: formData
-     *         required: true
-     *         type: string
-     *         example: boxyhq.com
-     *       - name: product
-     *         description: Product
-     *         in: formData
-     *         required: true
-     *         type: string
-     *         example: demo
-     *     responses:
-     *       204:
-     *         description: Success
-     *       400:
-     *         description: Please provide clientID | Please provide clientSecret | clientSecret mismatch | Tenant/Product config mismatch with IdP metadata | Description should not exceed 100 characters
-     *       401:
-     *         description: Unauthorized
-     */
-    updateConfig(body) {
-        var _a;
-        return __awaiter(this, void 0, void 0, function* () {
-            const { encodedRawMetadata, // could be empty
-            rawMetadata, // could be empty
-            defaultRedirectUrl, redirectUrl, name, description } = body, clientInfo = __rest(body, ["encodedRawMetadata", "rawMetadata", "defaultRedirectUrl", "redirectUrl", "name", "description"]);
-            if (!(clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientID)) {
-                throw new error_1.JacksonError('Please provide clientID', 400);
-            }
-            if (!(clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientSecret)) {
-                throw new error_1.JacksonError('Please provide clientSecret', 400);
-            }
-            if (description && description.length > 100) {
-                throw new error_1.JacksonError('Description should not exceed 100 characters', 400);
-            }
-            const _currentConfig = (_a = (yield this.getConfig(clientInfo))) === null || _a === void 0 ? void 0 : _a.config;
-            if (_currentConfig.clientSecret !== (clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientSecret)) {
-                throw new error_1.JacksonError('clientSecret mismatch', 400);
-            }
-            let metaData = rawMetadata;
-            if (encodedRawMetadata) {
-                metaData = Buffer.from(encodedRawMetadata, 'base64').toString();
-            }
-            let newMetadata;
-            if (metaData) {
-                newMetadata = yield saml_1.default.parseMetadataAsync(metaData);
-                // extract provider
-                let providerName = extractHostName(newMetadata.entityID);
-                if (!providerName) {
-                    providerName = extractHostName(newMetadata.sso.redirectUrl || newMetadata.sso.postUrl);
-                }
-                newMetadata.provider = providerName ? providerName : 'Unknown';
-            }
-            if (newMetadata) {
-                // check if clientID matches with new metadata payload
-                const clientID = dbutils.keyDigest(dbutils.keyFromParts(clientInfo.tenant, clientInfo.product, newMetadata.entityID));
-                if (clientID !== (clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientID)) {
-                    throw new error_1.JacksonError('Tenant/Product config mismatch with IdP metadata', 400);
-                }
-            }
-            yield this.configStore.put(clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientID, Object.assign(Object.assign({}, _currentConfig), { name: name ? name : _currentConfig.name, description: description ? description : _currentConfig.description, idpMetadata: newMetadata ? newMetadata : _currentConfig.idpMetadata, defaultRedirectUrl: defaultRedirectUrl ? defaultRedirectUrl : _currentConfig.defaultRedirectUrl, redirectUrl: redirectUrl ? JSON.parse(redirectUrl) : _currentConfig.redirectUrl }), {
-                // secondary index on entityID
-                name: utils_1.IndexNames.EntityID,
-                value: _currentConfig.idpMetadata.entityID,
-            }, {
-                // secondary index on tenant + product
-                name: utils_1.IndexNames.TenantProduct,
-                value: dbutils.keyFromParts(_currentConfig.tenant, _currentConfig.product),
-            });
-        });
-    }
     /**
      * @swagger
      *
@@ -359,35 +205,11 @@ class APIController {
      *         description: Success
      *         schema:
      *           type: object
+     *           properties:
+     *             provider:
+     *               type: string
      *           example:
-     *             {
-     *               "config": {
-     *                 "idpMetadata": {
-     *                   "sso": {
-     *                     "postUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxxx/sso/saml",
-     *                     "redirectUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxxx/sso/saml"
-     *                   },
-     *                   "entityID": "http://www.okta.com/xxxxxxxxxxxxx",
-     *                   "thumbprint": "Eo+eUi3UM3XIMkFFtdVK3yJ5vO9f7YZdasdasdad",
-     *                   "loginType": "idp",
-     *                   "provider": "okta.com"
-     *                 },
-     *                 "defaultRedirectUrl": "https://hoppscotch.io/",
-     *                 "redirectUrl": ["https://hoppscotch.io/"],
-     *                 "tenant": "hoppscotch.io",
-     *                 "product": "API Engine",
-     *                 "name": "Hoppscotch-SP",
-     *                 "description": "SP for hoppscotch.io",
-     *                 "clientID": "Xq8AJt3yYAxmXizsCWmUBDRiVP1iTC8Y/otnvFIMitk",
-     *                 "clientSecret": "00e3e11a3426f97d8000000738300009130cd45419c5943",
-     *                 "certs": {
-     *                   "publicKey": "-----BEGIN CERTIFICATE-----.......-----END CERTIFICATE-----",
-     *                   "privateKey": "-----BEGIN PRIVATE KEY-----......-----END PRIVATE KEY-----"
-     *                 }
-     *               }
-     *             }
-     *       '400':
-     *         description: Please provide `clientID` or `tenant` and `product`.
+     *             type: accounts.google.com
      *       '401':
      *         description: Unauthorized
      */
@@ -397,7 +219,7 @@ class APIController {
             metrics.increment('getConfig');
             if (clientID) {
                 const samlConfig = yield this.configStore.get(clientID);
-                return samlConfig ? { config: samlConfig } : {};
+                return samlConfig ? { provider: samlConfig.idpMetadata.provider } : {};
             }
             if (tenant && product) {
                 const samlConfigs = yield this.configStore.getByIndex({
@@ -407,7 +229,7 @@ class APIController {
                 if (!samlConfigs || !samlConfigs.length) {
                     return {};
                 }
-                return { config: samlConfigs[0] };
+                return { provider: samlConfigs[0].idpMetadata.provider };
             }
             throw new error_1.JacksonError('Please provide `clientID` or `tenant` and `product`.', 400);
         });
@@ -446,8 +268,6 @@ class APIController {
      *     responses:
      *       '200':
      *         description: Success
-     *       '400':
-     *         description: clientSecret mismatch | Please provide `clientID` and `clientSecret` or `tenant` and `product`.'
      *       '401':
      *         description: Unauthorized
      */
@@ -464,7 +284,7 @@ class APIController {
                     yield this.configStore.delete(clientID);
                 }
                 else {
-                    throw new error_1.JacksonError('clientSecret mismatch', 400);
+                    throw new error_1.JacksonError('clientSecret mismatch.', 400);
                 }
                 return;
             }

package/dist/controller/oauth.js

@@ -138,6 +138,7 @@ class OAuthController {
                 entityID: this.opts.samlAudience,
                 callbackUrl: this.opts.externalUrl + this.opts.samlPath,
                 signingKey: samlConfig.certs.privateKey,
+                publicKey: samlConfig.certs.publicKey,
             });
             const sessionId = crypto_1.default.randomBytes(16).toString('hex');
             yield this.sessionStore.put(sessionId, {

package/dist/db/db.d.ts

@@ -4,7 +4,6 @@ declare class DB implements DatabaseDriver {
     private encryptionKey;
     constructor(db: DatabaseDriver, encryptionKey: EncryptionKey);
     get(namespace: string, key: string): Promise<unknown>;
-    getAll(namespace: any): Promise<unknown[]>;
     getByIndex(namespace: string, idx: Index): Promise<unknown[]>;
     put(namespace: string, key: string, val: unknown, ttl?: number, ...indexes: Index[]): Promise<unknown>;
     delete(namespace: string, key: string): Promise<unknown>;

package/dist/db/db.js

@@ -57,15 +57,6 @@ class DB {
             return decrypt(res, this.encryptionKey);
         });
     }
-    getAll(namespace) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const res = (yield this.db.getAll(namespace));
-            const encryptionKey = this.encryptionKey;
-            return res.map((r) => {
-                return decrypt(r, encryptionKey);
-            });
-        });
-    }
     getByIndex(namespace, idx) {
         return __awaiter(this, void 0, void 0, function* () {
             const res = yield this.db.getByIndex(namespace, idx);

package/dist/db/mem.d.ts

@@ -10,7 +10,6 @@ declare class Mem implements DatabaseDriver {
     constructor(options: DatabaseOption);
     init(): Promise<Mem>;
     get(namespace: string, key: string): Promise<any>;
-    getAll(namespace: string): Promise<unknown[]>;
     getByIndex(namespace: string, idx: Index): Promise<any>;
     put(namespace: string, key: string, val: Encrypted, ttl?: number, ...indexes: any[]): Promise<any>;
     delete(namespace: string, key: string): Promise<any>;

package/dist/db/mem.js

@@ -66,21 +66,6 @@ class Mem {
             return null;
         });
     }
-    getAll(namespace) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const returnValue = [];
-            if (namespace) {
-                for (const key in this.store) {
-                    if (key.startsWith(namespace)) {
-                        returnValue.push(this.store[key]);
-                    }
-                }
-            }
-            if (returnValue)
-                return returnValue;
-            return [];
-        });
-    }
     getByIndex(namespace, idx) {
         return __awaiter(this, void 0, void 0, function* () {
             const dbKeys = yield this.indexes[dbutils.keyForIndex(namespace, idx)];
@@ -95,10 +80,6 @@ class Mem {
         return __awaiter(this, void 0, void 0, function* () {
             const k = dbutils.key(namespace, key);
             this.store[k] = val;
-            if (!Date.parse(this.store['createdAt']))
-                this.store['createdAt'] = new Date().toISOString();
-            this.store['modifiedAt'] = new Date().toISOString();
-            // console.log(this.store)
             if (ttl) {
                 this.ttlStore[k] = {
                     namespace,

package/dist/db/mongo.d.ts

@@ -7,7 +7,6 @@ declare class Mongo implements DatabaseDriver {
     constructor(options: DatabaseOption);
     init(): Promise<Mongo>;
     get(namespace: string, key: string): Promise<any>;
-    getAll(namespace: string): Promise<unknown[]>;
     getByIndex(namespace: string, idx: Index): Promise<any>;
     put(namespace: string, key: string, val: Encrypted, ttl?: number, ...indexes: any[]): Promise<void>;
     delete(namespace: string, key: string): Promise<any>;

package/dist/db/mongo.js

@@ -36,16 +36,8 @@ class Mongo {
     }
     init() {
         return __awaiter(this, void 0, void 0, function* () {
-            try {
-                if (!this.options.url) {
-                    throw Error('Please specify a db url');
-                }
-                this.client = new mongodb_1.MongoClient(this.options.url);
-                yield this.client.connect();
-            }
-            catch (err) {
-                console.error(`error connecting to ${this.options.type} db: ${err}`);
-            }
+            this.client = new mongodb_1.MongoClient(this.options.url);
+            yield this.client.connect();
             this.db = this.client.db();
             this.collection = this.db.collection('jacksonStore');
             yield this.collection.createIndex({ indexes: 1 });
@@ -64,15 +56,6 @@ class Mongo {
             return null;
         });
     }
-    getAll(namespace) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const _namespaceMatch = new RegExp(`^${namespace}:.*`);
-            const docs = yield this.collection.find({ _id: _namespaceMatch }).toArray();
-            if (docs)
-                return docs.map(({ value }) => value);
-            return [];
-        });
-    }
     getByIndex(namespace, idx) {
         return __awaiter(this, void 0, void 0, function* () {
             const docs = yield this.collection
@@ -103,12 +86,8 @@ class Mongo {
                 }
                 doc.indexes.push(idxKey);
             }
-            doc.modifiedAt = new Date().toISOString();
             yield this.collection.updateOne({ _id: dbutils.key(namespace, key) }, {
                 $set: doc,
-                $setOnInsert: {
-                    createdAt: new Date().toISOString(),
-                },
             }, { upsert: true });
         });
     }

package/dist/db/redis.d.ts

@@ -5,7 +5,6 @@ declare class Redis implements DatabaseDriver {
     constructor(options: DatabaseOption);
     init(): Promise<Redis>;
     get(namespace: string, key: string): Promise<any>;
-    getAll(namespace: string): Promise<unknown[]>;
     getByIndex(namespace: string, idx: Index): Promise<any>;
     put(namespace: string, key: string, val: Encrypted, ttl?: number, ...indexes: any[]): Promise<void>;
     delete(namespace: string, key: string): Promise<any>;

package/dist/db/redis.js

@@ -57,26 +57,6 @@ class Redis {
             return null;
         });
     }
-    getAll(namespace) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const keys = yield this.client.sendCommand(['keys', namespace + ':*']);
-            const returnValue = [];
-            for (let i = 0; i < keys.length; i++) {
-                try {
-                    if (this.client.get(keys[i])) {
-                        const value = yield this.client.get(keys[i]);
-                        returnValue.push(JSON.parse(value));
-                    }
-                }
-                catch (error) {
-                    console.error(error);
-                }
-            }
-            if (returnValue)
-                return returnValue;
-            return [];
-        });
-    }
     getByIndex(namespace, idx) {
         return __awaiter(this, void 0, void 0, function* () {
             const dbKeys = yield this.client.sMembers(dbutils.keyForIndex(namespace, idx));

package/dist/db/sql/entity/JacksonStore.d.ts

@@ -3,6 +3,4 @@ export declare class JacksonStore {
     value: string;
     iv?: string;
     tag?: string;
-    createdAt?: Date;
-    modifiedAt?: string;
 }

package/dist/db/sql/entity/JacksonStore.js

@@ -36,19 +36,6 @@ __decorate([
         nullable: true,
     })
 ], JacksonStore.prototype, "tag", void 0);
-__decorate([
-    (0, typeorm_1.Column)({
-        type: 'timestamp',
-        default: () => 'CURRENT_TIMESTAMP',
-        nullable: false,
-    })
-], JacksonStore.prototype, "createdAt", void 0);
-__decorate([
-    (0, typeorm_1.Column)({
-        type: 'timestamp',
-        nullable: true,
-    })
-], JacksonStore.prototype, "modifiedAt", void 0);
 JacksonStore = __decorate([
     (0, typeorm_1.Entity)()
 ], JacksonStore);

package/dist/db/sql/sql.d.ts

@@ -10,7 +10,6 @@ declare class Sql implements DatabaseDriver {
     constructor(options: DatabaseOption);
     init(): Promise<Sql>;
     get(namespace: string, key: string): Promise<any>;
-    getAll(namespace: string): Promise<unknown[]>;
     getByIndex(namespace: string, idx: Index): Promise<any>;
     put(namespace: string, key: string, val: Encrypted, ttl?: number, ...indexes: any[]): Promise<void>;
     delete(namespace: string, key: string): Promise<any>;

package/dist/db/sql/sql.js

@@ -95,7 +95,7 @@ class Sql {
     }
     get(namespace, key) {
         return __awaiter(this, void 0, void 0, function* () {
-            const res = yield this.storeRepository.findOne({
+            let res = yield this.storeRepository.findOne({
                 key: dbutils.key(namespace, key),
             });
             if (res && res.value) {
@@ -108,22 +108,6 @@ class Sql {
             return null;
         });
     }
-    getAll(namespace) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const response = yield this.storeRepository.find({
-                where: { key: (0, typeorm_1.Like)(`%${namespace}%`) },
-                select: ['value', 'iv', 'tag'],
-                order: {
-                    ['createdAt']: 'DESC',
-                    // ['createdAt']: 'ASC',
-                },
-            });
-            const returnValue = JSON.parse(JSON.stringify(response));
-            if (returnValue)
-                return returnValue;
-            return [];
-        });
-    }
     getByIndex(namespace, idx) {
         return __awaiter(this, void 0, void 0, function* () {
             const res = yield this.indexRepository.find({
@@ -151,7 +135,6 @@ class Sql {
                 store.value = val.value;
                 store.iv = val.iv;
                 store.tag = val.tag;
-                store.modifiedAt = new Date().toISOString();
                 yield transactionalEntityManager.save(store);
                 if (ttl) {
                     const ttlRec = new JacksonTTL_1.JacksonTTL();

package/dist/db/store.js

@@ -40,11 +40,6 @@ class Store {
             return yield this.db.get(this.namespace, dbutils.keyDigest(key));
         });
     }
-    getAll() {
-        return __awaiter(this, void 0, void 0, function* () {
-            return yield this.db.getAll(this.namespace);
-        });
-    }
     getByIndex(idx) {
         return __awaiter(this, void 0, void 0, function* () {
             idx.value = dbutils.keyDigest(idx.value);

package/dist/index.d.ts

@@ -1,11 +1,9 @@
 import { APIController } from './controller/api';
 import { OAuthController } from './controller/oauth';
-import { AdminController } from './controller/admin';
 import { JacksonOption } from './typings';
 export declare const controllers: (opts: JacksonOption) => Promise<{
     apiController: APIController;
     oauthController: OAuthController;
-    adminController: AdminController;
 }>;
 export default controllers;
 export * from './typings';

package/dist/index.js

@@ -25,7 +25,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.controllers = void 0;
 const api_1 = require("./controller/api");
 const oauth_1 = require("./controller/oauth");
-const admin_1 = require("./controller/admin");
 const db_1 = __importDefault(require("./db/db"));
 const read_config_1 = __importDefault(require("./read-config"));
 const defaultOpts = (opts) => {
@@ -56,7 +55,6 @@ const controllers = (opts) => __awaiter(void 0, void 0, void 0, function* () {
     const codeStore = db.store('oauth:code', opts.db.ttl);
     const tokenStore = db.store('oauth:token', opts.db.ttl);
     const apiController = new api_1.APIController({ configStore });
-    const adminController = new admin_1.AdminController({ configStore });
     const oauthController = new oauth_1.OAuthController({
         configStore,
         sessionStore,
@@ -77,7 +75,6 @@ const controllers = (opts) => __awaiter(void 0, void 0, void 0, function* () {
     return {
         apiController,
         oauthController,
-        adminController,
     };
 });
 exports.controllers = controllers;

package/dist/saml/saml.d.ts

@@ -1,6 +1,7 @@
 import { SAMLProfile, SAMLReq } from '../typings';
+export declare const stripCertHeaderAndFooter: (cert: string) => string;
 declare const _default: {
-    request: ({ ssoUrl, entityID, callbackUrl, isPassive, forceAuthn, identifierFormat, providerName, signingKey, }: SAMLReq) => {
+    request: ({ ssoUrl, entityID, callbackUrl, isPassive, forceAuthn, identifierFormat, providerName, signingKey, publicKey, }: SAMLReq) => {
         id: string;
         request: string;
     };

package/dist/saml/saml.js

@@ -31,6 +31,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.stripCertHeaderAndFooter = void 0;
 const saml20_1 = __importDefault(require("@boxyhq/saml20"));
 const xml2js_1 = __importDefault(require("xml2js"));
 const thumbprint_1 = __importDefault(require("thumbprint"));
@@ -42,7 +43,32 @@ const claims_1 = __importDefault(require("./claims"));
 const idPrefix = '_';
 const authnXPath = '/*[local-name(.)="AuthnRequest" and namespace-uri(.)="urn:oasis:names:tc:SAML:2.0:protocol"]';
 const issuerXPath = '/*[local-name(.)="Issuer" and namespace-uri(.)="urn:oasis:names:tc:SAML:2.0:assertion"]';
-const signRequest = (xml, signingKey) => {
+const stripCertHeaderAndFooter = (cert) => {
+    cert = cert.replace(/-+BEGIN CERTIFICATE-+\r?\n?/, '');
+    cert = cert.replace(/-+END CERTIFICATE-+\r?\n?/, '');
+    cert = cert.replace(/\r\n/g, '\n');
+    return cert;
+};
+exports.stripCertHeaderAndFooter = stripCertHeaderAndFooter;
+function PubKeyInfo(pubKey) {
+    this.pubKey = (0, exports.stripCertHeaderAndFooter)(pubKey);
+    this.getKeyInfo = function (_key, prefix) {
+        prefix = prefix || '';
+        prefix = prefix ? prefix + ':' : prefix;
+        return ('<' +
+            prefix +
+            'X509Data><' +
+            prefix +
+            'X509Certificate>' +
+            this.pubKey +
+            '</' +
+            prefix +
+            'X509Certificate></' +
+            prefix +
+            'X509Data>');
+    };
+}
+const signRequest = (xml, signingKey, publicKey) => {
     if (!xml) {
         throw new Error('Please specify xml');
     }
@@ -51,6 +77,7 @@ const signRequest = (xml, signingKey) => {
     }
     const sig = new xml_crypto_1.default.SignedXml();
     sig.signatureAlgorithm = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256';
+    sig.keyInfoProvider = new PubKeyInfo(publicKey);
     sig.signingKey = signingKey;
     sig.addReference(authnXPath, ['http://www.w3.org/2000/09/xmldsig#enveloped-signature', 'http://www.w3.org/2001/10/xml-exc-c14n#'], 'http://www.w3.org/2001/04/xmlenc#sha256');
     sig.computeSignature(xml, {
@@ -58,7 +85,7 @@ const signRequest = (xml, signingKey) => {
     });
     return sig.getSignedXml();
 };
-const request = ({ ssoUrl, entityID, callbackUrl, isPassive = false, forceAuthn = false, identifierFormat = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress', providerName = 'BoxyHQ', signingKey, }) => {
+const request = ({ ssoUrl, entityID, callbackUrl, isPassive = false, forceAuthn = false, identifierFormat = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress', providerName = 'BoxyHQ', signingKey, publicKey, }) => {
     const id = idPrefix + crypto_1.default.randomBytes(10).toString('hex');
     const date = new Date().toISOString();
     // eslint-disable-next-line @typescript-eslint/no-explicit-any
@@ -92,7 +119,7 @@ const request = ({ ssoUrl, entityID, callbackUrl, isPassive = false, forceAuthn
     }
     let xml = xmlbuilder_1.default.create(samlReq).end({});
     if (signingKey) {
-        xml = signRequest(xml, signingKey);
+        xml = signRequest(xml, signingKey, publicKey);
     }
     return {
         id,

package/dist/typings.d.ts

@@ -3,8 +3,6 @@ export declare type IdPConfig = {
     redirectUrl: string;
     tenant: string;
     product: string;
-    name: string;
-    description: string;
     rawMetadata?: string;
     encodedRawMetadata?: string;
 };
@@ -15,12 +13,11 @@ export interface OAuth {
 }
 export interface IAPIController {
     config(body: IdPConfig): Promise<OAuth>;
-    updateConfig(body: any): Promise<void>;
     getConfig(body: {
         clientID?: string;
         tenant?: string;
         product?: string;
-    }): Promise<any>;
+    }): Promise<Partial<OAuth>>;
     deleteConfig(body: {
         clientID?: string;
         clientSecret?: string;
@@ -39,9 +36,6 @@ export interface IOAuthController {
     token(body: OAuthTokenReq): Promise<OAuthTokenRes>;
     userInfo(token: string): Promise<Profile>;
 }
-export interface IAdminController {
-    getAllConfig(): any;
-}
 export interface OAuthReqBody {
     response_type: 'code';
     client_id: string;
@@ -80,14 +74,12 @@ export interface Index {
     value: string;
 }
 export interface DatabaseDriver {
-    getAll(namespace: string): Promise<unknown[]>;
     get(namespace: string, key: string): Promise<any>;
     put(namespace: string, key: string, val: any, ttl: number, ...indexes: Index[]): Promise<any>;
     delete(namespace: string, key: string): Promise<any>;
     getByIndex(namespace: string, idx: Index): Promise<any>;
 }
 export interface Storable {
-    getAll(): Promise<unknown[]>;
     get(key: string): Promise<any>;
     put(key: string, val: any, ...indexes: Index[]): Promise<any>;
     delete(key: string): Promise<any>;
@@ -118,6 +110,7 @@ export interface SAMLReq {
     identifierFormat?: 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress';
     providerName?: 'BoxyHQ';
     signingKey: string;
+    publicKey: string;
 }
 export interface SAMLProfile {
     audience: string;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@boxyhq/saml-jackson",
-  "version": "0.3.8-beta.763",
+  "version": "0.3.8",
   "description": "SAML 2.0 service",
   "keywords": [
     "SAML 2.0"
@@ -18,9 +18,9 @@
   ],
   "scripts": {
     "build": "tsc -p tsconfig.build.json",
-    "db:migration:generate:postgres": "ts-node -r tsconfig-paths/register ./node_modules/typeorm/cli.js migration:generate --config ormconfig.js  -n createdAt",
-    "db:migration:generate:mysql": "cross-env DB_TYPE=mysql DB_URL=mysql://root:mysql@localhost:3307/mysql ts-node -r tsconfig-paths/register ./node_modules/typeorm/cli.js migration:generate --config ormconfig.js  -n createdAt",
-    "db:migration:generate:mariadb": "cross-env DB_TYPE=mariadb DB_URL=mariadb://root@localhost:3306/mysql ts-node -r tsconfig-paths/register ./node_modules/typeorm/cli.js migration:generate --config ormconfig.js  -n createdAt",
+    "db:migration:generate:postgres": "ts-node -r tsconfig-paths/register ./node_modules/typeorm/cli.js migration:generate --config ormconfig.js  -n Initial",
+    "db:migration:generate:mysql": "cross-env DB_TYPE=mysql DB_URL=mysql://root:mysql@localhost:3307/mysql ts-node -r tsconfig-paths/register ./node_modules/typeorm/cli.js migration:generate --config ormconfig.js  -n Initial",
+    "db:migration:generate:mariadb": "cross-env DB_TYPE=mariadb DB_URL=mariadb://root@localhost:3306/mysql ts-node -r tsconfig-paths/register ./node_modules/typeorm/cli.js migration:generate --config ormconfig.js  -n Initial",
     "db:migration:run:postgres": "ts-node --transpile-only ./node_modules/typeorm/cli.js migration:run",
     "db:migration:run:mysql": "cross-env DB_TYPE=mysql DB_URL=mysql://root:mysql@localhost:3307/mysql ts-node --transpile-only ./node_modules/typeorm/cli.js migration:run",
     "db:migration:run:mariadb": "cross-env DB_TYPE=mariadb DB_URL=mariadb://root@localhost:3306/mysql ts-node --transpile-only ./node_modules/typeorm/cli.js migration:run",

package/dist/controller/admin.d.ts

@@ -1,8 +0,0 @@
-import { IAdminController, Storable, OAuth } from '../typings';
-export declare class AdminController implements IAdminController {
-    configStore: Storable;
-    constructor({ configStore }: {
-        configStore: any;
-    });
-    getAllConfig(): Promise<Partial<OAuth>[]>;
-}

package/dist/controller/admin.js

@@ -1,27 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.AdminController = void 0;
-class AdminController {
-    constructor({ configStore }) {
-        this.configStore = configStore;
-    }
-    getAllConfig() {
-        return __awaiter(this, void 0, void 0, function* () {
-            const configList = (yield this.configStore.getAll());
-            if (!configList || !configList.length) {
-                return [];
-            }
-            return configList;
-        });
-    }
-}
-exports.AdminController = AdminController;

package/migration/mariadb/1644332636666-createdAt.ts

@@ -1,16 +0,0 @@
-import {MigrationInterface, QueryRunner} from "typeorm";
-
-export class createdAt1644332636666 implements MigrationInterface {
-    name = 'createdAt1644332636666'
-
-    public async up(queryRunner: QueryRunner): Promise<void> {
-        await queryRunner.query(`ALTER TABLE \`jackson_store\` ADD \`createdAt\` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP()`);
-        await queryRunner.query(`ALTER TABLE \`jackson_store\` ADD \`modifiedAt\` timestamp NULL`);
-    }
-
-    public async down(queryRunner: QueryRunner): Promise<void> {
-        await queryRunner.query(`ALTER TABLE \`jackson_store\` DROP COLUMN \`modifiedAt\``);
-        await queryRunner.query(`ALTER TABLE \`jackson_store\` DROP COLUMN \`createdAt\``);
-    }
-
-}

package/migration/mysql/1644332641078-createdAt.ts

@@ -1,16 +0,0 @@
-import {MigrationInterface, QueryRunner} from "typeorm";
-
-export class createdAt1644332641078 implements MigrationInterface {
-    name = 'createdAt1644332641078'
-
-    public async up(queryRunner: QueryRunner): Promise<void> {
-        await queryRunner.query(`ALTER TABLE \`jackson_store\` ADD \`createdAt\` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP`);
-        await queryRunner.query(`ALTER TABLE \`jackson_store\` ADD \`modifiedAt\` timestamp NULL`);
-    }
-
-    public async down(queryRunner: QueryRunner): Promise<void> {
-        await queryRunner.query(`ALTER TABLE \`jackson_store\` DROP COLUMN \`modifiedAt\``);
-        await queryRunner.query(`ALTER TABLE \`jackson_store\` DROP COLUMN \`createdAt\``);
-    }
-
-}

package/migration/postgres/1644332647279-createdAt.ts

@@ -1,16 +0,0 @@
-import {MigrationInterface, QueryRunner} from "typeorm";
-
-export class createdAt1644332647279 implements MigrationInterface {
-    name = 'createdAt1644332647279'
-
-    public async up(queryRunner: QueryRunner): Promise<void> {
-        await queryRunner.query(`ALTER TABLE "jackson_store" ADD "createdAt" TIMESTAMP NOT NULL DEFAULT now()`);
-        await queryRunner.query(`ALTER TABLE "jackson_store" ADD "modifiedAt" TIMESTAMP`);
-    }
-
-    public async down(queryRunner: QueryRunner): Promise<void> {
-        await queryRunner.query(`ALTER TABLE "jackson_store" DROP COLUMN "modifiedAt"`);
-        await queryRunner.query(`ALTER TABLE "jackson_store" DROP COLUMN "createdAt"`);
-    }
-
-}