@boxyhq/saml-jackson 0.3.8 → 0.4.2

package/dist/controller/admin.d.ts

@@ -0,0 +1,8 @@
+import { IAdminController, Storable, OAuth } from '../typings';
+export declare class AdminController implements IAdminController {
+    configStore: Storable;
+    constructor({ configStore }: {
+        configStore: any;
+    });
+    getAllConfig(): Promise<Partial<OAuth>[]>;
+}

package/dist/controller/admin.js

@@ -0,0 +1,27 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AdminController = void 0;
+class AdminController {
+    constructor({ configStore }) {
+        this.configStore = configStore;
+    }
+    getAllConfig() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const configList = (yield this.configStore.getAll());
+            if (!configList || !configList.length) {
+                return [];
+            }
+            return configList;
+        });
+    }
+}
+exports.AdminController = AdminController;

package/dist/controller/api.d.ts

@@ -18,35 +18,42 @@ export declare class APIController implements IAPIController {
      *     consumes:
      *       - application/x-www-form-urlencoded
      *     parameters:
+     *       - name: name
+     *         description: Name/identifier for the config
+     *         type: string
+     *         in: formData
+     *       - name: description
+     *         description: A short description for the config not more than 100 characters
+     *         type: string
+     *         in: formData
      *       - name: encodedRawMetadata
      *         description: Base64 encoding of the XML metadata
      *         in: formData
-     *         required: true
+     *         type: string
+     *       - name: rawMetadata
+     *         description: Raw XML metadata
+     *         in: formData
      *         type: string
      *       - name: defaultRedirectUrl
      *         description: The redirect URL to use in the IdP login flow
      *         in: formData
      *         required: true
      *         type: string
-     *         example: http://localhost:3000/login/saml
      *       - name: redirectUrl
      *         description: JSON encoded array containing a list of allowed redirect URLs
      *         in: formData
      *         required: true
      *         type: string
-     *         example: '["http://localhost:3000/*"]'
      *       - name: tenant
      *         description: Tenant
      *         in: formData
      *         required: true
      *         type: string
-     *         example: boxyhq.com
      *       - name: product
      *         description: Product
      *         in: formData
      *         required: true
      *         type: string
-     *         example: demo
      *     responses:
      *       200:
      *         description: Success
@@ -63,10 +70,79 @@ export declare class APIController implements IAPIController {
      *             client_id: 8958e13053832b5af58fdf2ee83f35f5d013dc74
      *             client_secret: 13f01f4df5b01770c616e682d14d3ba23f20948cfa89b1d7
      *             type: accounts.google.com
+     *       400:
+     *         description: Please provide rawMetadata or encodedRawMetadata | Please provide a defaultRedirectUrl | Please provide redirectUrl | Please provide tenant | Please provide product | Please provide a friendly name | Description should not exceed 100 characters
      *       401:
      *         description: Unauthorized
      */
     config(body: IdPConfig): Promise<OAuth>;
+    /**
+     * @swagger
+     *
+     * /api/v1/saml/config:
+     *   patch:
+     *     summary: Update SAML configuration
+     *     operationId: update-saml-config
+     *     tags: [SAML Config]
+     *     consumes:
+     *       - application/json
+     *       - application/x-www-form-urlencoded
+     *     parameters:
+     *       - name: clientID
+     *         description: Client ID for the config
+     *         type: string
+     *         in: formData
+     *         required: true
+     *       - name: clientSecret
+     *         description: Client Secret for the config
+     *         type: string
+     *         in: formData
+     *         required: true
+     *       - name: name
+     *         description: Name/identifier for the config
+     *         type: string
+     *         in: formData
+     *       - name: description
+     *         description: A short description for the config not more than 100 characters
+     *         type: string
+     *         in: formData
+     *       - name: encodedRawMetadata
+     *         description: Base64 encoding of the XML metadata
+     *         in: formData
+     *         type: string
+     *       - name: rawMetadata
+     *         description: Raw XML metadata
+     *         in: formData
+     *         type: string
+     *       - name: defaultRedirectUrl
+     *         description: The redirect URL to use in the IdP login flow
+     *         in: formData
+     *         required: true
+     *         type: string
+     *       - name: redirectUrl
+     *         description: JSON encoded array containing a list of allowed redirect URLs
+     *         in: formData
+     *         required: true
+     *         type: string
+     *       - name: tenant
+     *         description: Tenant
+     *         in: formData
+     *         required: true
+     *         type: string
+     *       - name: product
+     *         description: Product
+     *         in: formData
+     *         required: true
+     *         type: string
+     *     responses:
+     *       204:
+     *         description: Success
+     *       400:
+     *         description: Please provide clientID | Please provide clientSecret | clientSecret mismatch | Tenant/Product config mismatch with IdP metadata | Description should not exceed 100 characters
+     *       401:
+     *         description: Unauthorized
+     */
+    updateConfig(body: any): Promise<void>;
     /**
      * @swagger
      *
@@ -81,12 +157,10 @@ export declare class APIController implements IAPIController {
      *         name: tenant
      *         type: string
      *         description: Tenant
-     *         example: boxyhq.com
      *       - in: query
      *         name: product
      *         type: string
      *         description: Product
-     *         example: demo
      *       - in: query
      *         name: clientID
      *         type: string
@@ -96,11 +170,35 @@ export declare class APIController implements IAPIController {
      *         description: Success
      *         schema:
      *           type: object
-     *           properties:
-     *             provider:
-     *               type: string
      *           example:
-     *             type: accounts.google.com
+     *             {
+     *               "config": {
+     *                 "idpMetadata": {
+     *                   "sso": {
+     *                     "postUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxxx/sso/saml",
+     *                     "redirectUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxxx/sso/saml"
+     *                   },
+     *                   "entityID": "http://www.okta.com/xxxxxxxxxxxxx",
+     *                   "thumbprint": "Eo+eUi3UM3XIMkFFtdVK3yJ5vO9f7YZdasdasdad",
+     *                   "loginType": "idp",
+     *                   "provider": "okta.com"
+     *                 },
+     *                 "defaultRedirectUrl": "https://hoppscotch.io/",
+     *                 "redirectUrl": ["https://hoppscotch.io/"],
+     *                 "tenant": "hoppscotch.io",
+     *                 "product": "API Engine",
+     *                 "name": "Hoppscotch-SP",
+     *                 "description": "SP for hoppscotch.io",
+     *                 "clientID": "Xq8AJt3yYAxmXizsCWmUBDRiVP1iTC8Y/otnvFIMitk",
+     *                 "clientSecret": "00e3e11a3426f97d8000000738300009130cd45419c5943",
+     *                 "certs": {
+     *                   "publicKey": "-----BEGIN CERTIFICATE-----.......-----END CERTIFICATE-----",
+     *                   "privateKey": "-----BEGIN PRIVATE KEY-----......-----END PRIVATE KEY-----"
+     *                 }
+     *               }
+     *             }
+     *       '400':
+     *         description: Please provide `clientID` or `tenant` and `product`.
      *       '401':
      *         description: Unauthorized
      */
@@ -108,7 +206,7 @@ export declare class APIController implements IAPIController {
         clientID: string;
         tenant: string;
         product: string;
-    }): Promise<Partial<OAuth>>;
+    }): Promise<any>;
     /**
      * @swagger
      * /api/v1/saml/config:
@@ -134,15 +232,15 @@ export declare class APIController implements IAPIController {
      *         in: formData
      *         type: string
      *         description: Tenant
-     *         example: boxyhq.com
      *       - name: product
      *         in: formData
      *         type: string
      *         description: Product
-     *         example: demo
      *     responses:
      *       '200':
      *         description: Success
+     *       '400':
+     *         description: clientSecret mismatch | Please provide `clientID` and `clientSecret` or `tenant` and `product`.'
      *       '401':
      *         description: Unauthorized
      */

package/dist/controller/api.js

@@ -27,6 +27,17 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
+var __rest = (this && this.__rest) || function (s, e) {
+    var t = {};
+    for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
+        t[p] = s[p];
+    if (s != null && typeof Object.getOwnPropertySymbols === "function")
+        for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
+            if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
+                t[p[i]] = s[p[i]];
+        }
+    return t;
+};
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
@@ -44,7 +55,7 @@ class APIController {
         this.configStore = configStore;
     }
     _validateIdPConfig(body) {
-        const { encodedRawMetadata, rawMetadata, defaultRedirectUrl, redirectUrl, tenant, product } = body;
+        const { encodedRawMetadata, rawMetadata, defaultRedirectUrl, redirectUrl, tenant, product, description } = body;
         if (!rawMetadata && !encodedRawMetadata) {
             throw new error_1.JacksonError('Please provide rawMetadata or encodedRawMetadata', 400);
         }
@@ -60,6 +71,9 @@ class APIController {
         if (!product) {
             throw new error_1.JacksonError('Please provide product', 400);
         }
+        if (description && description.length > 100) {
+            throw new error_1.JacksonError('Description should not exceed 100 characters', 400);
+        }
     }
     /**
      * @swagger
@@ -74,35 +88,42 @@ class APIController {
      *     consumes:
      *       - application/x-www-form-urlencoded
      *     parameters:
+     *       - name: name
+     *         description: Name/identifier for the config
+     *         type: string
+     *         in: formData
+     *       - name: description
+     *         description: A short description for the config not more than 100 characters
+     *         type: string
+     *         in: formData
      *       - name: encodedRawMetadata
      *         description: Base64 encoding of the XML metadata
      *         in: formData
-     *         required: true
+     *         type: string
+     *       - name: rawMetadata
+     *         description: Raw XML metadata
+     *         in: formData
      *         type: string
      *       - name: defaultRedirectUrl
      *         description: The redirect URL to use in the IdP login flow
      *         in: formData
      *         required: true
      *         type: string
-     *         example: http://localhost:3000/login/saml
      *       - name: redirectUrl
      *         description: JSON encoded array containing a list of allowed redirect URLs
      *         in: formData
      *         required: true
      *         type: string
-     *         example: '["http://localhost:3000/*"]'
      *       - name: tenant
      *         description: Tenant
      *         in: formData
      *         required: true
      *         type: string
-     *         example: boxyhq.com
      *       - name: product
      *         description: Product
      *         in: formData
      *         required: true
      *         type: string
-     *         example: demo
      *     responses:
      *       200:
      *         description: Success
@@ -119,12 +140,14 @@ class APIController {
      *             client_id: 8958e13053832b5af58fdf2ee83f35f5d013dc74
      *             client_secret: 13f01f4df5b01770c616e682d14d3ba23f20948cfa89b1d7
      *             type: accounts.google.com
+     *       400:
+     *         description: Please provide rawMetadata or encodedRawMetadata | Please provide a defaultRedirectUrl | Please provide redirectUrl | Please provide tenant | Please provide product | Please provide a friendly name | Description should not exceed 100 characters
      *       401:
      *         description: Unauthorized
      */
     config(body) {
         return __awaiter(this, void 0, void 0, function* () {
-            const { encodedRawMetadata, rawMetadata, defaultRedirectUrl, redirectUrl, tenant, product } = body;
+            const { encodedRawMetadata, rawMetadata, defaultRedirectUrl, redirectUrl, tenant, product, name, description, } = body;
             metrics.increment('createConfig');
             this._validateIdPConfig(body);
             let metaData = rawMetadata;
@@ -157,6 +180,8 @@ class APIController {
                 redirectUrl: JSON.parse(redirectUrl),
                 tenant,
                 product,
+                name,
+                description,
                 clientID,
                 clientSecret,
                 certs,
@@ -176,6 +201,123 @@ class APIController {
             };
         });
     }
+    /**
+     * @swagger
+     *
+     * /api/v1/saml/config:
+     *   patch:
+     *     summary: Update SAML configuration
+     *     operationId: update-saml-config
+     *     tags: [SAML Config]
+     *     consumes:
+     *       - application/json
+     *       - application/x-www-form-urlencoded
+     *     parameters:
+     *       - name: clientID
+     *         description: Client ID for the config
+     *         type: string
+     *         in: formData
+     *         required: true
+     *       - name: clientSecret
+     *         description: Client Secret for the config
+     *         type: string
+     *         in: formData
+     *         required: true
+     *       - name: name
+     *         description: Name/identifier for the config
+     *         type: string
+     *         in: formData
+     *       - name: description
+     *         description: A short description for the config not more than 100 characters
+     *         type: string
+     *         in: formData
+     *       - name: encodedRawMetadata
+     *         description: Base64 encoding of the XML metadata
+     *         in: formData
+     *         type: string
+     *       - name: rawMetadata
+     *         description: Raw XML metadata
+     *         in: formData
+     *         type: string
+     *       - name: defaultRedirectUrl
+     *         description: The redirect URL to use in the IdP login flow
+     *         in: formData
+     *         required: true
+     *         type: string
+     *       - name: redirectUrl
+     *         description: JSON encoded array containing a list of allowed redirect URLs
+     *         in: formData
+     *         required: true
+     *         type: string
+     *       - name: tenant
+     *         description: Tenant
+     *         in: formData
+     *         required: true
+     *         type: string
+     *       - name: product
+     *         description: Product
+     *         in: formData
+     *         required: true
+     *         type: string
+     *     responses:
+     *       204:
+     *         description: Success
+     *       400:
+     *         description: Please provide clientID | Please provide clientSecret | clientSecret mismatch | Tenant/Product config mismatch with IdP metadata | Description should not exceed 100 characters
+     *       401:
+     *         description: Unauthorized
+     */
+    updateConfig(body) {
+        var _a;
+        return __awaiter(this, void 0, void 0, function* () {
+            const { encodedRawMetadata, // could be empty
+            rawMetadata, // could be empty
+            defaultRedirectUrl, redirectUrl, name, description } = body, clientInfo = __rest(body, ["encodedRawMetadata", "rawMetadata", "defaultRedirectUrl", "redirectUrl", "name", "description"]);
+            if (!(clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientID)) {
+                throw new error_1.JacksonError('Please provide clientID', 400);
+            }
+            if (!(clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientSecret)) {
+                throw new error_1.JacksonError('Please provide clientSecret', 400);
+            }
+            if (description && description.length > 100) {
+                throw new error_1.JacksonError('Description should not exceed 100 characters', 400);
+            }
+            const _currentConfig = (_a = (yield this.getConfig(clientInfo))) === null || _a === void 0 ? void 0 : _a.config;
+            if (_currentConfig.clientSecret !== (clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientSecret)) {
+                throw new error_1.JacksonError('clientSecret mismatch', 400);
+            }
+            let metaData = rawMetadata;
+            if (encodedRawMetadata) {
+                metaData = Buffer.from(encodedRawMetadata, 'base64').toString();
+            }
+            let newMetadata;
+            if (metaData) {
+                newMetadata = yield saml_1.default.parseMetadataAsync(metaData);
+                // extract provider
+                let providerName = extractHostName(newMetadata.entityID);
+                if (!providerName) {
+                    providerName = extractHostName(newMetadata.sso.redirectUrl || newMetadata.sso.postUrl);
+                }
+                newMetadata.provider = providerName ? providerName : 'Unknown';
+            }
+            if (newMetadata) {
+                // check if clientID matches with new metadata payload
+                const clientID = dbutils.keyDigest(dbutils.keyFromParts(clientInfo.tenant, clientInfo.product, newMetadata.entityID));
+                if (clientID !== (clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientID)) {
+                    throw new error_1.JacksonError('Tenant/Product config mismatch with IdP metadata', 400);
+                }
+            }
+            yield this.configStore.put(clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientID, Object.assign(Object.assign({}, _currentConfig), { name: name ? name : _currentConfig.name, description: description ? description : _currentConfig.description, idpMetadata: newMetadata ? newMetadata : _currentConfig.idpMetadata, defaultRedirectUrl: defaultRedirectUrl ? defaultRedirectUrl : _currentConfig.defaultRedirectUrl, redirectUrl: redirectUrl ? JSON.parse(redirectUrl) : _currentConfig.redirectUrl }), {
+                // secondary index on entityID
+                name: utils_1.IndexNames.EntityID,
+                value: _currentConfig.idpMetadata.entityID,
+            }, {
+                // secondary index on tenant + product
+                name: utils_1.IndexNames.TenantProduct,
+                value: dbutils.keyFromParts(_currentConfig.tenant, _currentConfig.product),
+            });
+        });
+    }
     /**
      * @swagger
      *
@@ -190,12 +332,10 @@ class APIController {
      *         name: tenant
      *         type: string
      *         description: Tenant
-     *         example: boxyhq.com
      *       - in: query
      *         name: product
      *         type: string
      *         description: Product
-     *         example: demo
      *       - in: query
      *         name: clientID
      *         type: string
@@ -205,11 +345,35 @@ class APIController {
      *         description: Success
      *         schema:
      *           type: object
-     *           properties:
-     *             provider:
-     *               type: string
      *           example:
-     *             type: accounts.google.com
+     *             {
+     *               "config": {
+     *                 "idpMetadata": {
+     *                   "sso": {
+     *                     "postUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxxx/sso/saml",
+     *                     "redirectUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxxx/sso/saml"
+     *                   },
+     *                   "entityID": "http://www.okta.com/xxxxxxxxxxxxx",
+     *                   "thumbprint": "Eo+eUi3UM3XIMkFFtdVK3yJ5vO9f7YZdasdasdad",
+     *                   "loginType": "idp",
+     *                   "provider": "okta.com"
+     *                 },
+     *                 "defaultRedirectUrl": "https://hoppscotch.io/",
+     *                 "redirectUrl": ["https://hoppscotch.io/"],
+     *                 "tenant": "hoppscotch.io",
+     *                 "product": "API Engine",
+     *                 "name": "Hoppscotch-SP",
+     *                 "description": "SP for hoppscotch.io",
+     *                 "clientID": "Xq8AJt3yYAxmXizsCWmUBDRiVP1iTC8Y/otnvFIMitk",
+     *                 "clientSecret": "00e3e11a3426f97d8000000738300009130cd45419c5943",
+     *                 "certs": {
+     *                   "publicKey": "-----BEGIN CERTIFICATE-----.......-----END CERTIFICATE-----",
+     *                   "privateKey": "-----BEGIN PRIVATE KEY-----......-----END PRIVATE KEY-----"
+     *                 }
+     *               }
+     *             }
+     *       '400':
+     *         description: Please provide `clientID` or `tenant` and `product`.
      *       '401':
      *         description: Unauthorized
      */
@@ -219,7 +383,7 @@ class APIController {
             metrics.increment('getConfig');
             if (clientID) {
                 const samlConfig = yield this.configStore.get(clientID);
-                return samlConfig ? { provider: samlConfig.idpMetadata.provider } : {};
+                return samlConfig ? { config: samlConfig } : {};
             }
             if (tenant && product) {
                 const samlConfigs = yield this.configStore.getByIndex({
@@ -229,7 +393,7 @@ class APIController {
                 if (!samlConfigs || !samlConfigs.length) {
                     return {};
                 }
-                return { provider: samlConfigs[0].idpMetadata.provider };
+                return { config: samlConfigs[0] };
             }
             throw new error_1.JacksonError('Please provide `clientID` or `tenant` and `product`.', 400);
         });
@@ -259,15 +423,15 @@ class APIController {
      *         in: formData
      *         type: string
      *         description: Tenant
-     *         example: boxyhq.com
      *       - name: product
      *         in: formData
      *         type: string
      *         description: Product
-     *         example: demo
      *     responses:
      *       '200':
      *         description: Success
+     *       '400':
+     *         description: clientSecret mismatch | Please provide `clientID` and `clientSecret` or `tenant` and `product`.'
      *       '401':
      *         description: Unauthorized
      */
@@ -284,7 +448,7 @@ class APIController {
                     yield this.configStore.delete(clientID);
                 }
                 else {
-                    throw new error_1.JacksonError('clientSecret mismatch.', 400);
+                    throw new error_1.JacksonError('clientSecret mismatch', 400);
                 }
                 return;
             }

package/dist/db/db.d.ts

@@ -4,6 +4,7 @@ declare class DB implements DatabaseDriver {
     private encryptionKey;
     constructor(db: DatabaseDriver, encryptionKey: EncryptionKey);
     get(namespace: string, key: string): Promise<unknown>;
+    getAll(namespace: any): Promise<unknown[]>;
     getByIndex(namespace: string, idx: Index): Promise<unknown[]>;
     put(namespace: string, key: string, val: unknown, ttl?: number, ...indexes: Index[]): Promise<unknown>;
     delete(namespace: string, key: string): Promise<unknown>;

package/dist/db/db.js

@@ -57,6 +57,15 @@ class DB {
             return decrypt(res, this.encryptionKey);
         });
     }
+    getAll(namespace) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const res = (yield this.db.getAll(namespace));
+            const encryptionKey = this.encryptionKey;
+            return res.map((r) => {
+                return decrypt(r, encryptionKey);
+            });
+        });
+    }
     getByIndex(namespace, idx) {
         return __awaiter(this, void 0, void 0, function* () {
             const res = yield this.db.getByIndex(namespace, idx);

package/dist/db/mem.d.ts

@@ -10,6 +10,7 @@ declare class Mem implements DatabaseDriver {
     constructor(options: DatabaseOption);
     init(): Promise<Mem>;
     get(namespace: string, key: string): Promise<any>;
+    getAll(namespace: string): Promise<unknown[]>;
     getByIndex(namespace: string, idx: Index): Promise<any>;
     put(namespace: string, key: string, val: Encrypted, ttl?: number, ...indexes: any[]): Promise<any>;
     delete(namespace: string, key: string): Promise<any>;

package/dist/db/mem.js

@@ -66,6 +66,21 @@ class Mem {
             return null;
         });
     }
+    getAll(namespace) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const returnValue = [];
+            if (namespace) {
+                for (const key in this.store) {
+                    if (key.startsWith(namespace)) {
+                        returnValue.push(this.store[key]);
+                    }
+                }
+            }
+            if (returnValue)
+                return returnValue;
+            return [];
+        });
+    }
     getByIndex(namespace, idx) {
         return __awaiter(this, void 0, void 0, function* () {
             const dbKeys = yield this.indexes[dbutils.keyForIndex(namespace, idx)];
@@ -80,6 +95,10 @@ class Mem {
         return __awaiter(this, void 0, void 0, function* () {
             const k = dbutils.key(namespace, key);
             this.store[k] = val;
+            if (!Date.parse(this.store['createdAt']))
+                this.store['createdAt'] = new Date().toISOString();
+            this.store['modifiedAt'] = new Date().toISOString();
+            // console.log(this.store)
             if (ttl) {
                 this.ttlStore[k] = {
                     namespace,

package/dist/db/mongo.d.ts

@@ -7,6 +7,7 @@ declare class Mongo implements DatabaseDriver {
     constructor(options: DatabaseOption);
     init(): Promise<Mongo>;
     get(namespace: string, key: string): Promise<any>;
+    getAll(namespace: string): Promise<unknown[]>;
     getByIndex(namespace: string, idx: Index): Promise<any>;
     put(namespace: string, key: string, val: Encrypted, ttl?: number, ...indexes: any[]): Promise<void>;
     delete(namespace: string, key: string): Promise<any>;

package/dist/db/mongo.js

@@ -36,8 +36,16 @@ class Mongo {
     }
     init() {
         return __awaiter(this, void 0, void 0, function* () {
-            this.client = new mongodb_1.MongoClient(this.options.url);
-            yield this.client.connect();
+            try {
+                if (!this.options.url) {
+                    throw Error('Please specify a db url');
+                }
+                this.client = new mongodb_1.MongoClient(this.options.url);
+                yield this.client.connect();
+            }
+            catch (err) {
+                console.error(`error connecting to ${this.options.type} db: ${err}`);
+            }
             this.db = this.client.db();
             this.collection = this.db.collection('jacksonStore');
             yield this.collection.createIndex({ indexes: 1 });
@@ -56,6 +64,15 @@ class Mongo {
             return null;
         });
     }
+    getAll(namespace) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const _namespaceMatch = new RegExp(`^${namespace}:.*`);
+            const docs = yield this.collection.find({ _id: _namespaceMatch }).toArray();
+            if (docs)
+                return docs.map(({ value }) => value);
+            return [];
+        });
+    }
     getByIndex(namespace, idx) {
         return __awaiter(this, void 0, void 0, function* () {
             const docs = yield this.collection
@@ -86,8 +103,12 @@ class Mongo {
                 }
                 doc.indexes.push(idxKey);
             }
+            doc.modifiedAt = new Date().toISOString();
             yield this.collection.updateOne({ _id: dbutils.key(namespace, key) }, {
                 $set: doc,
+                $setOnInsert: {
+                    createdAt: new Date().toISOString(),
+                },
             }, { upsert: true });
         });
     }

package/dist/db/redis.d.ts

@@ -5,6 +5,7 @@ declare class Redis implements DatabaseDriver {
     constructor(options: DatabaseOption);
     init(): Promise<Redis>;
     get(namespace: string, key: string): Promise<any>;
+    getAll(namespace: string): Promise<unknown[]>;
     getByIndex(namespace: string, idx: Index): Promise<any>;
     put(namespace: string, key: string, val: Encrypted, ttl?: number, ...indexes: any[]): Promise<void>;
     delete(namespace: string, key: string): Promise<any>;

package/dist/db/redis.js

@@ -57,6 +57,26 @@ class Redis {
             return null;
         });
     }
+    getAll(namespace) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const keys = yield this.client.sendCommand(['keys', namespace + ':*']);
+            const returnValue = [];
+            for (let i = 0; i < keys.length; i++) {
+                try {
+                    if (this.client.get(keys[i])) {
+                        const value = yield this.client.get(keys[i]);
+                        returnValue.push(JSON.parse(value));
+                    }
+                }
+                catch (error) {
+                    console.error(error);
+                }
+            }
+            if (returnValue)
+                return returnValue;
+            return [];
+        });
+    }
     getByIndex(namespace, idx) {
         return __awaiter(this, void 0, void 0, function* () {
             const dbKeys = yield this.client.sMembers(dbutils.keyForIndex(namespace, idx));

package/dist/db/sql/entity/JacksonStore.d.ts

@@ -3,4 +3,6 @@ export declare class JacksonStore {
     value: string;
     iv?: string;
     tag?: string;
+    createdAt?: Date;
+    modifiedAt?: string;
 }

package/dist/db/sql/entity/JacksonStore.js

@@ -36,6 +36,19 @@ __decorate([
         nullable: true,
     })
 ], JacksonStore.prototype, "tag", void 0);
+__decorate([
+    (0, typeorm_1.Column)({
+        type: 'timestamp',
+        default: () => 'CURRENT_TIMESTAMP',
+        nullable: false,
+    })
+], JacksonStore.prototype, "createdAt", void 0);
+__decorate([
+    (0, typeorm_1.Column)({
+        type: 'timestamp',
+        nullable: true,
+    })
+], JacksonStore.prototype, "modifiedAt", void 0);
 JacksonStore = __decorate([
     (0, typeorm_1.Entity)()
 ], JacksonStore);

package/dist/db/sql/sql.d.ts

@@ -10,6 +10,7 @@ declare class Sql implements DatabaseDriver {
     constructor(options: DatabaseOption);
     init(): Promise<Sql>;
     get(namespace: string, key: string): Promise<any>;
+    getAll(namespace: string): Promise<unknown[]>;
     getByIndex(namespace: string, idx: Index): Promise<any>;
     put(namespace: string, key: string, val: Encrypted, ttl?: number, ...indexes: any[]): Promise<void>;
     delete(namespace: string, key: string): Promise<any>;

package/dist/db/sql/sql.js

@@ -95,7 +95,7 @@ class Sql {
     }
     get(namespace, key) {
         return __awaiter(this, void 0, void 0, function* () {
-            let res = yield this.storeRepository.findOne({
+            const res = yield this.storeRepository.findOne({
                 key: dbutils.key(namespace, key),
             });
             if (res && res.value) {
@@ -108,6 +108,22 @@ class Sql {
             return null;
         });
     }
+    getAll(namespace) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const response = yield this.storeRepository.find({
+                where: { key: (0, typeorm_1.Like)(`%${namespace}%`) },
+                select: ['value', 'iv', 'tag'],
+                order: {
+                    ['createdAt']: 'DESC',
+                    // ['createdAt']: 'ASC',
+                },
+            });
+            const returnValue = JSON.parse(JSON.stringify(response));
+            if (returnValue)
+                return returnValue;
+            return [];
+        });
+    }
     getByIndex(namespace, idx) {
         return __awaiter(this, void 0, void 0, function* () {
             const res = yield this.indexRepository.find({
@@ -135,6 +151,7 @@ class Sql {
                 store.value = val.value;
                 store.iv = val.iv;
                 store.tag = val.tag;
+                store.modifiedAt = new Date().toISOString();
                 yield transactionalEntityManager.save(store);
                 if (ttl) {
                     const ttlRec = new JacksonTTL_1.JacksonTTL();

package/dist/db/store.js

@@ -40,6 +40,11 @@ class Store {
             return yield this.db.get(this.namespace, dbutils.keyDigest(key));
         });
     }
+    getAll() {
+        return __awaiter(this, void 0, void 0, function* () {
+            return yield this.db.getAll(this.namespace);
+        });
+    }
     getByIndex(idx) {
         return __awaiter(this, void 0, void 0, function* () {
             idx.value = dbutils.keyDigest(idx.value);

package/dist/index.d.ts

@@ -1,9 +1,11 @@
 import { APIController } from './controller/api';
 import { OAuthController } from './controller/oauth';
+import { AdminController } from './controller/admin';
 import { JacksonOption } from './typings';
 export declare const controllers: (opts: JacksonOption) => Promise<{
     apiController: APIController;
     oauthController: OAuthController;
+    adminController: AdminController;
 }>;
 export default controllers;
 export * from './typings';

package/dist/index.js

@@ -25,6 +25,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.controllers = void 0;
 const api_1 = require("./controller/api");
 const oauth_1 = require("./controller/oauth");
+const admin_1 = require("./controller/admin");
 const db_1 = __importDefault(require("./db/db"));
 const read_config_1 = __importDefault(require("./read-config"));
 const defaultOpts = (opts) => {
@@ -55,6 +56,7 @@ const controllers = (opts) => __awaiter(void 0, void 0, void 0, function* () {
     const codeStore = db.store('oauth:code', opts.db.ttl);
     const tokenStore = db.store('oauth:token', opts.db.ttl);
     const apiController = new api_1.APIController({ configStore });
+    const adminController = new admin_1.AdminController({ configStore });
     const oauthController = new oauth_1.OAuthController({
         configStore,
         sessionStore,
@@ -75,6 +77,7 @@ const controllers = (opts) => __awaiter(void 0, void 0, void 0, function* () {
     return {
         apiController,
         oauthController,
+        adminController,
     };
 });
 exports.controllers = controllers;

package/dist/saml/saml.js

@@ -55,17 +55,7 @@ function PubKeyInfo(pubKey) {
     this.getKeyInfo = function (_key, prefix) {
         prefix = prefix || '';
         prefix = prefix ? prefix + ':' : prefix;
-        return ('<' +
-            prefix +
-            'X509Data><' +
-            prefix +
-            'X509Certificate>' +
-            this.pubKey +
-            '</' +
-            prefix +
-            'X509Certificate></' +
-            prefix +
-            'X509Data>');
+        return `<${prefix}X509Data><${prefix}X509Certificate>${this.pubKey}</${prefix}X509Certificate</${prefix}X509Data>`;
     };
 }
 const signRequest = (xml, signingKey, publicKey) => {

package/dist/typings.d.ts

@@ -3,6 +3,8 @@ export declare type IdPConfig = {
     redirectUrl: string;
     tenant: string;
     product: string;
+    name: string;
+    description: string;
     rawMetadata?: string;
     encodedRawMetadata?: string;
 };
@@ -13,11 +15,12 @@ export interface OAuth {
 }
 export interface IAPIController {
     config(body: IdPConfig): Promise<OAuth>;
+    updateConfig(body: any): Promise<void>;
     getConfig(body: {
         clientID?: string;
         tenant?: string;
         product?: string;
-    }): Promise<Partial<OAuth>>;
+    }): Promise<any>;
     deleteConfig(body: {
         clientID?: string;
         clientSecret?: string;
@@ -36,6 +39,9 @@ export interface IOAuthController {
     token(body: OAuthTokenReq): Promise<OAuthTokenRes>;
     userInfo(token: string): Promise<Profile>;
 }
+export interface IAdminController {
+    getAllConfig(): any;
+}
 export interface OAuthReqBody {
     response_type: 'code';
     client_id: string;
@@ -74,12 +80,14 @@ export interface Index {
     value: string;
 }
 export interface DatabaseDriver {
+    getAll(namespace: string): Promise<unknown[]>;
     get(namespace: string, key: string): Promise<any>;
     put(namespace: string, key: string, val: any, ttl: number, ...indexes: Index[]): Promise<any>;
     delete(namespace: string, key: string): Promise<any>;
     getByIndex(namespace: string, idx: Index): Promise<any>;
 }
 export interface Storable {
+    getAll(): Promise<unknown[]>;
     get(key: string): Promise<any>;
     put(key: string, val: any, ...indexes: Index[]): Promise<any>;
     delete(key: string): Promise<any>;

package/migration/mariadb/1644332636666-createdAt.ts

@@ -0,0 +1,16 @@
+import {MigrationInterface, QueryRunner} from "typeorm";
+
+export class createdAt1644332636666 implements MigrationInterface {
+    name = 'createdAt1644332636666'
+
+    public async up(queryRunner: QueryRunner): Promise<void> {
+        await queryRunner.query(`ALTER TABLE \`jackson_store\` ADD \`createdAt\` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP()`);
+        await queryRunner.query(`ALTER TABLE \`jackson_store\` ADD \`modifiedAt\` timestamp NULL`);
+    }
+
+    public async down(queryRunner: QueryRunner): Promise<void> {
+        await queryRunner.query(`ALTER TABLE \`jackson_store\` DROP COLUMN \`modifiedAt\``);
+        await queryRunner.query(`ALTER TABLE \`jackson_store\` DROP COLUMN \`createdAt\``);
+    }
+
+}

package/migration/mysql/1644332641078-createdAt.ts

@@ -0,0 +1,16 @@
+import {MigrationInterface, QueryRunner} from "typeorm";
+
+export class createdAt1644332641078 implements MigrationInterface {
+    name = 'createdAt1644332641078'
+
+    public async up(queryRunner: QueryRunner): Promise<void> {
+        await queryRunner.query(`ALTER TABLE \`jackson_store\` ADD \`createdAt\` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP`);
+        await queryRunner.query(`ALTER TABLE \`jackson_store\` ADD \`modifiedAt\` timestamp NULL`);
+    }
+
+    public async down(queryRunner: QueryRunner): Promise<void> {
+        await queryRunner.query(`ALTER TABLE \`jackson_store\` DROP COLUMN \`modifiedAt\``);
+        await queryRunner.query(`ALTER TABLE \`jackson_store\` DROP COLUMN \`createdAt\``);
+    }
+
+}

package/migration/postgres/1644332647279-createdAt.ts

@@ -0,0 +1,16 @@
+import {MigrationInterface, QueryRunner} from "typeorm";
+
+export class createdAt1644332647279 implements MigrationInterface {
+    name = 'createdAt1644332647279'
+
+    public async up(queryRunner: QueryRunner): Promise<void> {
+        await queryRunner.query(`ALTER TABLE "jackson_store" ADD "createdAt" TIMESTAMP NOT NULL DEFAULT now()`);
+        await queryRunner.query(`ALTER TABLE "jackson_store" ADD "modifiedAt" TIMESTAMP`);
+    }
+
+    public async down(queryRunner: QueryRunner): Promise<void> {
+        await queryRunner.query(`ALTER TABLE "jackson_store" DROP COLUMN "modifiedAt"`);
+        await queryRunner.query(`ALTER TABLE "jackson_store" DROP COLUMN "createdAt"`);
+    }
+
+}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@boxyhq/saml-jackson",
-  "version": "0.3.8",
-  "description": "SAML 2.0 service",
+  "version": "0.4.2",
+  "description": "SAML Jackson library",
   "keywords": [
     "SAML 2.0"
   ],
@@ -18,9 +18,9 @@
   ],
   "scripts": {
     "build": "tsc -p tsconfig.build.json",
-    "db:migration:generate:postgres": "ts-node -r tsconfig-paths/register ./node_modules/typeorm/cli.js migration:generate --config ormconfig.js  -n Initial",
-    "db:migration:generate:mysql": "cross-env DB_TYPE=mysql DB_URL=mysql://root:mysql@localhost:3307/mysql ts-node -r tsconfig-paths/register ./node_modules/typeorm/cli.js migration:generate --config ormconfig.js  -n Initial",
-    "db:migration:generate:mariadb": "cross-env DB_TYPE=mariadb DB_URL=mariadb://root@localhost:3306/mysql ts-node -r tsconfig-paths/register ./node_modules/typeorm/cli.js migration:generate --config ormconfig.js  -n Initial",
+    "db:migration:generate:postgres": "ts-node -r tsconfig-paths/register ./node_modules/typeorm/cli.js migration:generate --config ormconfig.js  -n createdAt",
+    "db:migration:generate:mysql": "cross-env DB_TYPE=mysql DB_URL=mysql://root:mysql@localhost:3307/mysql ts-node -r tsconfig-paths/register ./node_modules/typeorm/cli.js migration:generate --config ormconfig.js  -n createdAt",
+    "db:migration:generate:mariadb": "cross-env DB_TYPE=mariadb DB_URL=mariadb://root@localhost:3306/mysql ts-node -r tsconfig-paths/register ./node_modules/typeorm/cli.js migration:generate --config ormconfig.js  -n createdAt",
     "db:migration:run:postgres": "ts-node --transpile-only ./node_modules/typeorm/cli.js migration:run",
     "db:migration:run:mysql": "cross-env DB_TYPE=mysql DB_URL=mysql://root:mysql@localhost:3307/mysql ts-node --transpile-only ./node_modules/typeorm/cli.js migration:run",
     "db:migration:run:mariadb": "cross-env DB_TYPE=mariadb DB_URL=mariadb://root@localhost:3306/mysql ts-node --transpile-only ./node_modules/typeorm/cli.js migration:run",