@boxyhq/saml-jackson 0.4.2 → 0.5.1

package/dist/controller/admin.d.ts

@@ -1,8 +1,8 @@
-import { IAdminController, Storable, OAuth } from '../typings';
+import { IAdminController, Storable } from '../typings';
 export declare class AdminController implements IAdminController {
     configStore: Storable;
     constructor({ configStore }: {
         configStore: any;
     });
-    getAllConfig(): Promise<Partial<OAuth>[]>;
+    getAllConfig(pageOffset?: number, pageLimit?: number): Promise<Partial<any>[]>;
 }

package/dist/controller/admin.js

@@ -14,9 +14,9 @@ class AdminController {
     constructor({ configStore }) {
         this.configStore = configStore;
     }
-    getAllConfig() {
+    getAllConfig(pageOffset, pageLimit) {
         return __awaiter(this, void 0, void 0, function* () {
-            const configList = (yield this.configStore.getAll());
+            const configList = (yield this.configStore.getAll(pageOffset, pageLimit));
             if (!configList || !configList.length) {
                 return [];
             }

package/dist/controller/api.d.ts

@@ -1,4 +1,4 @@
-import { IAPIController, IdPConfig, OAuth } from '../typings';
+import { IAPIController, IdPConfig } from '../typings';
 export declare class APIController implements IAPIController {
     private configStore;
     constructor({ configStore }: {
@@ -59,23 +59,37 @@ export declare class APIController implements IAPIController {
      *         description: Success
      *         schema:
      *           type: object
-     *           properties:
-     *             client_id:
-     *               type: string
-     *             client_secret:
-     *               type: string
-     *             provider:
-     *               type: string
      *           example:
-     *             client_id: 8958e13053832b5af58fdf2ee83f35f5d013dc74
-     *             client_secret: 13f01f4df5b01770c616e682d14d3ba23f20948cfa89b1d7
-     *             type: accounts.google.com
+     *             {
+     *               "idpMetadata": {
+     *                 "sso": {
+     *                   "postUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxxx/sso/saml",
+     *                   "redirectUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxxx/sso/saml"
+     *                 },
+     *                 "entityID": "http://www.okta.com/xxxxxxxxxxxxx",
+     *                 "thumbprint": "Eo+eUi3UM3XIMkFFtdVK3yJ5vO9f7YZdasdasdad",
+     *                 "loginType": "idp",
+     *                 "provider": "okta.com"
+     *               },
+     *               "defaultRedirectUrl": "https://hoppscotch.io/",
+     *               "redirectUrl": ["https://hoppscotch.io/"],
+     *               "tenant": "hoppscotch.io",
+     *               "product": "API Engine",
+     *               "name": "Hoppscotch-SP",
+     *               "description": "SP for hoppscotch.io",
+     *               "clientID": "Xq8AJt3yYAxmXizsCWmUBDRiVP1iTC8Y/otnvFIMitk",
+     *               "clientSecret": "00e3e11a3426f97d8000000738300009130cd45419c5943",
+     *               "certs": {
+     *                 "publicKey": "-----BEGIN CERTIFICATE-----.......-----END CERTIFICATE-----",
+     *                 "privateKey": "-----BEGIN PRIVATE KEY-----......-----END PRIVATE KEY-----"
+     *               }
+     *           }
      *       400:
      *         description: Please provide rawMetadata or encodedRawMetadata | Please provide a defaultRedirectUrl | Please provide redirectUrl | Please provide tenant | Please provide product | Please provide a friendly name | Description should not exceed 100 characters
      *       401:
      *         description: Unauthorized
      */
-    config(body: IdPConfig): Promise<OAuth>;
+    config(body: IdPConfig): Promise<any>;
     /**
      * @swagger
      *
@@ -172,31 +186,29 @@ export declare class APIController implements IAPIController {
      *           type: object
      *           example:
      *             {
-     *               "config": {
-     *                 "idpMetadata": {
-     *                   "sso": {
-     *                     "postUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxxx/sso/saml",
-     *                     "redirectUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxxx/sso/saml"
-     *                   },
-     *                   "entityID": "http://www.okta.com/xxxxxxxxxxxxx",
-     *                   "thumbprint": "Eo+eUi3UM3XIMkFFtdVK3yJ5vO9f7YZdasdasdad",
-     *                   "loginType": "idp",
-     *                   "provider": "okta.com"
+     *               "idpMetadata": {
+     *                 "sso": {
+     *                   "postUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxxx/sso/saml",
+     *                   "redirectUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxxx/sso/saml"
      *                 },
-     *                 "defaultRedirectUrl": "https://hoppscotch.io/",
-     *                 "redirectUrl": ["https://hoppscotch.io/"],
-     *                 "tenant": "hoppscotch.io",
-     *                 "product": "API Engine",
-     *                 "name": "Hoppscotch-SP",
-     *                 "description": "SP for hoppscotch.io",
-     *                 "clientID": "Xq8AJt3yYAxmXizsCWmUBDRiVP1iTC8Y/otnvFIMitk",
-     *                 "clientSecret": "00e3e11a3426f97d8000000738300009130cd45419c5943",
-     *                 "certs": {
-     *                   "publicKey": "-----BEGIN CERTIFICATE-----.......-----END CERTIFICATE-----",
-     *                   "privateKey": "-----BEGIN PRIVATE KEY-----......-----END PRIVATE KEY-----"
-     *                 }
+     *                 "entityID": "http://www.okta.com/xxxxxxxxxxxxx",
+     *                 "thumbprint": "Eo+eUi3UM3XIMkFFtdVK3yJ5vO9f7YZdasdasdad",
+     *                 "loginType": "idp",
+     *                 "provider": "okta.com"
+     *               },
+     *               "defaultRedirectUrl": "https://hoppscotch.io/",
+     *               "redirectUrl": ["https://hoppscotch.io/"],
+     *               "tenant": "hoppscotch.io",
+     *               "product": "API Engine",
+     *               "name": "Hoppscotch-SP",
+     *               "description": "SP for hoppscotch.io",
+     *               "clientID": "Xq8AJt3yYAxmXizsCWmUBDRiVP1iTC8Y/otnvFIMitk",
+     *               "clientSecret": "00e3e11a3426f97d8000000738300009130cd45419c5943",
+     *               "certs": {
+     *                 "publicKey": "-----BEGIN CERTIFICATE-----.......-----END CERTIFICATE-----",
+     *                 "privateKey": "-----BEGIN PRIVATE KEY-----......-----END PRIVATE KEY-----"
      *               }
-     *             }
+     *           }
      *       '400':
      *         description: Please provide `clientID` or `tenant` and `product`.
      *       '401':

package/dist/controller/api.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -129,17 +133,31 @@ class APIController {
      *         description: Success
      *         schema:
      *           type: object
-     *           properties:
-     *             client_id:
-     *               type: string
-     *             client_secret:
-     *               type: string
-     *             provider:
-     *               type: string
      *           example:
-     *             client_id: 8958e13053832b5af58fdf2ee83f35f5d013dc74
-     *             client_secret: 13f01f4df5b01770c616e682d14d3ba23f20948cfa89b1d7
-     *             type: accounts.google.com
+     *             {
+     *               "idpMetadata": {
+     *                 "sso": {
+     *                   "postUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxxx/sso/saml",
+     *                   "redirectUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxxx/sso/saml"
+     *                 },
+     *                 "entityID": "http://www.okta.com/xxxxxxxxxxxxx",
+     *                 "thumbprint": "Eo+eUi3UM3XIMkFFtdVK3yJ5vO9f7YZdasdasdad",
+     *                 "loginType": "idp",
+     *                 "provider": "okta.com"
+     *               },
+     *               "defaultRedirectUrl": "https://hoppscotch.io/",
+     *               "redirectUrl": ["https://hoppscotch.io/"],
+     *               "tenant": "hoppscotch.io",
+     *               "product": "API Engine",
+     *               "name": "Hoppscotch-SP",
+     *               "description": "SP for hoppscotch.io",
+     *               "clientID": "Xq8AJt3yYAxmXizsCWmUBDRiVP1iTC8Y/otnvFIMitk",
+     *               "clientSecret": "00e3e11a3426f97d8000000738300009130cd45419c5943",
+     *               "certs": {
+     *                 "publicKey": "-----BEGIN CERTIFICATE-----.......-----END CERTIFICATE-----",
+     *                 "privateKey": "-----BEGIN PRIVATE KEY-----......-----END PRIVATE KEY-----"
+     *               }
+     *           }
      *       400:
      *         description: Please provide rawMetadata or encodedRawMetadata | Please provide a defaultRedirectUrl | Please provide redirectUrl | Please provide tenant | Please provide product | Please provide a friendly name | Description should not exceed 100 characters
      *       401:
@@ -174,7 +192,7 @@ class APIController {
             if (!certs) {
                 throw new Error('Error generating x59 certs');
             }
-            yield this.configStore.put(clientID, {
+            const record = {
                 idpMetadata,
                 defaultRedirectUrl,
                 redirectUrl: JSON.parse(redirectUrl),
@@ -185,7 +203,8 @@ class APIController {
                 clientID,
                 clientSecret,
                 certs,
-            }, {
+            };
+            yield this.configStore.put(clientID, record, {
                 // secondary index on entityID
                 name: utils_1.IndexNames.EntityID,
                 value: idpMetadata.entityID,
@@ -194,11 +213,7 @@ class APIController {
                 name: utils_1.IndexNames.TenantProduct,
                 value: dbutils.keyFromParts(tenant, product),
             });
-            return {
-                client_id: clientID,
-                client_secret: clientSecret,
-                provider: idpMetadata.provider,
-            };
+            return record;
         });
     }
     /**
@@ -268,7 +283,6 @@ class APIController {
      *         description: Unauthorized
      */
     updateConfig(body) {
-        var _a;
         return __awaiter(this, void 0, void 0, function* () {
             const { encodedRawMetadata, // could be empty
             rawMetadata, // could be empty
@@ -282,7 +296,7 @@ class APIController {
             if (description && description.length > 100) {
                 throw new error_1.JacksonError('Description should not exceed 100 characters', 400);
             }
-            const _currentConfig = (_a = (yield this.getConfig(clientInfo))) === null || _a === void 0 ? void 0 : _a.config;
+            const _currentConfig = yield this.getConfig(clientInfo);
             if (_currentConfig.clientSecret !== (clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientSecret)) {
                 throw new error_1.JacksonError('clientSecret mismatch', 400);
             }
@@ -307,7 +321,8 @@ class APIController {
                     throw new error_1.JacksonError('Tenant/Product config mismatch with IdP metadata', 400);
                 }
             }
-            yield this.configStore.put(clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientID, Object.assign(Object.assign({}, _currentConfig), { name: name ? name : _currentConfig.name, description: description ? description : _currentConfig.description, idpMetadata: newMetadata ? newMetadata : _currentConfig.idpMetadata, defaultRedirectUrl: defaultRedirectUrl ? defaultRedirectUrl : _currentConfig.defaultRedirectUrl, redirectUrl: redirectUrl ? JSON.parse(redirectUrl) : _currentConfig.redirectUrl }), {
+            const record = Object.assign(Object.assign({}, _currentConfig), { name: name ? name : _currentConfig.name, description: description ? description : _currentConfig.description, idpMetadata: newMetadata ? newMetadata : _currentConfig.idpMetadata, defaultRedirectUrl: defaultRedirectUrl ? defaultRedirectUrl : _currentConfig.defaultRedirectUrl, redirectUrl: redirectUrl ? JSON.parse(redirectUrl) : _currentConfig.redirectUrl });
+            yield this.configStore.put(clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientID, record, {
                 // secondary index on entityID
                 name: utils_1.IndexNames.EntityID,
                 value: _currentConfig.idpMetadata.entityID,
@@ -347,31 +362,29 @@ class APIController {
      *           type: object
      *           example:
      *             {
-     *               "config": {
-     *                 "idpMetadata": {
-     *                   "sso": {
-     *                     "postUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxxx/sso/saml",
-     *                     "redirectUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxxx/sso/saml"
-     *                   },
-     *                   "entityID": "http://www.okta.com/xxxxxxxxxxxxx",
-     *                   "thumbprint": "Eo+eUi3UM3XIMkFFtdVK3yJ5vO9f7YZdasdasdad",
-     *                   "loginType": "idp",
-     *                   "provider": "okta.com"
+     *               "idpMetadata": {
+     *                 "sso": {
+     *                   "postUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxxx/sso/saml",
+     *                   "redirectUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxxx/sso/saml"
      *                 },
-     *                 "defaultRedirectUrl": "https://hoppscotch.io/",
-     *                 "redirectUrl": ["https://hoppscotch.io/"],
-     *                 "tenant": "hoppscotch.io",
-     *                 "product": "API Engine",
-     *                 "name": "Hoppscotch-SP",
-     *                 "description": "SP for hoppscotch.io",
-     *                 "clientID": "Xq8AJt3yYAxmXizsCWmUBDRiVP1iTC8Y/otnvFIMitk",
-     *                 "clientSecret": "00e3e11a3426f97d8000000738300009130cd45419c5943",
-     *                 "certs": {
-     *                   "publicKey": "-----BEGIN CERTIFICATE-----.......-----END CERTIFICATE-----",
-     *                   "privateKey": "-----BEGIN PRIVATE KEY-----......-----END PRIVATE KEY-----"
-     *                 }
+     *                 "entityID": "http://www.okta.com/xxxxxxxxxxxxx",
+     *                 "thumbprint": "Eo+eUi3UM3XIMkFFtdVK3yJ5vO9f7YZdasdasdad",
+     *                 "loginType": "idp",
+     *                 "provider": "okta.com"
+     *               },
+     *               "defaultRedirectUrl": "https://hoppscotch.io/",
+     *               "redirectUrl": ["https://hoppscotch.io/"],
+     *               "tenant": "hoppscotch.io",
+     *               "product": "API Engine",
+     *               "name": "Hoppscotch-SP",
+     *               "description": "SP for hoppscotch.io",
+     *               "clientID": "Xq8AJt3yYAxmXizsCWmUBDRiVP1iTC8Y/otnvFIMitk",
+     *               "clientSecret": "00e3e11a3426f97d8000000738300009130cd45419c5943",
+     *               "certs": {
+     *                 "publicKey": "-----BEGIN CERTIFICATE-----.......-----END CERTIFICATE-----",
+     *                 "privateKey": "-----BEGIN PRIVATE KEY-----......-----END PRIVATE KEY-----"
      *               }
-     *             }
+     *           }
      *       '400':
      *         description: Please provide `clientID` or `tenant` and `product`.
      *       '401':
@@ -383,7 +396,7 @@ class APIController {
             metrics.increment('getConfig');
             if (clientID) {
                 const samlConfig = yield this.configStore.get(clientID);
-                return samlConfig ? { config: samlConfig } : {};
+                return samlConfig || {};
             }
             if (tenant && product) {
                 const samlConfigs = yield this.configStore.getByIndex({
@@ -393,7 +406,7 @@ class APIController {
                 if (!samlConfigs || !samlConfigs.length) {
                     return {};
                 }
-                return { config: samlConfigs[0] };
+                return Object.assign({}, samlConfigs[0]);
             }
             throw new error_1.JacksonError('Please provide `clientID` or `tenant` and `product`.', 400);
         });

package/dist/controller/oauth.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -141,6 +145,12 @@ class OAuthController {
                 publicKey: samlConfig.certs.publicKey,
             });
             const sessionId = crypto_1.default.randomBytes(16).toString('hex');
+            const requestedParams = {
+                tenant,
+                product,
+                client_id,
+                state,
+            };
             yield this.sessionStore.put(sessionId, {
                 id: samlReq.id,
                 redirect_uri,
@@ -148,6 +158,7 @@ class OAuthController {
                 state,
                 code_challenge,
                 code_challenge_method,
+                requested: requestedParams,
             });
             const relayState = relayStatePrefix + sessionId;
             let redirectUrl;
@@ -213,6 +224,7 @@ class OAuthController {
                 profile,
                 clientID: samlConfig.clientID,
                 clientSecret: samlConfig.clientSecret,
+                requested: session === null || session === void 0 ? void 0 : session.requested,
             };
             if (session) {
                 codeVal.session = session;
@@ -228,6 +240,13 @@ class OAuthController {
                 params.state = session.state;
             }
             const redirectUrl = redirect.success((session && session.redirect_uri) || samlConfig.defaultRedirectUrl, params);
+            // delete the session
+            try {
+                yield this.sessionStore.delete(RelayState);
+            }
+            catch (_err) {
+                // ignore error
+            }
             return { redirect_url: redirectUrl };
         });
     }
@@ -333,7 +352,15 @@ class OAuthController {
             }
             // store details against a token
             const token = crypto_1.default.randomBytes(20).toString('hex');
-            yield this.tokenStore.put(token, codeVal.profile);
+            const tokenVal = Object.assign(Object.assign({}, codeVal.profile), { requested: codeVal.requested });
+            yield this.tokenStore.put(token, tokenVal);
+            // delete the code
+            try {
+                yield this.codeStore.delete(code);
+            }
+            catch (_err) {
+                // ignore error
+            }
             return {
                 access_token: token,
                 token_type: 'bearer',
@@ -377,7 +404,7 @@ class OAuthController {
             if (!rsp || !rsp.claims) {
                 throw new error_1.JacksonError('Invalid token', 403);
             }
-            return rsp.claims;
+            return Object.assign(Object.assign({}, rsp.claims), { requested: rsp.requested });
         });
     }
 }

package/dist/db/db.d.ts

@@ -4,7 +4,7 @@ declare class DB implements DatabaseDriver {
     private encryptionKey;
     constructor(db: DatabaseDriver, encryptionKey: EncryptionKey);
     get(namespace: string, key: string): Promise<unknown>;
-    getAll(namespace: any): Promise<unknown[]>;
+    getAll(namespace: any, pageOffset: any, pageLimit: any): Promise<unknown[]>;
     getByIndex(namespace: string, idx: Index): Promise<unknown[]>;
     put(namespace: string, key: string, val: unknown, ttl?: number, ...indexes: Index[]): Promise<unknown>;
     delete(namespace: string, key: string): Promise<unknown>;

package/dist/db/db.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -57,9 +61,9 @@ class DB {
             return decrypt(res, this.encryptionKey);
         });
     }
-    getAll(namespace) {
+    getAll(namespace, pageOffset, pageLimit) {
         return __awaiter(this, void 0, void 0, function* () {
-            const res = (yield this.db.getAll(namespace));
+            const res = (yield this.db.getAll(namespace, pageOffset, pageLimit));
             const encryptionKey = this.encryptionKey;
             return res.map((r) => {
                 return decrypt(r, encryptionKey);

package/dist/db/defaultDb.d.ts

@@ -0,0 +1,2 @@
+import { JacksonOption } from '../typings';
+export default function defaultDb(opts: JacksonOption): JacksonOption;

package/dist/db/defaultDb.js

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+function defaultDb(opts) {
+    opts.db = opts.db || {};
+    opts.db.engine = opts.db.engine || 'sql';
+    opts.db.url = opts.db.url || 'postgresql://postgres:postgres@localhost:5432/postgres';
+    opts.db.type = opts.db.type || 'postgres'; // Only needed if DB_ENGINE is sql.
+    opts.db.ttl = (opts.db.ttl || 300) * 1; // TTL for the code, session and token stores (in seconds)
+    opts.db.cleanupLimit = (opts.db.cleanupLimit || 1000) * 1; // Limit cleanup of TTL entries to this many items at a time
+    return opts;
+}
+exports.default = defaultDb;

package/dist/db/mem.d.ts

@@ -10,7 +10,7 @@ declare class Mem implements DatabaseDriver {
     constructor(options: DatabaseOption);
     init(): Promise<Mem>;
     get(namespace: string, key: string): Promise<any>;
-    getAll(namespace: string): Promise<unknown[]>;
+    getAll(namespace: string, pageOffset: number, pageLimit: number): Promise<unknown[]>;
     getByIndex(namespace: string, idx: Index): Promise<any>;
     put(namespace: string, key: string, val: Encrypted, ttl?: number, ...indexes: any[]): Promise<any>;
     delete(namespace: string, key: string): Promise<any>;

package/dist/db/mem.js

@@ -2,7 +2,11 @@
 // This is an in-memory implementation to be used with testing and prototyping only
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -66,19 +70,28 @@ class Mem {
             return null;
         });
     }
-    getAll(namespace) {
+    getAll(namespace, pageOffset, pageLimit) {
         return __awaiter(this, void 0, void 0, function* () {
+            const offsetAndLimitValueCheck = !dbutils.isNumeric(pageOffset) && !dbutils.isNumeric(pageLimit);
+            let take = Number(offsetAndLimitValueCheck ? this.options.pageLimit : pageLimit);
+            const skip = Number(offsetAndLimitValueCheck ? 0 : pageOffset);
+            let count = 0;
+            take += skip;
             const returnValue = [];
             if (namespace) {
                 for (const key in this.store) {
                     if (key.startsWith(namespace)) {
-                        returnValue.push(this.store[key]);
+                        if (count >= take) {
+                            break;
+                        }
+                        if (count >= skip) {
+                            returnValue.push(this.store[key]);
+                        }
+                        count++;
                     }
                 }
             }
-            if (returnValue)
-                return returnValue;
-            return [];
+            return returnValue || [];
         });
     }
     getByIndex(namespace, idx) {

package/dist/db/mongo.d.ts

@@ -7,7 +7,7 @@ declare class Mongo implements DatabaseDriver {
     constructor(options: DatabaseOption);
     init(): Promise<Mongo>;
     get(namespace: string, key: string): Promise<any>;
-    getAll(namespace: string): Promise<unknown[]>;
+    getAll(namespace: string, offset: number, limit: number): Promise<unknown[]>;
     getByIndex(namespace: string, idx: Index): Promise<any>;
     put(namespace: string, key: string, val: Encrypted, ttl?: number, ...indexes: any[]): Promise<void>;
     delete(namespace: string, key: string): Promise<any>;

package/dist/db/mongo.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -64,10 +68,12 @@ class Mongo {
             return null;
         });
     }
-    getAll(namespace) {
+    getAll(namespace, offset, limit) {
         return __awaiter(this, void 0, void 0, function* () {
             const _namespaceMatch = new RegExp(`^${namespace}:.*`);
-            const docs = yield this.collection.find({ _id: _namespaceMatch }).toArray();
+            const docs = yield this.collection
+                .find({ _id: _namespaceMatch }, { sort: { createdAt: -1 }, skip: offset, limit: limit })
+                .toArray();
             if (docs)
                 return docs.map(({ value }) => value);
             return [];

package/dist/db/redis.d.ts

@@ -5,7 +5,7 @@ declare class Redis implements DatabaseDriver {
     constructor(options: DatabaseOption);
     init(): Promise<Redis>;
     get(namespace: string, key: string): Promise<any>;
-    getAll(namespace: string): Promise<unknown[]>;
+    getAll(namespace: string, pageOffset: number, pageLimit: number): Promise<unknown[]>;
     getByIndex(namespace: string, idx: Index): Promise<any>;
     put(namespace: string, key: string, val: Encrypted, ttl?: number, ...indexes: any[]): Promise<void>;
     delete(namespace: string, key: string): Promise<any>;

package/dist/db/redis.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -27,6 +31,13 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
+var __asyncValues = (this && this.__asyncValues) || function (o) {
+    if (!Symbol.asyncIterator) throw new TypeError("Symbol.asyncIterator is not defined.");
+    var m = o[Symbol.asyncIterator], i;
+    return m ? m.call(o) : (o = typeof __values === "function" ? __values(o) : o[Symbol.iterator](), i = {}, verb("next"), verb("throw"), verb("return"), i[Symbol.asyncIterator] = function () { return this; }, i);
+    function verb(n) { i[n] = o[n] && function (v) { return new Promise(function (resolve, reject) { v = o[n](v), settle(resolve, reject, v.done, v.value); }); }; }
+    function settle(resolve, reject, d, v) { Promise.resolve(v).then(function(v) { resolve({ value: v, done: d }); }, reject); }
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 const redis = __importStar(require("redis"));
 const dbutils = __importStar(require("./utils"));
@@ -57,29 +68,54 @@ class Redis {
             return null;
         });
     }
-    getAll(namespace) {
+    getAll(namespace, pageOffset, pageLimit) {
+        var e_1, _a;
         return __awaiter(this, void 0, void 0, function* () {
-            const keys = yield this.client.sendCommand(['keys', namespace + ':*']);
+            const offsetAndLimitValueCheck = !dbutils.isNumeric(pageOffset) && !dbutils.isNumeric(pageLimit);
+            let take = Number(offsetAndLimitValueCheck ? this.options.pageLimit : pageLimit);
+            const skip = Number(offsetAndLimitValueCheck ? 0 : pageOffset);
             const returnValue = [];
-            for (let i = 0; i < keys.length; i++) {
-                try {
-                    if (this.client.get(keys[i])) {
-                        const value = yield this.client.get(keys[i]);
-                        returnValue.push(JSON.parse(value));
+            const keyArray = [];
+            let count = 0;
+            take += skip;
+            try {
+                for (var _b = __asyncValues(this.client.scanIterator({
+                    MATCH: dbutils.keyFromParts(namespace, '*'),
+                    COUNT: Math.min(take, 1000),
+                })), _c; _c = yield _b.next(), !_c.done;) {
+                    const key = _c.value;
+                    if (count >= take) {
+                        break;
                     }
+                    if (count >= skip) {
+                        keyArray.push(key);
+                    }
+                    count++;
                 }
-                catch (error) {
-                    console.error(error);
+            }
+            catch (e_1_1) { e_1 = { error: e_1_1 }; }
+            finally {
+                try {
+                    if (_c && !_c.done && (_a = _b.return)) yield _a.call(_b);
+                }
+                finally { if (e_1) throw e_1.error; }
+            }
+            if (keyArray.length > 0) {
+                const value = yield this.client.MGET(keyArray);
+                for (let i = 0; i < value.length; i++) {
+                    const valueObject = JSON.parse(value[i].toString());
+                    if (valueObject !== null && valueObject !== '') {
+                        returnValue.push(valueObject);
+                    }
                 }
             }
-            if (returnValue)
-                return returnValue;
-            return [];
+            return returnValue || [];
         });
     }
     getByIndex(namespace, idx) {
         return __awaiter(this, void 0, void 0, function* () {
-            const dbKeys = yield this.client.sMembers(dbutils.keyForIndex(namespace, idx));
+            const idxKey = dbutils.keyForIndex(namespace, idx);
+            const dbKeys = yield this.client.sMembers(dbutils.keyFromParts(dbutils.indexPrefix, idxKey));
             const ret = [];
             for (const dbKey of dbKeys || []) {
                 ret.push(yield this.get(namespace, dbKey));
@@ -98,7 +134,7 @@ class Redis {
             // no ttl support for secondary indexes
             for (const idx of indexes || []) {
                 const idxKey = dbutils.keyForIndex(namespace, idx);
-                tx = tx.sAdd(idxKey, key);
+                tx = tx.sAdd(dbutils.keyFromParts(dbutils.indexPrefix, idxKey), key);
                 tx = tx.sAdd(dbutils.keyFromParts(dbutils.indexPrefix, k), idxKey);
             }
             yield tx.exec();
@@ -113,7 +149,7 @@ class Redis {
             // delete secondary indexes and then the mapping of the seconary indexes
             const dbKeys = yield this.client.sMembers(idxKey);
             for (const dbKey of dbKeys || []) {
-                tx.sRem(dbKey, key);
+                tx.sRem(dbutils.keyFromParts(dbutils.indexPrefix, dbKey), key);
             }
             tx.del(idxKey);
             return yield tx.exec();

package/dist/db/sql/sql.d.ts

@@ -10,7 +10,7 @@ declare class Sql implements DatabaseDriver {
     constructor(options: DatabaseOption);
     init(): Promise<Sql>;
     get(namespace: string, key: string): Promise<any>;
-    getAll(namespace: string): Promise<unknown[]>;
+    getAll(namespace: string, pageOffset: number, pageLimit: number): Promise<unknown[]>;
     getByIndex(namespace: string, idx: Index): Promise<any>;
     put(namespace: string, key: string, val: Encrypted, ttl?: number, ...indexes: any[]): Promise<void>;
     delete(namespace: string, key: string): Promise<any>;

package/dist/db/sql/sql.js

@@ -2,7 +2,11 @@
 /*eslint no-constant-condition: ["error", { "checkLoops": false }]*/
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -108,8 +112,9 @@ class Sql {
             return null;
         });
     }
-    getAll(namespace) {
+    getAll(namespace, pageOffset, pageLimit) {
         return __awaiter(this, void 0, void 0, function* () {
+            const offsetAndLimitValueCheck = !dbutils.isNumeric(pageOffset) && !dbutils.isNumeric(pageLimit);
             const response = yield this.storeRepository.find({
                 where: { key: (0, typeorm_1.Like)(`%${namespace}%`) },
                 select: ['value', 'iv', 'tag'],
@@ -117,6 +122,8 @@ class Sql {
                     ['createdAt']: 'DESC',
                     // ['createdAt']: 'ASC',
                 },
+                take: offsetAndLimitValueCheck ? this.options.pageLimit : pageLimit,
+                skip: offsetAndLimitValueCheck ? 0 : pageOffset,
             });
             const returnValue = JSON.parse(JSON.stringify(response));
             if (returnValue)
@@ -178,8 +185,10 @@ class Sql {
     }
     delete(namespace, key) {
         return __awaiter(this, void 0, void 0, function* () {
+            const dbKey = dbutils.key(namespace, key);
+            yield this.ttlRepository.remove({ key: dbKey });
             return yield this.storeRepository.remove({
-                key: dbutils.key(namespace, key),
+                key: dbKey,
             });
         });
     }

package/dist/db/store.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -40,9 +44,9 @@ class Store {
             return yield this.db.get(this.namespace, dbutils.keyDigest(key));
         });
     }
-    getAll() {
+    getAll(pageOffset, pageLimit) {
         return __awaiter(this, void 0, void 0, function* () {
-            return yield this.db.getAll(this.namespace);
+            return yield this.db.getAll(this.namespace, pageOffset, pageLimit);
         });
     }
     getByIndex(idx) {

package/dist/db/utils.d.ts

@@ -4,4 +4,5 @@ export declare const keyForIndex: (namespace: string, idx: Index) => string;
 export declare const keyDigest: (k: string) => string;
 export declare const keyFromParts: (...parts: string[]) => string;
 export declare const sleep: (ms: number) => Promise<void>;
+export declare function isNumeric(num: any): boolean;
 export declare const indexPrefix = "_index";

package/dist/db/utils.js

@@ -3,7 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.indexPrefix = exports.sleep = exports.keyFromParts = exports.keyDigest = exports.keyForIndex = exports.key = void 0;
+exports.indexPrefix = exports.isNumeric = exports.sleep = exports.keyFromParts = exports.keyDigest = exports.keyForIndex = exports.key = void 0;
 const ripemd160_1 = __importDefault(require("ripemd160"));
 const key = (namespace, k) => {
     return namespace + ':' + k;
@@ -26,4 +26,8 @@ const sleep = (ms) => {
     return new Promise((resolve) => setTimeout(resolve, ms));
 };
 exports.sleep = sleep;
+function isNumeric(num) {
+    return !isNaN(num);
+}
+exports.isNumeric = isNumeric;
 exports.indexPrefix = '_index';

package/dist/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -28,6 +32,7 @@ const oauth_1 = require("./controller/oauth");
 const admin_1 = require("./controller/admin");
 const db_1 = __importDefault(require("./db/db"));
 const read_config_1 = __importDefault(require("./read-config"));
+const defaultDb_1 = __importDefault(require("./db/defaultDb"));
 const defaultOpts = (opts) => {
     const newOpts = Object.assign({}, opts);
     if (!newOpts.externalUrl) {
@@ -39,13 +44,9 @@ const defaultOpts = (opts) => {
     newOpts.samlAudience = newOpts.samlAudience || 'https://saml.boxyhq.com';
     newOpts.preLoadedConfig = newOpts.preLoadedConfig || ''; // path to folder containing static SAML config that will be preloaded. This is useful for self-hosted deployments that only have to support a single tenant (or small number of known tenants).
     newOpts.idpEnabled = newOpts.idpEnabled === true;
-    newOpts.db = newOpts.db || {};
-    newOpts.db.engine = newOpts.db.engine || 'sql';
-    newOpts.db.url = newOpts.db.url || 'postgresql://postgres:postgres@localhost:5432/postgres';
-    newOpts.db.type = newOpts.db.type || 'postgres'; // Only needed if DB_ENGINE is sql.
-    newOpts.db.ttl = (newOpts.db.ttl || 300) * 1; // TTL for the code, session and token stores (in seconds)
-    newOpts.db.cleanupLimit = (newOpts.db.cleanupLimit || 1000) * 1; // Limit cleanup of TTL entries to this many items at a time
+    (0, defaultDb_1.default)(newOpts);
     newOpts.clientSecretVerifier = newOpts.clientSecretVerifier || 'dummy';
+    newOpts.db.pageLimit = newOpts.db.pageLimit || 50;
     return newOpts;
 };
 const controllers = (opts) => __awaiter(void 0, void 0, void 0, function* () {

package/dist/read-config.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/dist/saml/saml.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/dist/saml/x509.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/dist/typings.d.ts

@@ -8,14 +8,9 @@ export declare type IdPConfig = {
     rawMetadata?: string;
     encodedRawMetadata?: string;
 };
-export interface OAuth {
-    client_id: string;
-    client_secret: string;
-    provider: string;
-}
 export interface IAPIController {
-    config(body: IdPConfig): Promise<OAuth>;
-    updateConfig(body: any): Promise<void>;
+    config(body: IdPConfig): Promise<any>;
+    updateConfig(body: any): Promise<any>;
     getConfig(body: {
         clientID?: string;
         tenant?: string;
@@ -40,7 +35,7 @@ export interface IOAuthController {
     userInfo(token: string): Promise<Profile>;
 }
 export interface IAdminController {
-    getAllConfig(): any;
+    getAllConfig(pageOffset?: number, pageLimit?: number): any;
 }
 export interface OAuthReqBody {
     response_type: 'code';
@@ -80,14 +75,14 @@ export interface Index {
     value: string;
 }
 export interface DatabaseDriver {
-    getAll(namespace: string): Promise<unknown[]>;
+    getAll(namespace: string, pageOffset?: number, pageLimit?: number): Promise<unknown[]>;
     get(namespace: string, key: string): Promise<any>;
     put(namespace: string, key: string, val: any, ttl: number, ...indexes: Index[]): Promise<any>;
     delete(namespace: string, key: string): Promise<any>;
     getByIndex(namespace: string, idx: Index): Promise<any>;
 }
 export interface Storable {
-    getAll(): Promise<unknown[]>;
+    getAll(pageOffset?: number, pageLimit?: number): Promise<unknown[]>;
     get(key: string): Promise<any>;
     put(key: string, val: any, ...indexes: Index[]): Promise<any>;
     delete(key: string): Promise<any>;
@@ -108,6 +103,7 @@ export interface DatabaseOption {
     ttl?: number;
     cleanupLimit?: number;
     encryptionKey?: string;
+    pageLimit?: number;
 }
 export interface SAMLReq {
     ssoUrl?: string;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@boxyhq/saml-jackson",
-  "version": "0.4.2",
+  "version": "0.5.1",
   "description": "SAML Jackson library",
   "keywords": [
     "SAML 2.0"
@@ -38,38 +38,38 @@
   "dependencies": {
     "@boxyhq/saml20": "0.2.0",
     "@opentelemetry/api-metrics": "0.27.0",
-    "@peculiar/webcrypto": "1.2.3",
+    "@peculiar/webcrypto": "1.3.2",
     "@peculiar/x509": "1.6.1",
-    "mongodb": "4.3.1",
+    "mongodb": "4.4.1",
     "mysql2": "2.3.3",
     "pg": "8.7.3",
-    "rambda": "7.0.2",
-    "redis": "4.0.3",
+    "rambda": "7.0.3",
+    "redis": "4.0.4",
     "reflect-metadata": "0.1.13",
     "ripemd160": "2.0.2",
     "thumbprint": "0.0.1",
-    "typeorm": "0.2.41",
+    "typeorm": "0.2.45",
     "xml-crypto": "2.1.3",
     "xml2js": "0.4.23",
     "xmlbuilder": "15.1.1"
   },
   "devDependencies": {
-    "@types/node": "17.0.17",
+    "@types/node": "17.0.21",
     "@types/sinon": "10.0.11",
-    "@types/tap": "15.0.5",
-    "@typescript-eslint/eslint-plugin": "5.11.0",
-    "@typescript-eslint/parser": "5.11.0",
+    "@types/tap": "15.0.6",
+    "@typescript-eslint/eslint-plugin": "5.15.0",
+    "@typescript-eslint/parser": "5.15.0",
     "cross-env": "7.0.3",
-    "eslint": "8.9.0",
-    "eslint-config-prettier": "8.3.0",
-    "prettier": "2.5.1",
+    "eslint": "8.11.0",
+    "eslint-config-prettier": "8.5.0",
+    "prettier": "2.6.0",
     "sinon": "13.0.1",
-    "tap": "15.1.6",
-    "ts-node": "10.5.0",
-    "tsconfig-paths": "3.12.0",
-    "typescript": "4.5.5"
+    "tap": "16.0.0",
+    "ts-node": "10.7.0",
+    "tsconfig-paths": "3.14.0",
+    "typescript": "4.6.2"
   },
   "engines": {
-    "node": ">=14.x"
+    "node": ">=14.18.1 <=16.x"
   }
 }