@boxyhq/saml-jackson 1.3.0 → 1.3.1
Sign up to get free protection for your applications and to get access to all the features.
- package/dist/controller/api.d.ts +21 -9
- package/dist/controller/api.js +21 -6
- package/dist/controller/connection/oidc.d.ts +2 -11
- package/dist/controller/connection/saml.d.ts +2 -7
- package/dist/controller/connection/saml.js +9 -3
- package/dist/controller/oauth.js +14 -3
- package/dist/controller/oidc-discovery.js +2 -1
- package/dist/index.js +1 -4
- package/dist/typings.d.ts +55 -10
- package/package.json +10 -10
package/dist/controller/api.d.ts
CHANGED
@@ -1,8 +1,10 @@
|
|
1
|
-
import { GetConfigQuery, GetConnectionsQuery, DelConnectionsQuery, IConnectionAPIController, SAMLSSOConnectionWithEncodedMetadata, SAMLSSOConnectionWithRawMetadata, OIDCSSOConnection } from '../typings';
|
1
|
+
import { GetConfigQuery, GetConnectionsQuery, DelConnectionsQuery, IConnectionAPIController, SAMLSSOConnectionWithEncodedMetadata, SAMLSSOConnectionWithRawMetadata, OIDCSSOConnection, SAMLSSORecord, OIDCSSORecord } from '../typings';
|
2
2
|
export declare class ConnectionAPIController implements IConnectionAPIController {
|
3
3
|
private connectionStore;
|
4
|
-
|
4
|
+
private opts;
|
5
|
+
constructor({ connectionStore, opts }: {
|
5
6
|
connectionStore: any;
|
7
|
+
opts: any;
|
6
8
|
});
|
7
9
|
/**
|
8
10
|
* @swagger
|
@@ -126,6 +128,8 @@ export declare class ConnectionAPIController implements IConnectionAPIController
|
|
126
128
|
* $ref: '#/definitions/validationErrorsPost'
|
127
129
|
* 401:
|
128
130
|
* description: Unauthorized
|
131
|
+
* 500:
|
132
|
+
* description: Please set OpenID response handler path (oidcPath) on Jackson
|
129
133
|
* /api/v1/connections:
|
130
134
|
* post:
|
131
135
|
* summary: Create SSO connection
|
@@ -158,9 +162,9 @@ export declare class ConnectionAPIController implements IConnectionAPIController
|
|
158
162
|
* 401:
|
159
163
|
* description: Unauthorized
|
160
164
|
*/
|
161
|
-
createSAMLConnection(body: SAMLSSOConnectionWithEncodedMetadata | SAMLSSOConnectionWithRawMetadata): Promise<
|
162
|
-
config(...args: Parameters<ConnectionAPIController['createSAMLConnection']>): Promise<
|
163
|
-
createOIDCConnection(body: OIDCSSOConnection): Promise<
|
165
|
+
createSAMLConnection(body: SAMLSSOConnectionWithEncodedMetadata | SAMLSSOConnectionWithRawMetadata): Promise<SAMLSSORecord>;
|
166
|
+
config(...args: Parameters<ConnectionAPIController['createSAMLConnection']>): Promise<SAMLSSORecord>;
|
167
|
+
createOIDCConnection(body: OIDCSSOConnection): Promise<OIDCSSORecord>;
|
164
168
|
/**
|
165
169
|
* @swagger
|
166
170
|
* definitions:
|
@@ -292,12 +296,14 @@ export declare class ConnectionAPIController implements IConnectionAPIController
|
|
292
296
|
* $ref: '#/definitions/validationErrorsPatch'
|
293
297
|
* 401:
|
294
298
|
* description: Unauthorized
|
299
|
+
* 500:
|
300
|
+
* description: Please set OpenID response handler path (oidcPath) on Jackson
|
295
301
|
*/
|
296
302
|
updateSAMLConnection(body: (SAMLSSOConnectionWithEncodedMetadata | SAMLSSOConnectionWithRawMetadata) & {
|
297
303
|
clientID: string;
|
298
304
|
clientSecret: string;
|
299
305
|
}): Promise<void>;
|
300
|
-
updateConfig(...args: Parameters<ConnectionAPIController['updateSAMLConnection']>): Promise<
|
306
|
+
updateConfig(...args: Parameters<ConnectionAPIController['updateSAMLConnection']>): Promise<void>;
|
301
307
|
updateOIDCConnection(body: OIDCSSOConnection & {
|
302
308
|
clientID: string;
|
303
309
|
clientSecret: string;
|
@@ -320,6 +326,11 @@ export declare class ConnectionAPIController implements IConnectionAPIController
|
|
320
326
|
* name: clientID
|
321
327
|
* type: string
|
322
328
|
* description: Client ID
|
329
|
+
* strategyParamGet:
|
330
|
+
* in: query
|
331
|
+
* name: strategy
|
332
|
+
* type: string
|
333
|
+
* description: Strategy which can help to filter connections with tenant/product query
|
323
334
|
* definitions:
|
324
335
|
* Connection:
|
325
336
|
* type: object
|
@@ -375,6 +386,7 @@ export declare class ConnectionAPIController implements IConnectionAPIController
|
|
375
386
|
* - $ref: '#/parameters/tenantParamGet'
|
376
387
|
* - $ref: '#/parameters/productParamGet'
|
377
388
|
* - $ref: '#/parameters/clientIDParamGet'
|
389
|
+
* - $ref: '#/parameters/strategyParamGet'
|
378
390
|
* operationId: get-connections
|
379
391
|
* tags: [Connections]
|
380
392
|
* responses:
|
@@ -385,7 +397,7 @@ export declare class ConnectionAPIController implements IConnectionAPIController
|
|
385
397
|
* '401':
|
386
398
|
* $ref: '#/responses/401Get'
|
387
399
|
*/
|
388
|
-
getConnections(body: GetConnectionsQuery): Promise<Array<
|
400
|
+
getConnections(body: GetConnectionsQuery): Promise<Array<SAMLSSORecord | OIDCSSORecord>>;
|
389
401
|
/**
|
390
402
|
* @swagger
|
391
403
|
* /api/v1/saml/config:
|
@@ -433,7 +445,7 @@ export declare class ConnectionAPIController implements IConnectionAPIController
|
|
433
445
|
* '401':
|
434
446
|
* $ref: '#/responses/401Get'
|
435
447
|
*/
|
436
|
-
getConfig(body: GetConfigQuery): Promise<
|
448
|
+
getConfig(body: GetConfigQuery): Promise<SAMLSSORecord | Record<string, never>>;
|
437
449
|
/**
|
438
450
|
* @swagger
|
439
451
|
* parameters:
|
@@ -461,7 +473,7 @@ export declare class ConnectionAPIController implements IConnectionAPIController
|
|
461
473
|
* name: strategy
|
462
474
|
* in: formData
|
463
475
|
* type: string
|
464
|
-
* description: Strategy
|
476
|
+
* description: Strategy which can help to filter connections with tenant/product query
|
465
477
|
* /api/v1/connections:
|
466
478
|
* delete:
|
467
479
|
* parameters:
|
package/dist/controller/api.js
CHANGED
@@ -43,8 +43,9 @@ const utils_1 = require("./utils");
|
|
43
43
|
const oidc_1 = __importDefault(require("./connection/oidc"));
|
44
44
|
const saml_1 = __importDefault(require("./connection/saml"));
|
45
45
|
class ConnectionAPIController {
|
46
|
-
constructor({ connectionStore }) {
|
46
|
+
constructor({ connectionStore, opts }) {
|
47
47
|
this.connectionStore = connectionStore;
|
48
|
+
this.opts = opts;
|
48
49
|
}
|
49
50
|
/**
|
50
51
|
* @swagger
|
@@ -168,6 +169,8 @@ class ConnectionAPIController {
|
|
168
169
|
* $ref: '#/definitions/validationErrorsPost'
|
169
170
|
* 401:
|
170
171
|
* description: Unauthorized
|
172
|
+
* 500:
|
173
|
+
* description: Please set OpenID response handler path (oidcPath) on Jackson
|
171
174
|
* /api/v1/connections:
|
172
175
|
* post:
|
173
176
|
* summary: Create SSO connection
|
@@ -203,8 +206,7 @@ class ConnectionAPIController {
|
|
203
206
|
createSAMLConnection(body) {
|
204
207
|
return __awaiter(this, void 0, void 0, function* () {
|
205
208
|
metrics.increment('createConnection');
|
206
|
-
|
207
|
-
return record;
|
209
|
+
return yield saml_1.default.create(body, this.connectionStore);
|
208
210
|
});
|
209
211
|
}
|
210
212
|
// For backwards compatibility
|
@@ -216,8 +218,10 @@ class ConnectionAPIController {
|
|
216
218
|
createOIDCConnection(body) {
|
217
219
|
return __awaiter(this, void 0, void 0, function* () {
|
218
220
|
metrics.increment('createConnection');
|
219
|
-
|
220
|
-
|
221
|
+
if (!this.opts.oidcPath) {
|
222
|
+
throw new error_1.JacksonError('Please set OpenID response handler path (oidcPath) on Jackson', 500);
|
223
|
+
}
|
224
|
+
return yield oidc_1.default.create(body, this.connectionStore);
|
221
225
|
});
|
222
226
|
}
|
223
227
|
/**
|
@@ -351,6 +355,8 @@ class ConnectionAPIController {
|
|
351
355
|
* $ref: '#/definitions/validationErrorsPatch'
|
352
356
|
* 401:
|
353
357
|
* description: Unauthorized
|
358
|
+
* 500:
|
359
|
+
* description: Please set OpenID response handler path (oidcPath) on Jackson
|
354
360
|
*/
|
355
361
|
updateSAMLConnection(body) {
|
356
362
|
return __awaiter(this, void 0, void 0, function* () {
|
@@ -365,6 +371,9 @@ class ConnectionAPIController {
|
|
365
371
|
}
|
366
372
|
updateOIDCConnection(body) {
|
367
373
|
return __awaiter(this, void 0, void 0, function* () {
|
374
|
+
if (!this.opts.oidcPath) {
|
375
|
+
throw new error_1.JacksonError('Please set OpenID response handler path (oidcPath) on Jackson', 500);
|
376
|
+
}
|
368
377
|
yield oidc_1.default.update(body, this.connectionStore, this.getConnections.bind(this));
|
369
378
|
});
|
370
379
|
}
|
@@ -386,6 +395,11 @@ class ConnectionAPIController {
|
|
386
395
|
* name: clientID
|
387
396
|
* type: string
|
388
397
|
* description: Client ID
|
398
|
+
* strategyParamGet:
|
399
|
+
* in: query
|
400
|
+
* name: strategy
|
401
|
+
* type: string
|
402
|
+
* description: Strategy which can help to filter connections with tenant/product query
|
389
403
|
* definitions:
|
390
404
|
* Connection:
|
391
405
|
* type: object
|
@@ -441,6 +455,7 @@ class ConnectionAPIController {
|
|
441
455
|
* - $ref: '#/parameters/tenantParamGet'
|
442
456
|
* - $ref: '#/parameters/productParamGet'
|
443
457
|
* - $ref: '#/parameters/clientIDParamGet'
|
458
|
+
* - $ref: '#/parameters/strategyParamGet'
|
444
459
|
* operationId: get-connections
|
445
460
|
* tags: [Connections]
|
446
461
|
* responses:
|
@@ -594,7 +609,7 @@ class ConnectionAPIController {
|
|
594
609
|
* name: strategy
|
595
610
|
* in: formData
|
596
611
|
* type: string
|
597
|
-
* description: Strategy
|
612
|
+
* description: Strategy which can help to filter connections with tenant/product query
|
598
613
|
* /api/v1/connections:
|
599
614
|
* delete:
|
600
615
|
* parameters:
|
@@ -1,15 +1,6 @@
|
|
1
|
-
import { IConnectionAPIController, OIDCSSOConnection, Storable } from '../../typings';
|
1
|
+
import { IConnectionAPIController, OIDCSSOConnection, OIDCSSORecord, Storable } from '../../typings';
|
2
2
|
declare const oidc: {
|
3
|
-
create: (body: OIDCSSOConnection, connectionStore: Storable) => Promise<
|
4
|
-
clientID: string;
|
5
|
-
clientSecret: string;
|
6
|
-
oidcProvider?: {
|
7
|
-
provider?: string | undefined;
|
8
|
-
discoveryUrl?: string | undefined;
|
9
|
-
clientId?: string | undefined;
|
10
|
-
clientSecret?: string | undefined;
|
11
|
-
} | undefined;
|
12
|
-
}>;
|
3
|
+
create: (body: OIDCSSOConnection, connectionStore: Storable) => Promise<OIDCSSORecord>;
|
13
4
|
update: (body: OIDCSSOConnection & {
|
14
5
|
clientID: string;
|
15
6
|
clientSecret: string;
|
@@ -1,11 +1,6 @@
|
|
1
|
-
import { IConnectionAPIController,
|
1
|
+
import { IConnectionAPIController, SAMLSSOConnectionWithEncodedMetadata, SAMLSSOConnectionWithRawMetadata, SAMLSSORecord, Storable } from '../../typings';
|
2
2
|
declare const saml: {
|
3
|
-
create: (body: SAMLSSOConnectionWithRawMetadata | SAMLSSOConnectionWithEncodedMetadata, connectionStore: Storable) => Promise<
|
4
|
-
clientID: string;
|
5
|
-
clientSecret: string;
|
6
|
-
idpMetadata?: Record<string, any> | undefined;
|
7
|
-
certs?: Record<"publicKey" | "privateKey", string> | undefined;
|
8
|
-
}>;
|
3
|
+
create: (body: SAMLSSOConnectionWithRawMetadata | SAMLSSOConnectionWithEncodedMetadata, connectionStore: Storable) => Promise<SAMLSSORecord>;
|
9
4
|
update: (body: (SAMLSSOConnectionWithRawMetadata | SAMLSSOConnectionWithEncodedMetadata) & {
|
10
5
|
clientID: string;
|
11
6
|
clientSecret: string;
|
@@ -75,17 +75,20 @@ const saml = {
|
|
75
75
|
if (encodedRawMetadata) {
|
76
76
|
metaData = Buffer.from(encodedRawMetadata, 'base64').toString();
|
77
77
|
}
|
78
|
-
const idpMetadata = yield saml20_1.default.parseMetadata(metaData, {});
|
78
|
+
const idpMetadata = (yield saml20_1.default.parseMetadata(metaData, {}));
|
79
|
+
if (!idpMetadata.entityID) {
|
80
|
+
throw new error_1.JacksonError("Couldn't parse EntityID from SAML metadata", 400);
|
81
|
+
}
|
79
82
|
// extract provider
|
80
83
|
let providerName = (0, utils_1.extractHostName)(idpMetadata.entityID);
|
81
84
|
if (!providerName) {
|
82
|
-
providerName = (0, utils_1.extractHostName)(idpMetadata.sso.redirectUrl || idpMetadata.sso.postUrl);
|
85
|
+
providerName = (0, utils_1.extractHostName)(idpMetadata.sso.redirectUrl || idpMetadata.sso.postUrl || '');
|
83
86
|
}
|
84
87
|
idpMetadata.provider = providerName ? providerName : 'Unknown';
|
85
88
|
record.clientID = dbutils.keyDigest(dbutils.keyFromParts(tenant, product, idpMetadata.entityID));
|
86
89
|
const certs = yield x509_1.default.generate();
|
87
90
|
if (!certs) {
|
88
|
-
throw new
|
91
|
+
throw new error_1.JacksonError('Error generating x509 certs');
|
89
92
|
}
|
90
93
|
record.idpMetadata = idpMetadata;
|
91
94
|
record.certs = certs;
|
@@ -139,6 +142,9 @@ const saml = {
|
|
139
142
|
let newMetadata;
|
140
143
|
if (metaData) {
|
141
144
|
newMetadata = yield saml20_1.default.parseMetadata(metaData, {});
|
145
|
+
if (!newMetadata.entityID) {
|
146
|
+
throw new error_1.JacksonError("Couldn't parse EntityID from SAML metadata", 400);
|
147
|
+
}
|
142
148
|
// extract provider
|
143
149
|
let providerName = (0, utils_1.extractHostName)(newMetadata.entityID);
|
144
150
|
if (!providerName) {
|
package/dist/controller/oauth.js
CHANGED
@@ -139,6 +139,7 @@ class OAuthController {
|
|
139
139
|
return {};
|
140
140
|
}
|
141
141
|
authorize(body) {
|
142
|
+
var _a;
|
142
143
|
return __awaiter(this, void 0, void 0, function* () {
|
143
144
|
const { response_type = 'code', client_id, redirect_uri, state, scope, nonce, code_challenge, code_challenge_method = '', idp_hint, prompt, } = body;
|
144
145
|
const tenant = 'tenant' in body ? body.tenant : undefined;
|
@@ -251,7 +252,7 @@ class OAuthController {
|
|
251
252
|
throw new error_1.JacksonError('Redirect URL is not allowed.', 403);
|
252
253
|
}
|
253
254
|
if (requestedOIDCFlow &&
|
254
|
-
(!this.opts.openid.jwtSigningKeys || !(0, utils_1.isJWSKeyPairLoaded)(this.opts.openid.jwtSigningKeys))) {
|
255
|
+
(!((_a = this.opts.openid) === null || _a === void 0 ? void 0 : _a.jwtSigningKeys) || !(0, utils_1.isJWSKeyPairLoaded)(this.opts.openid.jwtSigningKeys))) {
|
255
256
|
return {
|
256
257
|
redirect_url: (0, utils_1.OAuthErrorResponse)({
|
257
258
|
error: 'server_error',
|
@@ -358,6 +359,16 @@ class OAuthController {
|
|
358
359
|
// OIDC Connection: Issuer discovery, openid-client init and extraction of authorization endpoint happens here
|
359
360
|
let oidcCodeVerifier;
|
360
361
|
if (connectionIsOIDC) {
|
362
|
+
if (!this.opts.oidcPath) {
|
363
|
+
return {
|
364
|
+
redirect_url: (0, utils_1.OAuthErrorResponse)({
|
365
|
+
error: 'server_error',
|
366
|
+
error_description: 'OpenID response handler path (oidcPath) is not set',
|
367
|
+
redirect_uri,
|
368
|
+
state,
|
369
|
+
}),
|
370
|
+
};
|
371
|
+
}
|
361
372
|
const { discoveryUrl, clientId, clientSecret } = connection.oidcProvider;
|
362
373
|
try {
|
363
374
|
const oidcIssuer = yield openid_client_1.Issuer.discover(discoveryUrl);
|
@@ -784,7 +795,7 @@ class OAuthController {
|
|
784
795
|
* expires_in: 300
|
785
796
|
*/
|
786
797
|
token(body) {
|
787
|
-
var _a, _b, _c, _d, _e;
|
798
|
+
var _a, _b, _c, _d, _e, _f;
|
788
799
|
return __awaiter(this, void 0, void 0, function* () {
|
789
800
|
const { code, grant_type = 'authorization_code', redirect_uri } = body;
|
790
801
|
const client_id = 'client_id' in body ? body.client_id : undefined;
|
@@ -851,7 +862,7 @@ class OAuthController {
|
|
851
862
|
const requestedOIDCFlow = !!((_d = codeVal.requested) === null || _d === void 0 ? void 0 : _d.oidc);
|
852
863
|
const requestHasNonce = !!((_e = codeVal.requested) === null || _e === void 0 ? void 0 : _e.nonce);
|
853
864
|
if (requestedOIDCFlow) {
|
854
|
-
const { jwtSigningKeys, jwsAlg } = this.opts.openid;
|
865
|
+
const { jwtSigningKeys, jwsAlg } = (_f = this.opts.openid) !== null && _f !== void 0 ? _f : {};
|
855
866
|
if (!jwtSigningKeys || !(0, utils_1.isJWSKeyPairLoaded)(jwtSigningKeys)) {
|
856
867
|
throw new error_1.JacksonError('JWT signing keys are not loaded', 500);
|
857
868
|
}
|
@@ -31,8 +31,9 @@ class OidcDiscoveryController {
|
|
31
31
|
};
|
32
32
|
}
|
33
33
|
jwks() {
|
34
|
+
var _a;
|
34
35
|
return __awaiter(this, void 0, void 0, function* () {
|
35
|
-
const { jwtSigningKeys, jwsAlg } = this.opts.openid;
|
36
|
+
const { jwtSigningKeys, jwsAlg } = (_a = this.opts.openid) !== null && _a !== void 0 ? _a : {};
|
36
37
|
if (!jwtSigningKeys || !(0, utils_1.isJWSKeyPairLoaded)(jwtSigningKeys)) {
|
37
38
|
throw new error_1.JacksonError('JWT signing keys are not loaded', 501);
|
38
39
|
}
|
package/dist/index.js
CHANGED
@@ -47,9 +47,6 @@ const defaultOpts = (opts) => {
|
|
47
47
|
throw new Error('samlPath is required');
|
48
48
|
}
|
49
49
|
newOpts.scimPath = newOpts.scimPath || '/api/scim/v2.0';
|
50
|
-
if (!newOpts.oidcPath) {
|
51
|
-
throw new Error('oidcPath is required');
|
52
|
-
}
|
53
50
|
newOpts.samlAudience = newOpts.samlAudience || 'https://saml.boxyhq.com';
|
54
51
|
// path to folder containing static IdP connections that will be preloaded. This is useful for self-hosted deployments that only have to support a single tenant (or small number of known tenants).
|
55
52
|
newOpts.preLoadedConnection = newOpts.preLoadedConnection || '';
|
@@ -70,7 +67,7 @@ const controllers = (opts) => __awaiter(void 0, void 0, void 0, function* () {
|
|
70
67
|
const codeStore = db.store('oauth:code', opts.db.ttl);
|
71
68
|
const tokenStore = db.store('oauth:token', opts.db.ttl);
|
72
69
|
const healthCheckStore = db.store('_health:check');
|
73
|
-
const connectionAPIController = new api_1.ConnectionAPIController({ connectionStore });
|
70
|
+
const connectionAPIController = new api_1.ConnectionAPIController({ connectionStore, opts });
|
74
71
|
const adminController = new admin_1.AdminController({ connectionStore });
|
75
72
|
const healthCheckController = new health_check_1.HealthCheckController({ healthCheckStore });
|
76
73
|
yield healthCheckController.init();
|
package/dist/typings.d.ts
CHANGED
@@ -23,6 +23,39 @@ export interface OIDCSSOConnection extends SSOConnection {
|
|
23
23
|
oidcClientId: string;
|
24
24
|
oidcClientSecret: string;
|
25
25
|
}
|
26
|
+
export interface SAMLSSORecord extends SAMLSSOConnection {
|
27
|
+
clientID: string;
|
28
|
+
clientSecret: string;
|
29
|
+
idpMetadata: {
|
30
|
+
entityID: string;
|
31
|
+
loginType?: string;
|
32
|
+
provider: string | 'Unknown';
|
33
|
+
slo: {
|
34
|
+
postUrl?: string;
|
35
|
+
redirectUrl?: string;
|
36
|
+
};
|
37
|
+
sso: {
|
38
|
+
postUrl?: string;
|
39
|
+
redirectUrl?: string;
|
40
|
+
};
|
41
|
+
thumbprint?: string;
|
42
|
+
validTo?: string;
|
43
|
+
};
|
44
|
+
certs: {
|
45
|
+
privateKey: string;
|
46
|
+
publicKey: string;
|
47
|
+
};
|
48
|
+
}
|
49
|
+
export interface OIDCSSORecord extends SSOConnection {
|
50
|
+
clientID: string;
|
51
|
+
clientSecret: string;
|
52
|
+
oidcProvider: {
|
53
|
+
provider?: string;
|
54
|
+
discoveryUrl?: string;
|
55
|
+
clientId?: string;
|
56
|
+
clientSecret?: string;
|
57
|
+
};
|
58
|
+
}
|
26
59
|
export declare type ConnectionType = 'saml' | 'oidc';
|
27
60
|
declare type ClientIDQuery = {
|
28
61
|
clientID: string;
|
@@ -41,24 +74,36 @@ export declare type DelConfigQuery = (ClientIDQuery & {
|
|
41
74
|
clientSecret: string;
|
42
75
|
}) | Omit<TenantQuery, 'strategy'>;
|
43
76
|
export interface IConnectionAPIController {
|
44
|
-
|
45
|
-
|
46
|
-
|
77
|
+
/**
|
78
|
+
* @deprecated Use `createSAMLConnection` instead.
|
79
|
+
*/
|
80
|
+
config(body: SAMLSSOConnection): Promise<SAMLSSORecord>;
|
81
|
+
createSAMLConnection(body: SAMLSSOConnectionWithRawMetadata | SAMLSSOConnectionWithEncodedMetadata): Promise<SAMLSSORecord>;
|
82
|
+
createOIDCConnection(body: OIDCSSOConnection): Promise<OIDCSSORecord>;
|
83
|
+
/**
|
84
|
+
* @deprecated Use `updateSAMLConnection` instead.
|
85
|
+
*/
|
47
86
|
updateConfig(body: SAMLSSOConnection & {
|
48
87
|
clientID: string;
|
49
88
|
clientSecret: string;
|
50
|
-
}): Promise<
|
89
|
+
}): Promise<void>;
|
51
90
|
updateSAMLConnection(body: (SAMLSSOConnectionWithRawMetadata | SAMLSSOConnectionWithEncodedMetadata) & {
|
52
91
|
clientID: string;
|
53
92
|
clientSecret: string;
|
54
|
-
}): Promise<
|
93
|
+
}): Promise<void>;
|
55
94
|
updateOIDCConnection(body: OIDCSSOConnection & {
|
56
95
|
clientID: string;
|
57
96
|
clientSecret: string;
|
58
|
-
}): Promise<
|
59
|
-
getConnections(body: GetConnectionsQuery): Promise<Array<
|
60
|
-
|
97
|
+
}): Promise<void>;
|
98
|
+
getConnections(body: GetConnectionsQuery): Promise<Array<SAMLSSORecord | OIDCSSORecord>>;
|
99
|
+
/**
|
100
|
+
* @deprecated Use `getConnections` instead.
|
101
|
+
*/
|
102
|
+
getConfig(body: GetConfigQuery): Promise<SAMLSSORecord | Record<string, never>>;
|
61
103
|
deleteConnections(body: DelConnectionsQuery): Promise<void>;
|
104
|
+
/**
|
105
|
+
* @deprecated Use `deleteConnections` instead.
|
106
|
+
*/
|
62
107
|
deleteConfig(body: DelConfigQuery): Promise<void>;
|
63
108
|
}
|
64
109
|
export interface IOAuthController {
|
@@ -227,7 +272,7 @@ export interface DatabaseOption {
|
|
227
272
|
export interface JacksonOption {
|
228
273
|
externalUrl: string;
|
229
274
|
samlPath: string;
|
230
|
-
oidcPath
|
275
|
+
oidcPath?: string;
|
231
276
|
samlAudience?: string;
|
232
277
|
preLoadedConfig?: string;
|
233
278
|
preLoadedConnection?: string;
|
@@ -236,7 +281,7 @@ export interface JacksonOption {
|
|
236
281
|
clientSecretVerifier?: string;
|
237
282
|
idpDiscoveryPath?: string;
|
238
283
|
scimPath?: string;
|
239
|
-
openid
|
284
|
+
openid?: {
|
240
285
|
jwsAlg?: string;
|
241
286
|
jwtSigningKeys?: {
|
242
287
|
private: string;
|
package/package.json
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
{
|
2
2
|
"name": "@boxyhq/saml-jackson",
|
3
|
-
"version": "1.3.
|
3
|
+
"version": "1.3.1",
|
4
4
|
"description": "SAML Jackson library",
|
5
5
|
"keywords": [
|
6
6
|
"SAML 2.0"
|
@@ -41,12 +41,12 @@
|
|
41
41
|
"@boxyhq/saml20": "1.0.7",
|
42
42
|
"@opentelemetry/api": "1.0.4",
|
43
43
|
"@opentelemetry/api-metrics": "0.27.0",
|
44
|
-
"axios": "
|
45
|
-
"jose": "4.
|
46
|
-
"marked": "4.1.
|
44
|
+
"axios": "1.1.2",
|
45
|
+
"jose": "4.10.0",
|
46
|
+
"marked": "4.1.1",
|
47
47
|
"mongodb": "4.10.0",
|
48
48
|
"mysql2": "2.3.3",
|
49
|
-
"openid-client": "5.1.
|
49
|
+
"openid-client": "5.1.10",
|
50
50
|
"node-forge": "1.3.1",
|
51
51
|
"pg": "8.8.0",
|
52
52
|
"redis": "4.3.1",
|
@@ -58,20 +58,20 @@
|
|
58
58
|
},
|
59
59
|
"devDependencies": {
|
60
60
|
"@faker-js/faker": "7.5.0",
|
61
|
-
"@types/node": "18.
|
61
|
+
"@types/node": "18.8.3",
|
62
62
|
"@types/sinon": "10.0.13",
|
63
63
|
"@types/tap": "15.0.7",
|
64
|
-
"@typescript-eslint/eslint-plugin": "5.
|
64
|
+
"@typescript-eslint/eslint-plugin": "5.40.0",
|
65
65
|
"@typescript-eslint/parser": "5.38.1",
|
66
66
|
"cross-env": "7.0.3",
|
67
|
-
"eslint": "8.
|
67
|
+
"eslint": "8.25.0",
|
68
68
|
"eslint-config-prettier": "8.5.0",
|
69
69
|
"prettier": "2.7.1",
|
70
|
-
"sinon": "14.0.
|
70
|
+
"sinon": "14.0.1",
|
71
71
|
"tap": "16.3.0",
|
72
72
|
"ts-node": "10.9.1",
|
73
73
|
"tsconfig-paths": "4.1.0",
|
74
|
-
"typescript": "4.8.
|
74
|
+
"typescript": "4.8.4"
|
75
75
|
},
|
76
76
|
"engines": {
|
77
77
|
"node": ">=14.18.1 <=16.x"
|