@boxyhq/saml-jackson 1.33.0 → 1.33.1-beta.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/controller/oauth/oidc-client.d.ts +3 -3
- package/dist/controller/oauth/oidc-client.js +2 -1
- package/dist/controller/oauth/oidc-client.js.map +1 -1
- package/dist/controller/oauth/oidc-issuer.d.ts +2 -0
- package/dist/controller/oauth/oidc-issuer.js +25 -0
- package/dist/controller/oauth/oidc-issuer.js.map +1 -0
- package/dist/controller/oauth.js +36 -35
- package/dist/controller/oauth.js.map +1 -1
- package/dist/controller/sso-handler.js +1 -1
- package/dist/controller/sso-handler.js.map +1 -1
- package/dist/controller/utils.d.ts +5 -3
- package/dist/controller/utils.js +10 -2
- package/dist/controller/utils.js.map +1 -1
- package/dist/src/controller/admin.d.ts +27 -0
- package/dist/src/controller/admin.js +60 -0
- package/dist/src/controller/admin.js.map +1 -0
- package/dist/src/controller/analytics.d.ts +16 -0
- package/dist/src/controller/analytics.js +79 -0
- package/dist/src/controller/analytics.js.map +1 -0
- package/dist/src/controller/api.d.ts +557 -0
- package/dist/src/controller/api.js +806 -0
- package/dist/src/controller/api.js.map +1 -0
- package/dist/src/controller/connection/oidc.d.ts +7 -0
- package/dist/src/controller/connection/oidc.js +181 -0
- package/dist/src/controller/connection/oidc.js.map +1 -0
- package/dist/src/controller/connection/saml.d.ts +7 -0
- package/dist/src/controller/connection/saml.js +250 -0
- package/dist/src/controller/connection/saml.js.map +1 -0
- package/dist/src/controller/error.d.ts +10 -0
- package/dist/src/controller/error.js +13 -0
- package/dist/src/controller/error.js.map +1 -0
- package/dist/src/controller/health-check.d.ts +11 -0
- package/dist/src/controller/health-check.js +51 -0
- package/dist/src/controller/health-check.js.map +1 -0
- package/dist/src/controller/logout.d.ts +18 -0
- package/dist/src/controller/logout.js +132 -0
- package/dist/src/controller/logout.js.map +1 -0
- package/dist/src/controller/oauth/allowed.d.ts +1 -0
- package/dist/src/controller/oauth/allowed.js +30 -0
- package/dist/src/controller/oauth/allowed.js.map +1 -0
- package/dist/src/controller/oauth/code-verifier.d.ts +1 -0
- package/dist/src/controller/oauth/code-verifier.js +8 -0
- package/dist/src/controller/oauth/code-verifier.js.map +1 -0
- package/dist/src/controller/oauth/oidc-client.d.ts +12 -0
- package/dist/src/controller/oauth/oidc-client.js +89 -0
- package/dist/src/controller/oauth/oidc-client.js.map +1 -0
- package/dist/src/controller/oauth/redirect.d.ts +1 -0
- package/dist/src/controller/oauth/redirect.js +13 -0
- package/dist/src/controller/oauth/redirect.js.map +1 -0
- package/dist/src/controller/oauth.d.ts +142 -0
- package/dist/src/controller/oauth.js +1112 -0
- package/dist/src/controller/oauth.js.map +1 -0
- package/dist/src/controller/oidc-discovery.d.ts +22 -0
- package/dist/src/controller/oidc-discovery.js +47 -0
- package/dist/src/controller/oidc-discovery.js.map +1 -0
- package/dist/src/controller/setup-link.d.ts +307 -0
- package/dist/src/controller/setup-link.js +462 -0
- package/dist/src/controller/setup-link.js.map +1 -0
- package/dist/src/controller/sp-config.d.ts +22 -0
- package/dist/src/controller/sp-config.js +89 -0
- package/dist/src/controller/sp-config.js.map +1 -0
- package/dist/src/controller/sso-handler.d.ts +66 -0
- package/dist/src/controller/sso-handler.js +306 -0
- package/dist/src/controller/sso-handler.js.map +1 -0
- package/dist/src/controller/utils.d.ts +84 -0
- package/dist/src/controller/utils.js +328 -0
- package/dist/src/controller/utils.js.map +1 -0
- package/dist/src/cron/lock.d.ts +18 -0
- package/dist/src/cron/lock.js +98 -0
- package/dist/src/cron/lock.js.map +1 -0
- package/dist/src/db/db.d.ts +5 -0
- package/dist/src/db/db.js +178 -0
- package/dist/src/db/db.js.map +1 -0
- package/dist/src/db/defaultDb.d.ts +2 -0
- package/dist/src/db/defaultDb.js +18 -0
- package/dist/src/db/defaultDb.js.map +1 -0
- package/dist/src/db/dynamoDb.d.ts +19 -0
- package/dist/src/db/dynamoDb.js +320 -0
- package/dist/src/db/dynamoDb.js.map +1 -0
- package/dist/src/db/encrypter.d.ts +3 -0
- package/dist/src/db/encrypter.js +22 -0
- package/dist/src/db/encrypter.js.map +1 -0
- package/dist/src/db/mem.d.ts +23 -0
- package/dist/src/db/mem.js +186 -0
- package/dist/src/db/mem.js.map +1 -0
- package/dist/src/db/mongo.d.ts +22 -0
- package/dist/src/db/mongo.js +177 -0
- package/dist/src/db/mongo.js.map +1 -0
- package/dist/src/db/planetscale/entity/JacksonIndex.d.ts +5 -0
- package/dist/src/db/planetscale/entity/JacksonIndex.js +32 -0
- package/dist/src/db/planetscale/entity/JacksonIndex.js.map +1 -0
- package/dist/src/db/planetscale/entity/JacksonStore.d.ts +9 -0
- package/dist/src/db/planetscale/entity/JacksonStore.js +63 -0
- package/dist/src/db/planetscale/entity/JacksonStore.js.map +1 -0
- package/dist/src/db/planetscale/entity/JacksonTTL.d.ts +4 -0
- package/dist/src/db/planetscale/entity/JacksonTTL.js +27 -0
- package/dist/src/db/planetscale/entity/JacksonTTL.js.map +1 -0
- package/dist/src/db/redis.d.ts +18 -0
- package/dist/src/db/redis.js +214 -0
- package/dist/src/db/redis.js.map +1 -0
- package/dist/src/db/sql/entity/JacksonIndex.d.ts +7 -0
- package/dist/src/db/sql/entity/JacksonIndex.js +39 -0
- package/dist/src/db/sql/entity/JacksonIndex.js.map +1 -0
- package/dist/src/db/sql/entity/JacksonStore.d.ts +9 -0
- package/dist/src/db/sql/entity/JacksonStore.js +61 -0
- package/dist/src/db/sql/entity/JacksonStore.js.map +1 -0
- package/dist/src/db/sql/entity/JacksonTTL.d.ts +4 -0
- package/dist/src/db/sql/entity/JacksonTTL.js +27 -0
- package/dist/src/db/sql/entity/JacksonTTL.js.map +1 -0
- package/dist/src/db/sql/mariadb/entity/JacksonIndex.d.ts +7 -0
- package/dist/src/db/sql/mariadb/entity/JacksonIndex.js +39 -0
- package/dist/src/db/sql/mariadb/entity/JacksonIndex.js.map +1 -0
- package/dist/src/db/sql/mariadb/entity/JacksonStore.d.ts +9 -0
- package/dist/src/db/sql/mariadb/entity/JacksonStore.js +63 -0
- package/dist/src/db/sql/mariadb/entity/JacksonStore.js.map +1 -0
- package/dist/src/db/sql/mariadb/entity/JacksonTTL.d.ts +4 -0
- package/dist/src/db/sql/mariadb/entity/JacksonTTL.js +27 -0
- package/dist/src/db/sql/mariadb/entity/JacksonTTL.js.map +1 -0
- package/dist/src/db/sql/mssql/entity/JacksonIndex.d.ts +7 -0
- package/dist/src/db/sql/mssql/entity/JacksonIndex.js +39 -0
- package/dist/src/db/sql/mssql/entity/JacksonIndex.js.map +1 -0
- package/dist/src/db/sql/mssql/entity/JacksonStore.d.ts +9 -0
- package/dist/src/db/sql/mssql/entity/JacksonStore.js +61 -0
- package/dist/src/db/sql/mssql/entity/JacksonStore.js.map +1 -0
- package/dist/src/db/sql/mssql/entity/JacksonTTL.d.ts +4 -0
- package/dist/src/db/sql/mssql/entity/JacksonTTL.js +27 -0
- package/dist/src/db/sql/mssql/entity/JacksonTTL.js.map +1 -0
- package/dist/src/db/sql/mssql.d.ts +1 -0
- package/dist/src/db/sql/mssql.js +44 -0
- package/dist/src/db/sql/mssql.js.map +1 -0
- package/dist/src/db/sql/sql.d.ts +32 -0
- package/dist/src/db/sql/sql.js +318 -0
- package/dist/src/db/sql/sql.js.map +1 -0
- package/dist/src/db/sql/sqlite/entity/JacksonIndex.d.ts +7 -0
- package/dist/src/db/sql/sqlite/entity/JacksonIndex.js +39 -0
- package/dist/src/db/sql/sqlite/entity/JacksonIndex.js.map +1 -0
- package/dist/src/db/sql/sqlite/entity/JacksonStore.d.ts +9 -0
- package/dist/src/db/sql/sqlite/entity/JacksonStore.js +61 -0
- package/dist/src/db/sql/sqlite/entity/JacksonStore.js.map +1 -0
- package/dist/src/db/sql/sqlite/entity/JacksonTTL.d.ts +4 -0
- package/dist/src/db/sql/sqlite/entity/JacksonTTL.js +27 -0
- package/dist/src/db/sql/sqlite/entity/JacksonTTL.js.map +1 -0
- package/dist/src/db/store.d.ts +5 -0
- package/dist/src/db/store.js +65 -0
- package/dist/src/db/store.js.map +1 -0
- package/dist/src/db/utils.d.ts +16 -0
- package/dist/src/db/utils.js +28 -0
- package/dist/src/db/utils.js.map +1 -0
- package/dist/src/directory-sync/batch-events/queue.d.ts +40 -0
- package/dist/src/directory-sync/batch-events/queue.js +225 -0
- package/dist/src/directory-sync/batch-events/queue.js.map +1 -0
- package/dist/src/directory-sync/index.d.ts +27 -0
- package/dist/src/directory-sync/index.js +97 -0
- package/dist/src/directory-sync/index.js.map +1 -0
- package/dist/src/directory-sync/non-scim/google/api.d.ts +36 -0
- package/dist/src/directory-sync/non-scim/google/api.js +143 -0
- package/dist/src/directory-sync/non-scim/google/api.js.map +1 -0
- package/dist/src/directory-sync/non-scim/google/index.d.ts +12 -0
- package/dist/src/directory-sync/non-scim/google/index.js +10 -0
- package/dist/src/directory-sync/non-scim/google/index.js.map +1 -0
- package/dist/src/directory-sync/non-scim/google/oauth.d.ts +27 -0
- package/dist/src/directory-sync/non-scim/google/oauth.js +105 -0
- package/dist/src/directory-sync/non-scim/google/oauth.js.map +1 -0
- package/dist/src/directory-sync/non-scim/index.d.ts +24 -0
- package/dist/src/directory-sync/non-scim/index.js +85 -0
- package/dist/src/directory-sync/non-scim/index.js.map +1 -0
- package/dist/src/directory-sync/non-scim/syncGroupMembers.d.ts +23 -0
- package/dist/src/directory-sync/non-scim/syncGroupMembers.js +105 -0
- package/dist/src/directory-sync/non-scim/syncGroupMembers.js.map +1 -0
- package/dist/src/directory-sync/non-scim/syncGroups.d.ts +24 -0
- package/dist/src/directory-sync/non-scim/syncGroups.js +120 -0
- package/dist/src/directory-sync/non-scim/syncGroups.js.map +1 -0
- package/dist/src/directory-sync/non-scim/syncUsers.d.ts +24 -0
- package/dist/src/directory-sync/non-scim/syncUsers.js +120 -0
- package/dist/src/directory-sync/non-scim/syncUsers.js.map +1 -0
- package/dist/src/directory-sync/non-scim/utils.d.ts +36 -0
- package/dist/src/directory-sync/non-scim/utils.js +109 -0
- package/dist/src/directory-sync/non-scim/utils.js.map +1 -0
- package/dist/src/directory-sync/request.d.ts +14 -0
- package/dist/src/directory-sync/request.js +29 -0
- package/dist/src/directory-sync/request.js.map +1 -0
- package/dist/src/directory-sync/scim/Base.d.ts +12 -0
- package/dist/src/directory-sync/scim/Base.js +23 -0
- package/dist/src/directory-sync/scim/Base.js.map +1 -0
- package/dist/src/directory-sync/scim/DirectoryConfig.d.ts +343 -0
- package/dist/src/directory-sync/scim/DirectoryConfig.js +580 -0
- package/dist/src/directory-sync/scim/DirectoryConfig.js.map +1 -0
- package/dist/src/directory-sync/scim/DirectoryGroups.d.ts +28 -0
- package/dist/src/directory-sync/scim/DirectoryGroups.js +252 -0
- package/dist/src/directory-sync/scim/DirectoryGroups.js.map +1 -0
- package/dist/src/directory-sync/scim/DirectoryUsers.d.ts +25 -0
- package/dist/src/directory-sync/scim/DirectoryUsers.js +193 -0
- package/dist/src/directory-sync/scim/DirectoryUsers.js.map +1 -0
- package/dist/src/directory-sync/scim/Groups.d.ts +166 -0
- package/dist/src/directory-sync/scim/Groups.js +348 -0
- package/dist/src/directory-sync/scim/Groups.js.map +1 -0
- package/dist/src/directory-sync/scim/Users.d.ts +99 -0
- package/dist/src/directory-sync/scim/Users.js +215 -0
- package/dist/src/directory-sync/scim/Users.js.map +1 -0
- package/dist/src/directory-sync/scim/WebhookEventsLogger.d.ts +101 -0
- package/dist/src/directory-sync/scim/WebhookEventsLogger.js +165 -0
- package/dist/src/directory-sync/scim/WebhookEventsLogger.js.map +1 -0
- package/dist/src/directory-sync/scim/transform.d.ts +6 -0
- package/dist/src/directory-sync/scim/transform.js +37 -0
- package/dist/src/directory-sync/scim/transform.js.map +1 -0
- package/dist/src/directory-sync/scim/utils.d.ts +33 -0
- package/dist/src/directory-sync/scim/utils.js +129 -0
- package/dist/src/directory-sync/scim/utils.js.map +1 -0
- package/dist/src/directory-sync/types.d.ts +195 -0
- package/dist/src/directory-sync/types.js +10 -0
- package/dist/src/directory-sync/types.js.map +1 -0
- package/dist/src/directory-sync/utils.d.ts +19 -0
- package/dist/src/directory-sync/utils.js +56 -0
- package/dist/src/directory-sync/utils.js.map +1 -0
- package/dist/src/ee/branding/index.d.ts +17 -0
- package/dist/src/ee/branding/index.js +49 -0
- package/dist/src/ee/branding/index.js.map +1 -0
- package/dist/src/ee/common/checkLicense.d.ts +3 -0
- package/dist/src/ee/common/checkLicense.js +23 -0
- package/dist/src/ee/common/checkLicense.js.map +1 -0
- package/dist/src/ee/identity-federation/app.d.ts +328 -0
- package/dist/src/ee/identity-federation/app.js +532 -0
- package/dist/src/ee/identity-federation/app.js.map +1 -0
- package/dist/src/ee/identity-federation/idp-login.d.ts +18 -0
- package/dist/src/ee/identity-federation/idp-login.js +98 -0
- package/dist/src/ee/identity-federation/idp-login.js.map +1 -0
- package/dist/src/ee/identity-federation/index.d.ts +15 -0
- package/dist/src/ee/identity-federation/index.js +43 -0
- package/dist/src/ee/identity-federation/index.js.map +1 -0
- package/dist/src/ee/identity-federation/sso.d.ts +24 -0
- package/dist/src/ee/identity-federation/sso.js +124 -0
- package/dist/src/ee/identity-federation/sso.js.map +1 -0
- package/dist/src/ee/identity-federation/types.d.ts +38 -0
- package/dist/src/ee/identity-federation/types.js +2 -0
- package/dist/src/ee/identity-federation/types.js.map +1 -0
- package/dist/src/ee/ory/ory.d.ts +18 -0
- package/dist/src/ee/ory/ory.js +195 -0
- package/dist/src/ee/ory/ory.js.map +1 -0
- package/dist/src/ee/product/index.d.ts +14 -0
- package/dist/src/ee/product/index.js +45 -0
- package/dist/src/ee/product/index.js.map +1 -0
- package/dist/src/event/axios.d.ts +2 -0
- package/dist/src/event/axios.js +27 -0
- package/dist/src/event/axios.js.map +1 -0
- package/dist/src/event/index.d.ts +11 -0
- package/dist/src/event/index.js +53 -0
- package/dist/src/event/index.js.map +1 -0
- package/dist/src/event/types.d.ts +21 -0
- package/dist/src/event/types.js +2 -0
- package/dist/src/event/types.js.map +1 -0
- package/dist/src/event/utils.d.ts +4 -0
- package/dist/src/event/utils.js +33 -0
- package/dist/src/event/utils.js.map +1 -0
- package/dist/src/event/webhook.d.ts +3 -0
- package/dist/src/event/webhook.js +34 -0
- package/dist/src/event/webhook.js.map +1 -0
- package/dist/src/index.d.ts +35 -0
- package/dist/src/index.js +161 -0
- package/dist/src/index.js.map +1 -0
- package/dist/src/loadConnection.d.ts +4 -0
- package/dist/src/loadConnection.js +38 -0
- package/dist/src/loadConnection.js.map +1 -0
- package/dist/src/opentelemetry/metrics.d.ts +14 -0
- package/dist/src/opentelemetry/metrics.js +64 -0
- package/dist/src/opentelemetry/metrics.js.map +1 -0
- package/dist/src/saml/claims.d.ts +12 -0
- package/dist/src/saml/claims.js +57 -0
- package/dist/src/saml/claims.js.map +1 -0
- package/dist/src/saml/lib.d.ts +8 -0
- package/dist/src/saml/lib.js +29 -0
- package/dist/src/saml/lib.js.map +1 -0
- package/dist/src/saml/x509.d.ts +9 -0
- package/dist/src/saml/x509.js +93 -0
- package/dist/src/saml/x509.js.map +1 -0
- package/dist/src/sso-traces/index.d.ts +114 -0
- package/dist/src/sso-traces/index.js +229 -0
- package/dist/src/sso-traces/index.js.map +1 -0
- package/dist/src/sso-traces/types.d.ts +44 -0
- package/dist/src/sso-traces/types.js +2 -0
- package/dist/src/sso-traces/types.js.map +1 -0
- package/dist/src/typings.d.ts +540 -0
- package/dist/src/typings.js +5 -0
- package/dist/src/typings.js.map +1 -0
- package/dist/typeorm.d.ts +3 -0
- package/dist/typeorm.js +58 -0
- package/dist/typeorm.js.map +1 -0
- package/dist/typings.d.ts +1 -1
- package/package.json +7 -7
|
@@ -0,0 +1,532 @@
|
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
9
|
+
};
|
|
10
|
+
import crypto from 'crypto';
|
|
11
|
+
import saml from '@boxyhq/saml20';
|
|
12
|
+
import { fedAppID, clientIDFederatedPrefix } from '../../controller/utils';
|
|
13
|
+
import { JacksonError } from '../../controller/error';
|
|
14
|
+
import { getDefaultCertificate } from '../../saml/x509';
|
|
15
|
+
import { IndexNames, validateTenantAndProduct } from '../../controller/utils';
|
|
16
|
+
import { throwIfInvalidLicense } from '../common/checkLicense';
|
|
17
|
+
export class App {
|
|
18
|
+
/**
|
|
19
|
+
* @swagger
|
|
20
|
+
* definitions:
|
|
21
|
+
* IdentityFederationApp:
|
|
22
|
+
* type: object
|
|
23
|
+
* properties:
|
|
24
|
+
* id:
|
|
25
|
+
* type: string
|
|
26
|
+
* description: id
|
|
27
|
+
* name:
|
|
28
|
+
* type: string
|
|
29
|
+
* description: name
|
|
30
|
+
* tenant:
|
|
31
|
+
* type: string
|
|
32
|
+
* description: Tenant
|
|
33
|
+
* product:
|
|
34
|
+
* type: string
|
|
35
|
+
* description: Product
|
|
36
|
+
* acsUrl:
|
|
37
|
+
* type: string
|
|
38
|
+
* description: ACS URL
|
|
39
|
+
* entityId:
|
|
40
|
+
* type: string
|
|
41
|
+
* description: Entity ID
|
|
42
|
+
* logoUrl:
|
|
43
|
+
* type: string
|
|
44
|
+
* description: Logo URL (optional)
|
|
45
|
+
* faviconUrl:
|
|
46
|
+
* type: string
|
|
47
|
+
* description: Favicon URL (optional)
|
|
48
|
+
* primaryColor:
|
|
49
|
+
* type: string
|
|
50
|
+
* description: Primary color (optional)
|
|
51
|
+
*/
|
|
52
|
+
constructor({ store, opts }) {
|
|
53
|
+
this.store = store;
|
|
54
|
+
this.opts = opts;
|
|
55
|
+
}
|
|
56
|
+
/**
|
|
57
|
+
* @swagger
|
|
58
|
+
* /api/v1/identity-federation:
|
|
59
|
+
* post:
|
|
60
|
+
* summary: Create an Identity Federation app
|
|
61
|
+
* parameters:
|
|
62
|
+
* - name: name
|
|
63
|
+
* description: Name
|
|
64
|
+
* in: formData
|
|
65
|
+
* required: true
|
|
66
|
+
* type: string
|
|
67
|
+
* - name: tenant
|
|
68
|
+
* description: Tenant
|
|
69
|
+
* in: formData
|
|
70
|
+
* required: true
|
|
71
|
+
* type: string
|
|
72
|
+
* - name: product
|
|
73
|
+
* description: Product
|
|
74
|
+
* in: formData
|
|
75
|
+
* required: true
|
|
76
|
+
* type: string
|
|
77
|
+
* - name: acsUrl
|
|
78
|
+
* description: ACS URL
|
|
79
|
+
* in: formData
|
|
80
|
+
* required: true
|
|
81
|
+
* type: string
|
|
82
|
+
* - name: entityId
|
|
83
|
+
* description: Entity ID
|
|
84
|
+
* in: formData
|
|
85
|
+
* required: true
|
|
86
|
+
* type: string
|
|
87
|
+
* - name: logoUrl
|
|
88
|
+
* description: Logo URL
|
|
89
|
+
* in: formData
|
|
90
|
+
* required: false
|
|
91
|
+
* type: string
|
|
92
|
+
* - name: faviconUrl
|
|
93
|
+
* description: Favicon URL
|
|
94
|
+
* in: formData
|
|
95
|
+
* required: false
|
|
96
|
+
* type: string
|
|
97
|
+
* - name: primaryColor
|
|
98
|
+
* description: Primary color
|
|
99
|
+
* in: formData
|
|
100
|
+
* required: false
|
|
101
|
+
* type: string
|
|
102
|
+
* - name: tenants
|
|
103
|
+
* description: Mapping of tenants whose connections will be grouped under this Identity Federation app
|
|
104
|
+
* in: formData
|
|
105
|
+
* required: false
|
|
106
|
+
* type: array
|
|
107
|
+
* - name: mappings
|
|
108
|
+
* description: Mapping of attributes from the IdP to SP
|
|
109
|
+
* in: formData
|
|
110
|
+
* required: false
|
|
111
|
+
* type: array
|
|
112
|
+
* - name: type
|
|
113
|
+
* description: If creating an OIDC app, this should be set to 'oidc' otherwise it defaults to 'saml'
|
|
114
|
+
* in: formData
|
|
115
|
+
* required: false
|
|
116
|
+
* type: array
|
|
117
|
+
* - name: redirectUrl
|
|
118
|
+
* description: If creating an OIDC app, provide the redirect URL
|
|
119
|
+
* in: formData
|
|
120
|
+
* required: false
|
|
121
|
+
* type: array
|
|
122
|
+
* tags: [Identity Federation]
|
|
123
|
+
* produces:
|
|
124
|
+
* - application/json
|
|
125
|
+
* consumes:
|
|
126
|
+
* - application/x-www-form-urlencoded
|
|
127
|
+
* - application/json
|
|
128
|
+
* responses:
|
|
129
|
+
* 200:
|
|
130
|
+
* description: Success
|
|
131
|
+
* schema:
|
|
132
|
+
* type: array
|
|
133
|
+
* items:
|
|
134
|
+
* $ref: '#/definitions/IdentityFederationApp'
|
|
135
|
+
*/
|
|
136
|
+
create(_a) {
|
|
137
|
+
return __awaiter(this, arguments, void 0, function* ({ name, type, redirectUrl, tenant, product, acsUrl, entityId, logoUrl, faviconUrl, primaryColor, tenants, mappings, }) {
|
|
138
|
+
yield throwIfInvalidLicense(this.opts.boxyhqLicenseKey);
|
|
139
|
+
if (type === 'oidc') {
|
|
140
|
+
if (!tenant || !product || !redirectUrl || !name) {
|
|
141
|
+
throw new JacksonError('Missing required parameters. Required parameters are: name, tenant, product, redirectUrl', 400);
|
|
142
|
+
}
|
|
143
|
+
}
|
|
144
|
+
else {
|
|
145
|
+
if (!tenant || !product || !acsUrl || !entityId || !name) {
|
|
146
|
+
throw new JacksonError('Missing required parameters. Required parameters are: name, tenant, product, acsUrl, entityId', 400);
|
|
147
|
+
}
|
|
148
|
+
}
|
|
149
|
+
validateTenantAndProduct(tenant, product);
|
|
150
|
+
const id = fedAppID(tenant, product, type);
|
|
151
|
+
// Check if an app already exists for the same tenant and product
|
|
152
|
+
const foundApp = yield this.store.get(id);
|
|
153
|
+
if (foundApp) {
|
|
154
|
+
throw new JacksonError('Cannot create another app for the same tenant and product. An app already exists.', 400);
|
|
155
|
+
}
|
|
156
|
+
if (type === 'saml') {
|
|
157
|
+
// Check if an app already exists with the same entityId
|
|
158
|
+
const result = yield this.store.getByIndex({
|
|
159
|
+
name: IndexNames.EntityID,
|
|
160
|
+
value: entityId,
|
|
161
|
+
});
|
|
162
|
+
const apps = result.data;
|
|
163
|
+
if (apps && apps.length > 0) {
|
|
164
|
+
throw new JacksonError(`An app already exists with the same Entity ID. Provide a unique Entity ID and try again.`, 400);
|
|
165
|
+
}
|
|
166
|
+
}
|
|
167
|
+
let _tenants = [];
|
|
168
|
+
if (tenants && tenants.length > 0) {
|
|
169
|
+
_tenants = tenants.filter((t) => t !== tenant);
|
|
170
|
+
_tenants.unshift(tenant);
|
|
171
|
+
}
|
|
172
|
+
else {
|
|
173
|
+
_tenants.push(tenant);
|
|
174
|
+
}
|
|
175
|
+
const app = {
|
|
176
|
+
id,
|
|
177
|
+
type,
|
|
178
|
+
redirectUrl,
|
|
179
|
+
name,
|
|
180
|
+
tenant,
|
|
181
|
+
product,
|
|
182
|
+
acsUrl,
|
|
183
|
+
entityId,
|
|
184
|
+
logoUrl: logoUrl || null,
|
|
185
|
+
faviconUrl: faviconUrl || null,
|
|
186
|
+
primaryColor: primaryColor || null,
|
|
187
|
+
tenants: _tenants,
|
|
188
|
+
mappings: mappings || [],
|
|
189
|
+
};
|
|
190
|
+
if (type === 'oidc') {
|
|
191
|
+
app.clientID = `${clientIDFederatedPrefix}${id}`;
|
|
192
|
+
app.clientSecret = crypto.randomBytes(24).toString('hex');
|
|
193
|
+
}
|
|
194
|
+
const indexes = [
|
|
195
|
+
{
|
|
196
|
+
name: IndexNames.Product,
|
|
197
|
+
value: product,
|
|
198
|
+
},
|
|
199
|
+
];
|
|
200
|
+
if (type !== 'oidc') {
|
|
201
|
+
indexes.push({
|
|
202
|
+
name: IndexNames.EntityID,
|
|
203
|
+
value: entityId,
|
|
204
|
+
});
|
|
205
|
+
}
|
|
206
|
+
yield this.store.put(id, app, ...indexes);
|
|
207
|
+
return app;
|
|
208
|
+
});
|
|
209
|
+
}
|
|
210
|
+
/**
|
|
211
|
+
* @swagger
|
|
212
|
+
* /api/v1/identity-federation:
|
|
213
|
+
* get:
|
|
214
|
+
* summary: Get an Identity Federation app
|
|
215
|
+
* parameters:
|
|
216
|
+
* - name: id
|
|
217
|
+
* description: App ID
|
|
218
|
+
* in: query
|
|
219
|
+
* required: true
|
|
220
|
+
* type: string
|
|
221
|
+
* - name: tenant
|
|
222
|
+
* description: Tenant
|
|
223
|
+
* in: query
|
|
224
|
+
* required: false
|
|
225
|
+
* type: string
|
|
226
|
+
* - name: product
|
|
227
|
+
* description: Product
|
|
228
|
+
* in: query
|
|
229
|
+
* required: false
|
|
230
|
+
* type: string
|
|
231
|
+
* tags:
|
|
232
|
+
* - Identity Federation
|
|
233
|
+
* produces:
|
|
234
|
+
* - application/json
|
|
235
|
+
* responses:
|
|
236
|
+
* '200':
|
|
237
|
+
* description: Success
|
|
238
|
+
* schema:
|
|
239
|
+
* $ref: '#/definitions/IdentityFederationApp'
|
|
240
|
+
*/
|
|
241
|
+
get(params) {
|
|
242
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
243
|
+
yield throwIfInvalidLicense(this.opts.boxyhqLicenseKey);
|
|
244
|
+
if ('id' in params) {
|
|
245
|
+
const app = yield this.store.get(params.id);
|
|
246
|
+
if (!app) {
|
|
247
|
+
throw new JacksonError('Identity Federation app not found', 404);
|
|
248
|
+
}
|
|
249
|
+
return app;
|
|
250
|
+
}
|
|
251
|
+
if ('tenant' in params && 'product' in params) {
|
|
252
|
+
const app = yield this.store.get(fedAppID(params.tenant, params.product, params.type));
|
|
253
|
+
if (!app) {
|
|
254
|
+
throw new JacksonError('Identity Federation app not found', 404);
|
|
255
|
+
}
|
|
256
|
+
return app;
|
|
257
|
+
}
|
|
258
|
+
throw new JacksonError('Provide either the `id` or `tenant` and `product` to get the app', 400);
|
|
259
|
+
});
|
|
260
|
+
}
|
|
261
|
+
/**
|
|
262
|
+
* @swagger
|
|
263
|
+
* /api/v1/identity-federation/product:
|
|
264
|
+
* get:
|
|
265
|
+
* summary: Get Identity Federation apps by product
|
|
266
|
+
* parameters:
|
|
267
|
+
* - name: product
|
|
268
|
+
* description: Product
|
|
269
|
+
* in: query
|
|
270
|
+
* required: true
|
|
271
|
+
* type: string
|
|
272
|
+
* - $ref: '#/parameters/pageOffset'
|
|
273
|
+
* - $ref: '#/parameters/pageLimit'
|
|
274
|
+
* - $ref: '#/parameters/pageToken'
|
|
275
|
+
* tags:
|
|
276
|
+
* - Identity Federation
|
|
277
|
+
* produces:
|
|
278
|
+
* - application/json
|
|
279
|
+
* responses:
|
|
280
|
+
* 200:
|
|
281
|
+
* description: Success
|
|
282
|
+
* content:
|
|
283
|
+
* application/json:
|
|
284
|
+
* schema:
|
|
285
|
+
* type: object
|
|
286
|
+
* properties:
|
|
287
|
+
* data:
|
|
288
|
+
* type: array
|
|
289
|
+
* items:
|
|
290
|
+
* $ref: '#/definitions/IdentityFederationApp'
|
|
291
|
+
* pageToken:
|
|
292
|
+
* type: string
|
|
293
|
+
* description: token for pagination
|
|
294
|
+
*/
|
|
295
|
+
getByProduct(_a) {
|
|
296
|
+
return __awaiter(this, arguments, void 0, function* ({ product, pageOffset, pageLimit, pageToken }) {
|
|
297
|
+
yield throwIfInvalidLicense(this.opts.boxyhqLicenseKey);
|
|
298
|
+
if (!product) {
|
|
299
|
+
throw new JacksonError('Please provide a `product`.', 400);
|
|
300
|
+
}
|
|
301
|
+
const apps = yield this.store.getByIndex({
|
|
302
|
+
name: IndexNames.Product,
|
|
303
|
+
value: product,
|
|
304
|
+
}, pageOffset, pageLimit, pageToken);
|
|
305
|
+
return apps;
|
|
306
|
+
});
|
|
307
|
+
}
|
|
308
|
+
// Get the app by SP EntityId
|
|
309
|
+
getByEntityId(entityId) {
|
|
310
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
311
|
+
yield throwIfInvalidLicense(this.opts.boxyhqLicenseKey);
|
|
312
|
+
if (!entityId) {
|
|
313
|
+
throw new JacksonError('Missing required parameters. Required parameters are: entityId', 400);
|
|
314
|
+
}
|
|
315
|
+
const apps = (yield this.store.getByIndex({
|
|
316
|
+
name: IndexNames.EntityID,
|
|
317
|
+
value: entityId,
|
|
318
|
+
})).data;
|
|
319
|
+
if (!apps || apps.length === 0) {
|
|
320
|
+
throw new JacksonError('Identity Federation app not found', 404);
|
|
321
|
+
}
|
|
322
|
+
return apps[0];
|
|
323
|
+
});
|
|
324
|
+
}
|
|
325
|
+
/**
|
|
326
|
+
* @swagger
|
|
327
|
+
* /api/v1/identity-federation:
|
|
328
|
+
* patch:
|
|
329
|
+
* summary: Update an Identity Federation app
|
|
330
|
+
* parameters:
|
|
331
|
+
* - name: id
|
|
332
|
+
* description: App ID
|
|
333
|
+
* in: formData
|
|
334
|
+
* required: true
|
|
335
|
+
* type: string
|
|
336
|
+
* - name: tenant
|
|
337
|
+
* description: Tenant
|
|
338
|
+
* in: formData
|
|
339
|
+
* required: false
|
|
340
|
+
* type: string
|
|
341
|
+
* - name: product
|
|
342
|
+
* description: Product
|
|
343
|
+
* in: formData
|
|
344
|
+
* required: false
|
|
345
|
+
* type: string
|
|
346
|
+
* - name: name
|
|
347
|
+
* description: Name
|
|
348
|
+
* in: formData
|
|
349
|
+
* required: false
|
|
350
|
+
* type: string
|
|
351
|
+
* - name: acsUrl
|
|
352
|
+
* description: ACS URL
|
|
353
|
+
* in: formData
|
|
354
|
+
* required: false
|
|
355
|
+
* type: string
|
|
356
|
+
* - name: logoUrl
|
|
357
|
+
* description: Logo URL
|
|
358
|
+
* in: formData
|
|
359
|
+
* required: false
|
|
360
|
+
* type: string
|
|
361
|
+
* - name: faviconUrl
|
|
362
|
+
* description: Favicon URL
|
|
363
|
+
* in: formData
|
|
364
|
+
* required: false
|
|
365
|
+
* type: string
|
|
366
|
+
* - name: primaryColor
|
|
367
|
+
* description: Primary color
|
|
368
|
+
* in: formData
|
|
369
|
+
* required: false
|
|
370
|
+
* type: string
|
|
371
|
+
* - name: tenants
|
|
372
|
+
* description: Mapping of tenants whose connections will be grouped under this Identity Federation app
|
|
373
|
+
* in: formData
|
|
374
|
+
* required: false
|
|
375
|
+
* type: array
|
|
376
|
+
* - name: mappings
|
|
377
|
+
* description: Mapping of attributes from the IdP to SP
|
|
378
|
+
* in: formData
|
|
379
|
+
* required: false
|
|
380
|
+
* type: array
|
|
381
|
+
* tags:
|
|
382
|
+
* - Identity Federation
|
|
383
|
+
* produces:
|
|
384
|
+
* - application/json
|
|
385
|
+
* consumes:
|
|
386
|
+
* - application/x-www-form-urlencoded
|
|
387
|
+
* - application/json
|
|
388
|
+
* responses:
|
|
389
|
+
* '200':
|
|
390
|
+
* description: Success
|
|
391
|
+
* schema:
|
|
392
|
+
* $ref: '#/definitions/IdentityFederationApp'
|
|
393
|
+
*/
|
|
394
|
+
update(params) {
|
|
395
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
396
|
+
yield throwIfInvalidLicense(this.opts.boxyhqLicenseKey);
|
|
397
|
+
const { id, tenant, product, type } = params;
|
|
398
|
+
if (!id && (!tenant || !product)) {
|
|
399
|
+
throw new JacksonError('Provide either the `id` or `tenant` and `product` to update the app', 400);
|
|
400
|
+
}
|
|
401
|
+
let app = null;
|
|
402
|
+
if (id) {
|
|
403
|
+
app = yield this.get({ id });
|
|
404
|
+
}
|
|
405
|
+
else if (tenant && product) {
|
|
406
|
+
app = yield this.get({ tenant, product, type });
|
|
407
|
+
}
|
|
408
|
+
if (!app) {
|
|
409
|
+
throw new JacksonError('Identity Federation app not found', 404);
|
|
410
|
+
}
|
|
411
|
+
const toUpdate = {};
|
|
412
|
+
// Support partial updates
|
|
413
|
+
if ('name' in params) {
|
|
414
|
+
toUpdate['name'] = params.name;
|
|
415
|
+
}
|
|
416
|
+
if ('redirectUrl' in params) {
|
|
417
|
+
toUpdate['redirectUrl'] = params.redirectUrl;
|
|
418
|
+
}
|
|
419
|
+
if ('acsUrl' in params) {
|
|
420
|
+
toUpdate['acsUrl'] = params.acsUrl;
|
|
421
|
+
}
|
|
422
|
+
if ('logoUrl' in params) {
|
|
423
|
+
toUpdate['logoUrl'] = params.logoUrl || null;
|
|
424
|
+
}
|
|
425
|
+
if ('faviconUrl' in params) {
|
|
426
|
+
toUpdate['faviconUrl'] = params.faviconUrl || null;
|
|
427
|
+
}
|
|
428
|
+
if ('primaryColor' in params) {
|
|
429
|
+
toUpdate['primaryColor'] = params.primaryColor || null;
|
|
430
|
+
}
|
|
431
|
+
if ('tenants' in params) {
|
|
432
|
+
let _tenants = [];
|
|
433
|
+
if (params.tenants && params.tenants.length > 0) {
|
|
434
|
+
_tenants = params.tenants.filter((t) => t !== (app === null || app === void 0 ? void 0 : app.tenant));
|
|
435
|
+
_tenants.unshift(app.tenant);
|
|
436
|
+
}
|
|
437
|
+
else {
|
|
438
|
+
_tenants.push(app.tenant);
|
|
439
|
+
}
|
|
440
|
+
toUpdate['tenants'] = _tenants;
|
|
441
|
+
}
|
|
442
|
+
if ('mappings' in params) {
|
|
443
|
+
toUpdate['mappings'] = params.mappings;
|
|
444
|
+
}
|
|
445
|
+
if (Object.keys(toUpdate).length === 0) {
|
|
446
|
+
throw new JacksonError('Please provide at least one of the following parameters: acsUrl, name, logoUrl, faviconUrl, primaryColor', 400);
|
|
447
|
+
}
|
|
448
|
+
const updatedApp = Object.assign(Object.assign({}, app), toUpdate);
|
|
449
|
+
yield this.store.put(app.id, updatedApp);
|
|
450
|
+
return updatedApp;
|
|
451
|
+
});
|
|
452
|
+
}
|
|
453
|
+
// Get all apps
|
|
454
|
+
getAll(_a) {
|
|
455
|
+
return __awaiter(this, arguments, void 0, function* ({ pageOffset, pageLimit, pageToken, }) {
|
|
456
|
+
yield throwIfInvalidLicense(this.opts.boxyhqLicenseKey);
|
|
457
|
+
const apps = (yield this.store.getAll(pageOffset, pageLimit, pageToken));
|
|
458
|
+
return apps;
|
|
459
|
+
});
|
|
460
|
+
}
|
|
461
|
+
/**
|
|
462
|
+
* @swagger
|
|
463
|
+
* /api/v1/identity-federation:
|
|
464
|
+
* delete:
|
|
465
|
+
* summary: Delete an Identity Federation app
|
|
466
|
+
* parameters:
|
|
467
|
+
* - name: id
|
|
468
|
+
* description: App ID
|
|
469
|
+
* in: query
|
|
470
|
+
* required: true
|
|
471
|
+
* type: string
|
|
472
|
+
* - name: tenant
|
|
473
|
+
* description: Tenant
|
|
474
|
+
* in: query
|
|
475
|
+
* required: false
|
|
476
|
+
* type: string
|
|
477
|
+
* - name: product
|
|
478
|
+
* description: Product
|
|
479
|
+
* in: query
|
|
480
|
+
* required: false
|
|
481
|
+
* type: string
|
|
482
|
+
* tags:
|
|
483
|
+
* - Identity Federation
|
|
484
|
+
* produces:
|
|
485
|
+
* - application/json
|
|
486
|
+
* responses:
|
|
487
|
+
* '200':
|
|
488
|
+
* description: Success
|
|
489
|
+
* schema:
|
|
490
|
+
* $ref: '#/definitions/IdentityFederationApp'
|
|
491
|
+
*/
|
|
492
|
+
delete(params) {
|
|
493
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
494
|
+
yield throwIfInvalidLicense(this.opts.boxyhqLicenseKey);
|
|
495
|
+
if ('id' in params) {
|
|
496
|
+
return yield this.store.delete(params.id);
|
|
497
|
+
}
|
|
498
|
+
if ('tenant' in params && 'product' in params) {
|
|
499
|
+
const id = fedAppID(params.tenant, params.product, params.type);
|
|
500
|
+
return yield this.store.delete(id);
|
|
501
|
+
}
|
|
502
|
+
throw new JacksonError('Provide either the `id` or `tenant` and `product` to delete the app', 400);
|
|
503
|
+
});
|
|
504
|
+
}
|
|
505
|
+
// Get the metadata for the app
|
|
506
|
+
getMetadata() {
|
|
507
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
508
|
+
yield throwIfInvalidLicense(this.opts.boxyhqLicenseKey);
|
|
509
|
+
const { publicKey } = yield getDefaultCertificate();
|
|
510
|
+
const ssoUrl = `${this.opts.externalUrl}/api/identity-federation/sso`;
|
|
511
|
+
const entityId = `${this.opts.samlAudience}`;
|
|
512
|
+
const xml = saml.createIdPMetadataXML({
|
|
513
|
+
entityId,
|
|
514
|
+
ssoUrl,
|
|
515
|
+
x509cert: publicKey,
|
|
516
|
+
wantAuthnRequestsSigned: false,
|
|
517
|
+
});
|
|
518
|
+
return {
|
|
519
|
+
xml,
|
|
520
|
+
entityId,
|
|
521
|
+
ssoUrl,
|
|
522
|
+
x509cert: publicKey,
|
|
523
|
+
};
|
|
524
|
+
});
|
|
525
|
+
}
|
|
526
|
+
getCount(idx) {
|
|
527
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
528
|
+
return yield this.store.getCount(idx);
|
|
529
|
+
});
|
|
530
|
+
}
|
|
531
|
+
}
|
|
532
|
+
//# sourceMappingURL=app.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"app.js","sourceRoot":"","sources":["../../../../src/ee/identity-federation/app.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,IAAI,MAAM,gBAAgB,CAAC;AAWlC,OAAO,EAAE,QAAQ,EAAE,uBAAuB,EAAE,MAAM,wBAAwB,CAAC;AAC3E,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACtD,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,EAAE,UAAU,EAAE,wBAAwB,EAAE,MAAM,wBAAwB,CAAC;AAC9E,OAAO,EAAE,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AAW/D,MAAM,OAAO,GAAG;IAId;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAiCG;IAEH,YAAY,EAAE,KAAK,EAAE,IAAI,EAA4C;QACnE,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;IACnB,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA+EG;IACU,MAAM;6DAAC,EAClB,IAAI,EACJ,IAAI,EACJ,WAAW,EACX,MAAM,EACN,OAAO,EACP,MAAM,EACN,QAAQ,EACR,OAAO,EACP,UAAU,EACV,YAAY,EACZ,OAAO,EACP,QAAQ,GACK;YACb,MAAM,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAExD,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;gBACpB,IAAI,CAAC,MAAM,IAAI,CAAC,OAAO,IAAI,CAAC,WAAW,IAAI,CAAC,IAAI,EAAE,CAAC;oBACjD,MAAM,IAAI,YAAY,CACpB,0FAA0F,EAC1F,GAAG,CACJ,CAAC;gBACJ,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,MAAM,IAAI,CAAC,OAAO,IAAI,CAAC,MAAM,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC;oBACzD,MAAM,IAAI,YAAY,CACpB,+FAA+F,EAC/F,GAAG,CACJ,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,wBAAwB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YAE1C,MAAM,EAAE,GAAG,QAAQ,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;YAE3C,iEAAiE;YACjE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAE1C,IAAI,QAAQ,EAAE,CAAC;gBACb,MAAM,IAAI,YAAY,CACpB,mFAAmF,EACnF,GAAG,CACJ,CAAC;YACJ,CAAC;YAED,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;gBACpB,wDAAwD;gBACxD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC;oBACzC,IAAI,EAAE,UAAU,CAAC,QAAQ;oBACzB,KAAK,EAAE,QAAQ;iBAChB,CAAC,CAAC;gBAEH,MAAM,IAAI,GAA4B,MAAM,CAAC,IAAI,CAAC;gBAElD,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC5B,MAAM,IAAI,YAAY,CACpB,0FAA0F,EAC1F,GAAG,CACJ,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,IAAI,QAAQ,GAAa,EAAE,CAAC;YAE5B,IAAI,OAAO,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAClC,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,MAAM,CAAC,CAAC;gBAC/C,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;YAC3B,CAAC;iBAAM,CAAC;gBACN,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACxB,CAAC;YAED,MAAM,GAAG,GAA0B;gBACjC,EAAE;gBACF,IAAI;gBACJ,WAAW;gBACX,IAAI;gBACJ,MAAM;gBACN,OAAO;gBACP,MAAM;gBACN,QAAQ;gBACR,OAAO,EAAE,OAAO,IAAI,IAAI;gBACxB,UAAU,EAAE,UAAU,IAAI,IAAI;gBAC9B,YAAY,EAAE,YAAY,IAAI,IAAI;gBAClC,OAAO,EAAE,QAAQ;gBACjB,QAAQ,EAAE,QAAQ,IAAI,EAAE;aACzB,CAAC;YAEF,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;gBACpB,GAAG,CAAC,QAAQ,GAAG,GAAG,uBAAuB,GAAG,EAAE,EAAE,CAAC;gBACjD,GAAG,CAAC,YAAY,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YAC5D,CAAC;YAED,MAAM,OAAO,GAAG;gBACd;oBACE,IAAI,EAAE,UAAU,CAAC,OAAO;oBACxB,KAAK,EAAE,OAAO;iBACf;aACF,CAAC;YAEF,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;gBACpB,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,UAAU,CAAC,QAAQ;oBACzB,KAAK,EAAE,QAAQ;iBAChB,CAAC,CAAC;YACL,CAAC;YAED,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC,CAAC;YAE1C,OAAO,GAAG,CAAC;QACb,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA8BG;IACU,GAAG,CAAC,MAAwB;;YACvC,MAAM,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAExD,IAAI,IAAI,IAAI,MAAM,EAAE,CAAC;gBACnB,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;gBAE5C,IAAI,CAAC,GAAG,EAAE,CAAC;oBACT,MAAM,IAAI,YAAY,CAAC,mCAAmC,EAAE,GAAG,CAAC,CAAC;gBACnE,CAAC;gBAED,OAAO,GAA4B,CAAC;YACtC,CAAC;YAED,IAAI,QAAQ,IAAI,MAAM,IAAI,SAAS,IAAI,MAAM,EAAE,CAAC;gBAC9C,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;gBAEvF,IAAI,CAAC,GAAG,EAAE,CAAC;oBACT,MAAM,IAAI,YAAY,CAAC,mCAAmC,EAAE,GAAG,CAAC,CAAC;gBACnE,CAAC;gBAED,OAAO,GAA4B,CAAC;YACtC,CAAC;YAED,MAAM,IAAI,YAAY,CAAC,kEAAkE,EAAE,GAAG,CAAC,CAAC;QAClG,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAiCG;IACU,YAAY;6DAAC,EAAE,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,SAAS,EAAsB;YACzF,MAAM,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAExD,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,YAAY,CAAC,6BAA6B,EAAE,GAAG,CAAC,CAAC;YAC7D,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,UAAU,CACtC;gBACE,IAAI,EAAE,UAAU,CAAC,OAAO;gBACxB,KAAK,EAAE,OAAO;aACf,EACD,UAAU,EACV,SAAS,EACT,SAAS,CACV,CAAC;YAEF,OAAO,IAAI,CAAC;QACd,CAAC;KAAA;IAED,6BAA6B;IAChB,aAAa,CAAC,QAAgB;;YACzC,MAAM,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAExD,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,MAAM,IAAI,YAAY,CAAC,gEAAgE,EAAE,GAAG,CAAC,CAAC;YAChG,CAAC;YAED,MAAM,IAAI,GAA4B,CACpC,MAAM,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC;gBAC1B,IAAI,EAAE,UAAU,CAAC,QAAQ;gBACzB,KAAK,EAAE,QAAQ;aAChB,CAAC,CACH,CAAC,IAAI,CAAC;YAEP,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC/B,MAAM,IAAI,YAAY,CAAC,mCAAmC,EAAE,GAAG,CAAC,CAAC;YACnE,CAAC;YAED,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC;QACjB,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAoEG;IACU,MAAM,CAAC,MAAsC;;YACxD,MAAM,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAExD,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC;YAE7C,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBACjC,MAAM,IAAI,YAAY,CAAC,qEAAqE,EAAE,GAAG,CAAC,CAAC;YACrG,CAAC;YAED,IAAI,GAAG,GAAiC,IAAI,CAAC;YAE7C,IAAI,EAAE,EAAE,CAAC;gBACP,GAAG,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YAC/B,CAAC;iBAAM,IAAI,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC7B,GAAG,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;YAClD,CAAC;YAED,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,IAAI,YAAY,CAAC,mCAAmC,EAAE,GAAG,CAAC,CAAC;YACnE,CAAC;YAED,MAAM,QAAQ,GAAmC,EAAE,CAAC;YAEpD,0BAA0B;YAE1B,IAAI,MAAM,IAAI,MAAM,EAAE,CAAC;gBACrB,QAAQ,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC;YACjC,CAAC;YAED,IAAI,aAAa,IAAI,MAAM,EAAE,CAAC;gBAC5B,QAAQ,CAAC,aAAa,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC;YAC/C,CAAC;YAED,IAAI,QAAQ,IAAI,MAAM,EAAE,CAAC;gBACvB,QAAQ,CAAC,QAAQ,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC;YACrC,CAAC;YAED,IAAI,SAAS,IAAI,MAAM,EAAE,CAAC;gBACxB,QAAQ,CAAC,SAAS,CAAC,GAAG,MAAM,CAAC,OAAO,IAAI,IAAI,CAAC;YAC/C,CAAC;YAED,IAAI,YAAY,IAAI,MAAM,EAAE,CAAC;gBAC3B,QAAQ,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC,UAAU,IAAI,IAAI,CAAC;YACrD,CAAC;YAED,IAAI,cAAc,IAAI,MAAM,EAAE,CAAC;gBAC7B,QAAQ,CAAC,cAAc,CAAC,GAAG,MAAM,CAAC,YAAY,IAAI,IAAI,CAAC;YACzD,CAAC;YAED,IAAI,SAAS,IAAI,MAAM,EAAE,CAAC;gBACxB,IAAI,QAAQ,GAAa,EAAE,CAAC;gBAE5B,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAChD,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,MAAK,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,MAAM,CAAA,CAAC,CAAC;oBAC3D,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;gBAC/B,CAAC;qBAAM,CAAC;oBACN,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;gBAC5B,CAAC;gBAED,QAAQ,CAAC,SAAS,CAAC,GAAG,QAAQ,CAAC;YACjC,CAAC;YAED,IAAI,UAAU,IAAI,MAAM,EAAE,CAAC;gBACzB,QAAQ,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC;YACzC,CAAC;YAED,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,YAAY,CACpB,0GAA0G,EAC1G,GAAG,CACJ,CAAC;YACJ,CAAC;YAED,MAAM,UAAU,mCACX,GAAG,GACH,QAAQ,CACZ,CAAC;YAEF,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,CAAC;YAEzC,OAAO,UAAU,CAAC;QACpB,CAAC;KAAA;IAED,eAAe;IACF,MAAM;6DAAC,EAClB,UAAU,EACV,SAAS,EACT,SAAS,GAKV;YACC,MAAM,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAExD,MAAM,IAAI,GAAG,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CACnC,UAAU,EACV,SAAS,EACT,SAAS,CACV,CAAmC,CAAC;YAErC,OAAO,IAAI,CAAC;QACd,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA8BG;IACU,MAAM,CAAC,MAAwB;;YAC1C,MAAM,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAExD,IAAI,IAAI,IAAI,MAAM,EAAE,CAAC;gBACnB,OAAO,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;YAC5C,CAAC;YAED,IAAI,QAAQ,IAAI,MAAM,IAAI,SAAS,IAAI,MAAM,EAAE,CAAC;gBAC9C,MAAM,EAAE,GAAG,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;gBAChE,OAAO,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;YACrC,CAAC;YAED,MAAM,IAAI,YAAY,CAAC,qEAAqE,EAAE,GAAG,CAAC,CAAC;QACrG,CAAC;KAAA;IAED,+BAA+B;IAClB,WAAW;;YACtB,MAAM,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAExD,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,qBAAqB,EAAE,CAAC;YAEpD,MAAM,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,8BAA8B,CAAC;YACtE,MAAM,QAAQ,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YAE7C,MAAM,GAAG,GAAG,IAAI,CAAC,oBAAoB,CAAC;gBACpC,QAAQ;gBACR,MAAM;gBACN,QAAQ,EAAE,SAAS;gBACnB,uBAAuB,EAAE,KAAK;aAC/B,CAAC,CAAC;YAEH,OAAO;gBACL,GAAG;gBACH,QAAQ;gBACR,MAAM;gBACN,QAAQ,EAAE,SAAS;aACpB,CAAC;QACJ,CAAC;KAAA;IAEY,QAAQ,CAAC,GAAW;;YAC/B,OAAO,MAAM,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QACxC,CAAC;KAAA;CACF"}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
import { OIDCIdPInitiatedReq } from '../../typings';
|
|
2
|
+
export declare class IdPLogin {
|
|
3
|
+
private ssoHandler;
|
|
4
|
+
private ssoTraces;
|
|
5
|
+
private app;
|
|
6
|
+
private opts;
|
|
7
|
+
constructor({ app, ssoHandler, ssoTraces, opts }: {
|
|
8
|
+
app: any;
|
|
9
|
+
ssoHandler: any;
|
|
10
|
+
ssoTraces: any;
|
|
11
|
+
opts: any;
|
|
12
|
+
});
|
|
13
|
+
oidcInitiateLogin(body: OIDCIdPInitiatedReq & {
|
|
14
|
+
fedAppId: string;
|
|
15
|
+
}): Promise<{
|
|
16
|
+
redirect_url: string;
|
|
17
|
+
}>;
|
|
18
|
+
}
|
|
@@ -0,0 +1,98 @@
|
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
9
|
+
};
|
|
10
|
+
import { JacksonError } from '../../controller/error';
|
|
11
|
+
import { getErrorMessage, isConnectionActive } from '../../controller/utils';
|
|
12
|
+
import { throwIfInvalidLicense } from '../common/checkLicense';
|
|
13
|
+
export class IdPLogin {
|
|
14
|
+
constructor({ app, ssoHandler, ssoTraces, opts }) {
|
|
15
|
+
this.app = app;
|
|
16
|
+
this.ssoHandler = ssoHandler;
|
|
17
|
+
this.ssoTraces = ssoTraces;
|
|
18
|
+
this.opts = opts;
|
|
19
|
+
}
|
|
20
|
+
// Supported for SAML Federation only
|
|
21
|
+
oidcInitiateLogin(body) {
|
|
22
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
23
|
+
yield throwIfInvalidLicense(this.opts.boxyhqLicenseKey);
|
|
24
|
+
let connection;
|
|
25
|
+
let fedApp;
|
|
26
|
+
const { iss, target_link_uri, fedAppId } = body;
|
|
27
|
+
const context = {
|
|
28
|
+
isSAMLFederated: true,
|
|
29
|
+
relayState: target_link_uri,
|
|
30
|
+
isIdPFlow: true,
|
|
31
|
+
oidcIdPRequest: body,
|
|
32
|
+
};
|
|
33
|
+
try {
|
|
34
|
+
// get federated connection
|
|
35
|
+
fedApp = yield this.app.get({
|
|
36
|
+
id: fedAppId,
|
|
37
|
+
});
|
|
38
|
+
const requestedTenant = fedApp.tenant;
|
|
39
|
+
const requestedProduct = fedApp.product;
|
|
40
|
+
context.tenant = requestedTenant;
|
|
41
|
+
context.product = requestedProduct;
|
|
42
|
+
if (fedApp.type !== 'saml') {
|
|
43
|
+
throw new JacksonError('Third party login from an OIDC provider is only supported with SAML Federation', 400);
|
|
44
|
+
}
|
|
45
|
+
const response = yield this.ssoHandler.resolveConnection({
|
|
46
|
+
tenant: requestedTenant,
|
|
47
|
+
product: requestedProduct,
|
|
48
|
+
authFlow: 'idp-initiated',
|
|
49
|
+
originalParams: Object.assign({}, body),
|
|
50
|
+
tenants: fedApp.tenants,
|
|
51
|
+
idFedAppId: fedApp.id,
|
|
52
|
+
fedType: fedApp.type, // will be saml
|
|
53
|
+
thirdPartyLogin: { idpInitiatorType: 'oidc', iss, target_link_uri },
|
|
54
|
+
ssoTraces: { instance: this.ssoTraces, context },
|
|
55
|
+
});
|
|
56
|
+
if ('connection' in response) {
|
|
57
|
+
connection = response.connection;
|
|
58
|
+
}
|
|
59
|
+
if (!connection) {
|
|
60
|
+
throw new JacksonError('IdP connection not found.', 404);
|
|
61
|
+
}
|
|
62
|
+
context.clientID = connection.clientID;
|
|
63
|
+
context.providerName = (connection === null || connection === void 0 ? void 0 : connection.oidcProvider.friendlyProviderName) || '';
|
|
64
|
+
context.acsUrl = fedApp.acsUrl;
|
|
65
|
+
context.entityId = fedApp.entityId;
|
|
66
|
+
if (!isConnectionActive(connection)) {
|
|
67
|
+
throw new JacksonError('OIDC connection is deactivated. Please contact your administrator.', 403);
|
|
68
|
+
}
|
|
69
|
+
const requestParams = {
|
|
70
|
+
acsUrl: fedApp.acsUrl,
|
|
71
|
+
entityId: fedApp.entityId,
|
|
72
|
+
tenant: fedApp.tenant,
|
|
73
|
+
product: fedApp.product,
|
|
74
|
+
relayState: target_link_uri,
|
|
75
|
+
oidcIdPRequest: body,
|
|
76
|
+
};
|
|
77
|
+
return yield this.ssoHandler.createOIDCRequest({
|
|
78
|
+
connection,
|
|
79
|
+
requestParams,
|
|
80
|
+
mappings: fedApp.mappings,
|
|
81
|
+
ssoTraces: {
|
|
82
|
+
instance: this.ssoTraces,
|
|
83
|
+
context,
|
|
84
|
+
},
|
|
85
|
+
});
|
|
86
|
+
}
|
|
87
|
+
catch (err) {
|
|
88
|
+
const error_description = getErrorMessage(err);
|
|
89
|
+
this.ssoTraces.saveTrace({
|
|
90
|
+
error: error_description,
|
|
91
|
+
context,
|
|
92
|
+
});
|
|
93
|
+
throw err;
|
|
94
|
+
}
|
|
95
|
+
});
|
|
96
|
+
}
|
|
97
|
+
}
|
|
98
|
+
//# sourceMappingURL=idp-login.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"idp-login.js","sourceRoot":"","sources":["../../../../src/ee/identity-federation/idp-login.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AAEtD,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAC;AAS7E,OAAO,EAAE,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AAG/D,MAAM,OAAO,QAAQ;IAMnB,YAAY,EAAE,GAAG,EAAE,UAAU,EAAE,SAAS,EAAE,IAAI,EAAE;QAC9C,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;IACnB,CAAC;IAED,qCAAqC;IACxB,iBAAiB,CAC5B,IAAgD;;YAEhD,MAAM,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAExD,IAAI,UAAqC,CAAC;YAC1C,IAAI,MAAyC,CAAC;YAC9C,MAAM,EAAE,GAAG,EAAE,eAAe,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;YAChD,MAAM,OAAO,GAAG;gBACd,eAAe,EAAE,IAAI;gBACrB,UAAU,EAAE,eAAe;gBAC3B,SAAS,EAAE,IAAI;gBACf,cAAc,EAAE,IAAI;aACa,CAAC;YAEpC,IAAI,CAAC;gBACH,2BAA2B;gBAC3B,MAAM,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;oBAC1B,EAAE,EAAE,QAAQ;iBACb,CAAC,CAAC;gBAEH,MAAM,eAAe,GAAG,MAAM,CAAC,MAAM,CAAC;gBACtC,MAAM,gBAAgB,GAAG,MAAM,CAAC,OAAO,CAAC;gBAExC,OAAO,CAAC,MAAM,GAAG,eAAe,CAAC;gBACjC,OAAO,CAAC,OAAO,GAAG,gBAAgB,CAAC;gBAEnC,IAAI,MAAM,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;oBAC3B,MAAM,IAAI,YAAY,CACpB,gFAAgF,EAChF,GAAG,CACJ,CAAC;gBACJ,CAAC;gBAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,iBAAiB,CAAC;oBACvD,MAAM,EAAE,eAAe;oBACvB,OAAO,EAAE,gBAAgB;oBACzB,QAAQ,EAAE,eAAe;oBACzB,cAAc,oBAAO,IAAI,CAAE;oBAC3B,OAAO,EAAE,MAAM,CAAC,OAAO;oBACvB,UAAU,EAAE,MAAM,CAAC,EAAE;oBACrB,OAAO,EAAE,MAAM,CAAC,IAAI,EAAE,eAAe;oBACrC,eAAe,EAAE,EAAE,gBAAgB,EAAE,MAAM,EAAE,GAAG,EAAE,eAAe,EAAE;oBACnE,SAAS,EAAE,EAAE,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,OAAO,EAAE;iBACjD,CAAC,CAAC;gBAEH,IAAI,YAAY,IAAI,QAAQ,EAAE,CAAC;oBAC7B,UAAU,GAAG,QAAQ,CAAC,UAA2B,CAAC;gBACpD,CAAC;gBAED,IAAI,CAAC,UAAU,EAAE,CAAC;oBAChB,MAAM,IAAI,YAAY,CAAC,2BAA2B,EAAE,GAAG,CAAC,CAAC;gBAC3D,CAAC;gBAED,OAAO,CAAC,QAAQ,GAAG,UAAU,CAAC,QAAQ,CAAC;gBACvC,OAAO,CAAC,YAAY,GAAG,CAAA,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,YAAY,CAAC,oBAAoB,KAAI,EAAE,CAAC;gBAC3E,OAAO,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;gBAC/B,OAAO,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;gBAEnC,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAAC;oBACpC,MAAM,IAAI,YAAY,CAAC,oEAAoE,EAAE,GAAG,CAAC,CAAC;gBACpG,CAAC;gBAED,MAAM,aAAa,GAAG;oBACpB,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,QAAQ,EAAE,MAAM,CAAC,QAAQ;oBACzB,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,OAAO,EAAE,MAAM,CAAC,OAAO;oBACvB,UAAU,EAAE,eAAe;oBAC3B,cAAc,EAAE,IAAI;iBACrB,CAAC;gBAEF,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,iBAAiB,CAAC;oBAC7C,UAAU;oBACV,aAAa;oBACb,QAAQ,EAAE,MAAM,CAAC,QAAQ;oBACzB,SAAS,EAAE;wBACT,QAAQ,EAAE,IAAI,CAAC,SAAS;wBACxB,OAAO;qBACR;iBACF,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,GAAY,EAAE,CAAC;gBACtB,MAAM,iBAAiB,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;gBAE/C,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC;oBACvB,KAAK,EAAE,iBAAiB;oBACxB,OAAO;iBACR,CAAC,CAAC;gBAEH,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC;KAAA;CACF"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
import { SSO } from './sso';
|
|
2
|
+
import { App } from './app';
|
|
3
|
+
import type { JacksonOption, SSOTracesInstance } from '../../typings';
|
|
4
|
+
import { IdPLogin } from './idp-login';
|
|
5
|
+
declare const IdentityFederation: ({ db, opts, ssoTraces, }: {
|
|
6
|
+
db: any;
|
|
7
|
+
opts: JacksonOption;
|
|
8
|
+
ssoTraces: SSOTracesInstance;
|
|
9
|
+
}) => Promise<{
|
|
10
|
+
app: App;
|
|
11
|
+
sso: SSO;
|
|
12
|
+
idpLogin: IdPLogin;
|
|
13
|
+
}>;
|
|
14
|
+
export default IdentityFederation;
|
|
15
|
+
export * from './types';
|