@boxyhq/saml-jackson 1.33.0 → 1.33.1-beta.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/controller/oauth/oidc-client.d.ts +3 -3
- package/dist/controller/oauth/oidc-client.js +2 -1
- package/dist/controller/oauth/oidc-client.js.map +1 -1
- package/dist/controller/oauth/oidc-issuer.d.ts +2 -0
- package/dist/controller/oauth/oidc-issuer.js +25 -0
- package/dist/controller/oauth/oidc-issuer.js.map +1 -0
- package/dist/controller/oauth.js +36 -35
- package/dist/controller/oauth.js.map +1 -1
- package/dist/controller/sso-handler.js +1 -1
- package/dist/controller/sso-handler.js.map +1 -1
- package/dist/controller/utils.d.ts +5 -3
- package/dist/controller/utils.js +10 -2
- package/dist/controller/utils.js.map +1 -1
- package/dist/src/controller/admin.d.ts +27 -0
- package/dist/src/controller/admin.js +60 -0
- package/dist/src/controller/admin.js.map +1 -0
- package/dist/src/controller/analytics.d.ts +16 -0
- package/dist/src/controller/analytics.js +79 -0
- package/dist/src/controller/analytics.js.map +1 -0
- package/dist/src/controller/api.d.ts +557 -0
- package/dist/src/controller/api.js +806 -0
- package/dist/src/controller/api.js.map +1 -0
- package/dist/src/controller/connection/oidc.d.ts +7 -0
- package/dist/src/controller/connection/oidc.js +181 -0
- package/dist/src/controller/connection/oidc.js.map +1 -0
- package/dist/src/controller/connection/saml.d.ts +7 -0
- package/dist/src/controller/connection/saml.js +250 -0
- package/dist/src/controller/connection/saml.js.map +1 -0
- package/dist/src/controller/error.d.ts +10 -0
- package/dist/src/controller/error.js +13 -0
- package/dist/src/controller/error.js.map +1 -0
- package/dist/src/controller/health-check.d.ts +11 -0
- package/dist/src/controller/health-check.js +51 -0
- package/dist/src/controller/health-check.js.map +1 -0
- package/dist/src/controller/logout.d.ts +18 -0
- package/dist/src/controller/logout.js +132 -0
- package/dist/src/controller/logout.js.map +1 -0
- package/dist/src/controller/oauth/allowed.d.ts +1 -0
- package/dist/src/controller/oauth/allowed.js +30 -0
- package/dist/src/controller/oauth/allowed.js.map +1 -0
- package/dist/src/controller/oauth/code-verifier.d.ts +1 -0
- package/dist/src/controller/oauth/code-verifier.js +8 -0
- package/dist/src/controller/oauth/code-verifier.js.map +1 -0
- package/dist/src/controller/oauth/oidc-client.d.ts +12 -0
- package/dist/src/controller/oauth/oidc-client.js +89 -0
- package/dist/src/controller/oauth/oidc-client.js.map +1 -0
- package/dist/src/controller/oauth/redirect.d.ts +1 -0
- package/dist/src/controller/oauth/redirect.js +13 -0
- package/dist/src/controller/oauth/redirect.js.map +1 -0
- package/dist/src/controller/oauth.d.ts +142 -0
- package/dist/src/controller/oauth.js +1112 -0
- package/dist/src/controller/oauth.js.map +1 -0
- package/dist/src/controller/oidc-discovery.d.ts +22 -0
- package/dist/src/controller/oidc-discovery.js +47 -0
- package/dist/src/controller/oidc-discovery.js.map +1 -0
- package/dist/src/controller/setup-link.d.ts +307 -0
- package/dist/src/controller/setup-link.js +462 -0
- package/dist/src/controller/setup-link.js.map +1 -0
- package/dist/src/controller/sp-config.d.ts +22 -0
- package/dist/src/controller/sp-config.js +89 -0
- package/dist/src/controller/sp-config.js.map +1 -0
- package/dist/src/controller/sso-handler.d.ts +66 -0
- package/dist/src/controller/sso-handler.js +306 -0
- package/dist/src/controller/sso-handler.js.map +1 -0
- package/dist/src/controller/utils.d.ts +84 -0
- package/dist/src/controller/utils.js +328 -0
- package/dist/src/controller/utils.js.map +1 -0
- package/dist/src/cron/lock.d.ts +18 -0
- package/dist/src/cron/lock.js +98 -0
- package/dist/src/cron/lock.js.map +1 -0
- package/dist/src/db/db.d.ts +5 -0
- package/dist/src/db/db.js +178 -0
- package/dist/src/db/db.js.map +1 -0
- package/dist/src/db/defaultDb.d.ts +2 -0
- package/dist/src/db/defaultDb.js +18 -0
- package/dist/src/db/defaultDb.js.map +1 -0
- package/dist/src/db/dynamoDb.d.ts +19 -0
- package/dist/src/db/dynamoDb.js +320 -0
- package/dist/src/db/dynamoDb.js.map +1 -0
- package/dist/src/db/encrypter.d.ts +3 -0
- package/dist/src/db/encrypter.js +22 -0
- package/dist/src/db/encrypter.js.map +1 -0
- package/dist/src/db/mem.d.ts +23 -0
- package/dist/src/db/mem.js +186 -0
- package/dist/src/db/mem.js.map +1 -0
- package/dist/src/db/mongo.d.ts +22 -0
- package/dist/src/db/mongo.js +177 -0
- package/dist/src/db/mongo.js.map +1 -0
- package/dist/src/db/planetscale/entity/JacksonIndex.d.ts +5 -0
- package/dist/src/db/planetscale/entity/JacksonIndex.js +32 -0
- package/dist/src/db/planetscale/entity/JacksonIndex.js.map +1 -0
- package/dist/src/db/planetscale/entity/JacksonStore.d.ts +9 -0
- package/dist/src/db/planetscale/entity/JacksonStore.js +63 -0
- package/dist/src/db/planetscale/entity/JacksonStore.js.map +1 -0
- package/dist/src/db/planetscale/entity/JacksonTTL.d.ts +4 -0
- package/dist/src/db/planetscale/entity/JacksonTTL.js +27 -0
- package/dist/src/db/planetscale/entity/JacksonTTL.js.map +1 -0
- package/dist/src/db/redis.d.ts +18 -0
- package/dist/src/db/redis.js +214 -0
- package/dist/src/db/redis.js.map +1 -0
- package/dist/src/db/sql/entity/JacksonIndex.d.ts +7 -0
- package/dist/src/db/sql/entity/JacksonIndex.js +39 -0
- package/dist/src/db/sql/entity/JacksonIndex.js.map +1 -0
- package/dist/src/db/sql/entity/JacksonStore.d.ts +9 -0
- package/dist/src/db/sql/entity/JacksonStore.js +61 -0
- package/dist/src/db/sql/entity/JacksonStore.js.map +1 -0
- package/dist/src/db/sql/entity/JacksonTTL.d.ts +4 -0
- package/dist/src/db/sql/entity/JacksonTTL.js +27 -0
- package/dist/src/db/sql/entity/JacksonTTL.js.map +1 -0
- package/dist/src/db/sql/mariadb/entity/JacksonIndex.d.ts +7 -0
- package/dist/src/db/sql/mariadb/entity/JacksonIndex.js +39 -0
- package/dist/src/db/sql/mariadb/entity/JacksonIndex.js.map +1 -0
- package/dist/src/db/sql/mariadb/entity/JacksonStore.d.ts +9 -0
- package/dist/src/db/sql/mariadb/entity/JacksonStore.js +63 -0
- package/dist/src/db/sql/mariadb/entity/JacksonStore.js.map +1 -0
- package/dist/src/db/sql/mariadb/entity/JacksonTTL.d.ts +4 -0
- package/dist/src/db/sql/mariadb/entity/JacksonTTL.js +27 -0
- package/dist/src/db/sql/mariadb/entity/JacksonTTL.js.map +1 -0
- package/dist/src/db/sql/mssql/entity/JacksonIndex.d.ts +7 -0
- package/dist/src/db/sql/mssql/entity/JacksonIndex.js +39 -0
- package/dist/src/db/sql/mssql/entity/JacksonIndex.js.map +1 -0
- package/dist/src/db/sql/mssql/entity/JacksonStore.d.ts +9 -0
- package/dist/src/db/sql/mssql/entity/JacksonStore.js +61 -0
- package/dist/src/db/sql/mssql/entity/JacksonStore.js.map +1 -0
- package/dist/src/db/sql/mssql/entity/JacksonTTL.d.ts +4 -0
- package/dist/src/db/sql/mssql/entity/JacksonTTL.js +27 -0
- package/dist/src/db/sql/mssql/entity/JacksonTTL.js.map +1 -0
- package/dist/src/db/sql/mssql.d.ts +1 -0
- package/dist/src/db/sql/mssql.js +44 -0
- package/dist/src/db/sql/mssql.js.map +1 -0
- package/dist/src/db/sql/sql.d.ts +32 -0
- package/dist/src/db/sql/sql.js +318 -0
- package/dist/src/db/sql/sql.js.map +1 -0
- package/dist/src/db/sql/sqlite/entity/JacksonIndex.d.ts +7 -0
- package/dist/src/db/sql/sqlite/entity/JacksonIndex.js +39 -0
- package/dist/src/db/sql/sqlite/entity/JacksonIndex.js.map +1 -0
- package/dist/src/db/sql/sqlite/entity/JacksonStore.d.ts +9 -0
- package/dist/src/db/sql/sqlite/entity/JacksonStore.js +61 -0
- package/dist/src/db/sql/sqlite/entity/JacksonStore.js.map +1 -0
- package/dist/src/db/sql/sqlite/entity/JacksonTTL.d.ts +4 -0
- package/dist/src/db/sql/sqlite/entity/JacksonTTL.js +27 -0
- package/dist/src/db/sql/sqlite/entity/JacksonTTL.js.map +1 -0
- package/dist/src/db/store.d.ts +5 -0
- package/dist/src/db/store.js +65 -0
- package/dist/src/db/store.js.map +1 -0
- package/dist/src/db/utils.d.ts +16 -0
- package/dist/src/db/utils.js +28 -0
- package/dist/src/db/utils.js.map +1 -0
- package/dist/src/directory-sync/batch-events/queue.d.ts +40 -0
- package/dist/src/directory-sync/batch-events/queue.js +225 -0
- package/dist/src/directory-sync/batch-events/queue.js.map +1 -0
- package/dist/src/directory-sync/index.d.ts +27 -0
- package/dist/src/directory-sync/index.js +97 -0
- package/dist/src/directory-sync/index.js.map +1 -0
- package/dist/src/directory-sync/non-scim/google/api.d.ts +36 -0
- package/dist/src/directory-sync/non-scim/google/api.js +143 -0
- package/dist/src/directory-sync/non-scim/google/api.js.map +1 -0
- package/dist/src/directory-sync/non-scim/google/index.d.ts +12 -0
- package/dist/src/directory-sync/non-scim/google/index.js +10 -0
- package/dist/src/directory-sync/non-scim/google/index.js.map +1 -0
- package/dist/src/directory-sync/non-scim/google/oauth.d.ts +27 -0
- package/dist/src/directory-sync/non-scim/google/oauth.js +105 -0
- package/dist/src/directory-sync/non-scim/google/oauth.js.map +1 -0
- package/dist/src/directory-sync/non-scim/index.d.ts +24 -0
- package/dist/src/directory-sync/non-scim/index.js +85 -0
- package/dist/src/directory-sync/non-scim/index.js.map +1 -0
- package/dist/src/directory-sync/non-scim/syncGroupMembers.d.ts +23 -0
- package/dist/src/directory-sync/non-scim/syncGroupMembers.js +105 -0
- package/dist/src/directory-sync/non-scim/syncGroupMembers.js.map +1 -0
- package/dist/src/directory-sync/non-scim/syncGroups.d.ts +24 -0
- package/dist/src/directory-sync/non-scim/syncGroups.js +120 -0
- package/dist/src/directory-sync/non-scim/syncGroups.js.map +1 -0
- package/dist/src/directory-sync/non-scim/syncUsers.d.ts +24 -0
- package/dist/src/directory-sync/non-scim/syncUsers.js +120 -0
- package/dist/src/directory-sync/non-scim/syncUsers.js.map +1 -0
- package/dist/src/directory-sync/non-scim/utils.d.ts +36 -0
- package/dist/src/directory-sync/non-scim/utils.js +109 -0
- package/dist/src/directory-sync/non-scim/utils.js.map +1 -0
- package/dist/src/directory-sync/request.d.ts +14 -0
- package/dist/src/directory-sync/request.js +29 -0
- package/dist/src/directory-sync/request.js.map +1 -0
- package/dist/src/directory-sync/scim/Base.d.ts +12 -0
- package/dist/src/directory-sync/scim/Base.js +23 -0
- package/dist/src/directory-sync/scim/Base.js.map +1 -0
- package/dist/src/directory-sync/scim/DirectoryConfig.d.ts +343 -0
- package/dist/src/directory-sync/scim/DirectoryConfig.js +580 -0
- package/dist/src/directory-sync/scim/DirectoryConfig.js.map +1 -0
- package/dist/src/directory-sync/scim/DirectoryGroups.d.ts +28 -0
- package/dist/src/directory-sync/scim/DirectoryGroups.js +252 -0
- package/dist/src/directory-sync/scim/DirectoryGroups.js.map +1 -0
- package/dist/src/directory-sync/scim/DirectoryUsers.d.ts +25 -0
- package/dist/src/directory-sync/scim/DirectoryUsers.js +193 -0
- package/dist/src/directory-sync/scim/DirectoryUsers.js.map +1 -0
- package/dist/src/directory-sync/scim/Groups.d.ts +166 -0
- package/dist/src/directory-sync/scim/Groups.js +348 -0
- package/dist/src/directory-sync/scim/Groups.js.map +1 -0
- package/dist/src/directory-sync/scim/Users.d.ts +99 -0
- package/dist/src/directory-sync/scim/Users.js +215 -0
- package/dist/src/directory-sync/scim/Users.js.map +1 -0
- package/dist/src/directory-sync/scim/WebhookEventsLogger.d.ts +101 -0
- package/dist/src/directory-sync/scim/WebhookEventsLogger.js +165 -0
- package/dist/src/directory-sync/scim/WebhookEventsLogger.js.map +1 -0
- package/dist/src/directory-sync/scim/transform.d.ts +6 -0
- package/dist/src/directory-sync/scim/transform.js +37 -0
- package/dist/src/directory-sync/scim/transform.js.map +1 -0
- package/dist/src/directory-sync/scim/utils.d.ts +33 -0
- package/dist/src/directory-sync/scim/utils.js +129 -0
- package/dist/src/directory-sync/scim/utils.js.map +1 -0
- package/dist/src/directory-sync/types.d.ts +195 -0
- package/dist/src/directory-sync/types.js +10 -0
- package/dist/src/directory-sync/types.js.map +1 -0
- package/dist/src/directory-sync/utils.d.ts +19 -0
- package/dist/src/directory-sync/utils.js +56 -0
- package/dist/src/directory-sync/utils.js.map +1 -0
- package/dist/src/ee/branding/index.d.ts +17 -0
- package/dist/src/ee/branding/index.js +49 -0
- package/dist/src/ee/branding/index.js.map +1 -0
- package/dist/src/ee/common/checkLicense.d.ts +3 -0
- package/dist/src/ee/common/checkLicense.js +23 -0
- package/dist/src/ee/common/checkLicense.js.map +1 -0
- package/dist/src/ee/identity-federation/app.d.ts +328 -0
- package/dist/src/ee/identity-federation/app.js +532 -0
- package/dist/src/ee/identity-federation/app.js.map +1 -0
- package/dist/src/ee/identity-federation/idp-login.d.ts +18 -0
- package/dist/src/ee/identity-federation/idp-login.js +98 -0
- package/dist/src/ee/identity-federation/idp-login.js.map +1 -0
- package/dist/src/ee/identity-federation/index.d.ts +15 -0
- package/dist/src/ee/identity-federation/index.js +43 -0
- package/dist/src/ee/identity-federation/index.js.map +1 -0
- package/dist/src/ee/identity-federation/sso.d.ts +24 -0
- package/dist/src/ee/identity-federation/sso.js +124 -0
- package/dist/src/ee/identity-federation/sso.js.map +1 -0
- package/dist/src/ee/identity-federation/types.d.ts +38 -0
- package/dist/src/ee/identity-federation/types.js +2 -0
- package/dist/src/ee/identity-federation/types.js.map +1 -0
- package/dist/src/ee/ory/ory.d.ts +18 -0
- package/dist/src/ee/ory/ory.js +195 -0
- package/dist/src/ee/ory/ory.js.map +1 -0
- package/dist/src/ee/product/index.d.ts +14 -0
- package/dist/src/ee/product/index.js +45 -0
- package/dist/src/ee/product/index.js.map +1 -0
- package/dist/src/event/axios.d.ts +2 -0
- package/dist/src/event/axios.js +27 -0
- package/dist/src/event/axios.js.map +1 -0
- package/dist/src/event/index.d.ts +11 -0
- package/dist/src/event/index.js +53 -0
- package/dist/src/event/index.js.map +1 -0
- package/dist/src/event/types.d.ts +21 -0
- package/dist/src/event/types.js +2 -0
- package/dist/src/event/types.js.map +1 -0
- package/dist/src/event/utils.d.ts +4 -0
- package/dist/src/event/utils.js +33 -0
- package/dist/src/event/utils.js.map +1 -0
- package/dist/src/event/webhook.d.ts +3 -0
- package/dist/src/event/webhook.js +34 -0
- package/dist/src/event/webhook.js.map +1 -0
- package/dist/src/index.d.ts +35 -0
- package/dist/src/index.js +161 -0
- package/dist/src/index.js.map +1 -0
- package/dist/src/loadConnection.d.ts +4 -0
- package/dist/src/loadConnection.js +38 -0
- package/dist/src/loadConnection.js.map +1 -0
- package/dist/src/opentelemetry/metrics.d.ts +14 -0
- package/dist/src/opentelemetry/metrics.js +64 -0
- package/dist/src/opentelemetry/metrics.js.map +1 -0
- package/dist/src/saml/claims.d.ts +12 -0
- package/dist/src/saml/claims.js +57 -0
- package/dist/src/saml/claims.js.map +1 -0
- package/dist/src/saml/lib.d.ts +8 -0
- package/dist/src/saml/lib.js +29 -0
- package/dist/src/saml/lib.js.map +1 -0
- package/dist/src/saml/x509.d.ts +9 -0
- package/dist/src/saml/x509.js +93 -0
- package/dist/src/saml/x509.js.map +1 -0
- package/dist/src/sso-traces/index.d.ts +114 -0
- package/dist/src/sso-traces/index.js +229 -0
- package/dist/src/sso-traces/index.js.map +1 -0
- package/dist/src/sso-traces/types.d.ts +44 -0
- package/dist/src/sso-traces/types.js +2 -0
- package/dist/src/sso-traces/types.js.map +1 -0
- package/dist/src/typings.d.ts +540 -0
- package/dist/src/typings.js +5 -0
- package/dist/src/typings.js.map +1 -0
- package/dist/typeorm.d.ts +3 -0
- package/dist/typeorm.js +58 -0
- package/dist/typeorm.js.map +1 -0
- package/dist/typings.d.ts +1 -1
- package/package.json +7 -7
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"api.js","sourceRoot":"","sources":["../../../src/controller/api.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,OAAO,MAAM,aAAa,CAAC;AACvC,OAAO,KAAK,OAAO,MAAM,0BAA0B,CAAC;AAqBpD,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,oBAAoB,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,SAAS,CAAC;AAC3G,OAAO,cAAc,MAAM,mBAAmB,CAAC;AAC/C,OAAO,cAAc,MAAM,mBAAmB,CAAC;AAG/C,MAAM,OAAO,uBAAuB;IAMlC,YAAY,EAAE,eAAe,EAAE,IAAI,EAAE,eAAe,EAAE,aAAa,EAAE;QACnE,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;QACvC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;QACvC,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;IACrC,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAyJG;IACU,oBAAoB,CAC/B,IAA6E;;YAE7E,OAAO,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;YAEtC,MAAM,UAAU,GAAG,MAAM,cAAc,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;YAE/F,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;YAE7D,OAAO,UAAU,CAAC;QACpB,CAAC;KAAA;IAED,8BAA8B;IACjB,MAAM,CACjB,GAAG,IAAiE;;YAEpE,OAAO,IAAI,CAAC,oBAAoB,CAAC,GAAG,IAAI,CAAC,CAAC;QAC5C,CAAC;KAAA;IAEY,oBAAoB,CAC/B,IAAuE;;YAEvE,OAAO,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;YAEtC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACxB,MAAM,IAAI,YAAY,CAAC,+DAA+D,EAAE,GAAG,CAAC,CAAC;YAC/F,CAAC;YAED,MAAM,UAAU,GAAG,MAAM,cAAc,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;YAE/F,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;YAE7D,OAAO,UAAU,CAAC;QACpB,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAiJG;IACU,oBAAoB,CAAC,IAAgC;;YAChE,MAAM,UAAU,GAAG,MAAM,cAAc,CAAC,MAAM,CAC5C,IAAI,EACJ,IAAI,CAAC,eAAe,EACpB,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EAC9B,IAAI,CAAC,aAAa,CACnB,CAAC;YAEF,IAAI,aAAa,IAAI,IAAI,EAAE,CAAC;gBAC1B,IAAI,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAAC;oBACnC,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;gBACjE,CAAC;qBAAM,CAAC;oBACN,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,iBAAiB,EAAE,UAAU,CAAC,CAAC;gBACnE,CAAC;YACH,CAAC;QACH,CAAC;KAAA;IAED,8BAA8B;IACjB,YAAY,CACvB,GAAG,IAAiE;;YAEpE,MAAM,IAAI,CAAC,oBAAoB,CAAC,GAAG,IAAI,CAAC,CAAC;QAC3C,CAAC;KAAA;IAEY,oBAAoB,CAAC,IAAgC;;YAChE,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACxB,MAAM,IAAI,YAAY,CAAC,+DAA+D,EAAE,GAAG,CAAC,CAAC;YAC/F,CAAC;YAED,MAAM,UAAU,GAAG,MAAM,cAAc,CAAC,MAAM,CAC5C,IAAI,EACJ,IAAI,CAAC,eAAe,EACpB,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EAC9B,IAAI,CAAC,aAAa,CACnB,CAAC;YAEF,IAAI,aAAa,IAAI,IAAI,EAAE,CAAC;gBAC1B,IAAI,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAAC;oBACnC,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;gBACjE,CAAC;qBAAM,CAAC;oBACN,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,iBAAiB,EAAE,UAAU,CAAC,CAAC;gBACnE,CAAC;YACH,CAAC;QACH,CAAC;KAAA;IAEM,cAAc,CAAC,IAAwB;QAC5C,MAAM,MAAM,GAAG,QAAQ,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;QAC1D,MAAM,OAAO,GAAG,SAAS,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;QAC7D,IAAI,CAAC,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;YACxB,MAAM,IAAI,YAAY,CAAC,wCAAwC,EAAE,GAAG,CAAC,CAAC;QACxE,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,IAAI,KAAK,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC;QAC/D,CAAC;IACH,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAoGG;IACU,cAAc,CAAC,IAAyB;;YACnD,MAAM,QAAQ,GAAG,UAAU,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,MAAM,MAAM,GAAG,QAAQ,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,MAAM,OAAO,GAAG,SAAS,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC7D,MAAM,QAAQ,GAAG,UAAU,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,MAAM,QAAQ,GAAG,UAAU,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAEhE,OAAO,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;YAEpC,IAAI,WAAW,GAA6C,IAAI,CAAC;YAEjE,gCAAgC;YAChC,IAAI,QAAQ,EAAE,CAAC;gBACb,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC;oBACnD,IAAI,EAAE,UAAU,CAAC,QAAQ;oBACzB,KAAK,EAAE,QAAQ;iBAChB,CAAC,CAAC;gBAEH,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;oBAC1C,WAAW,GAAG,EAAE,CAAC;gBACnB,CAAC;qBAAM,CAAC;oBACN,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC;gBAC5B,CAAC;YACH,CAAC;YAED,gCAAgC;iBAC3B,IAAI,QAAQ,EAAE,CAAC;gBAClB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;gBAExD,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;oBAC1C,WAAW,GAAG,EAAE,CAAC;gBACnB,CAAC;qBAAM,CAAC;oBACN,WAAW,GAAG,CAAC,MAAM,CAAC,CAAC;gBACzB,CAAC;YACH,CAAC;YAED,wCAAwC;iBACnC,IAAI,MAAM,IAAI,OAAO,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBACpD,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;gBAEhF,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,GAAG,CAC9B,OAAO,CAAC,GAAG,CAAC,CAAO,CAAC,EAAE,EAAE;oBACtB,OAAA,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC;wBAC9B,IAAI,EAAE,UAAU,CAAC,aAAa;wBAC9B,KAAK,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC,EAAE,OAAO,CAAC;qBACxC,CAAC,CAAA;kBAAA,CACH,CACF,CAAC;gBAEF,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;oBAC9B,WAAW,GAAG,EAAE,CAAC;gBACnB,CAAC;qBAAM,CAAC;oBACN,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;gBAC9C,CAAC;YACH,CAAC;YAED,0CAA0C;iBACrC,IAAI,MAAM,IAAI,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBACrD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC;oBACnD,IAAI,EAAE,UAAU,CAAC,aAAa;oBAC9B,KAAK,EAAE,OAAO,CAAC,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC;iBAC7C,CAAC,CAAC;gBAEH,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;oBACnC,WAAW,GAAG,EAAE,CAAC;gBACnB,CAAC;qBAAM,CAAC;oBACN,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC;gBAC5B,CAAC;gBAED,iCAAiC;gBACjC,IAAI,WAAW,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,IAAI,QAAQ,EAAE,CAAC;oBACtD,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,UAAU,EAAE,EAAE;wBAC9C,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;4BACxB,OAAO,aAAa,IAAI,UAAU,CAAC;wBACrC,CAAC;wBAED,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;4BACxB,OAAO,cAAc,IAAI,UAAU,CAAC;wBACtC,CAAC;wBAED,OAAO,KAAK,CAAC;oBACf,CAAC,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,IAAI,WAAW,EAAE,CAAC;gBAChB,MAAM,IAAI,GAAG,MAAM,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC;gBAEhD,IAAI,IAAI,EAAE,CAAC;oBACT,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC;gBACtE,CAAC;gBAED,OAAO,oBAAoB,CAAC,WAAW,CAAC,CAAC;YAC3C,CAAC;YAED,MAAM,IAAI,YAAY,CAAC,sDAAsD,EAAE,GAAG,CAAC,CAAC;QACtF,CAAC;KAAA;IAEY,SAAS,CAAC,IAAoB;;YACzC,MAAM,QAAQ,GAAG,UAAU,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,MAAM,MAAM,GAAG,QAAQ,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,MAAM,OAAO,GAAG,SAAS,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAE7D,OAAO,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;YAEpC,IAAI,QAAQ,EAAE,CAAC;gBACb,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;gBAE5D,OAAO,UAAU,IAAI,EAAE,CAAC;YAC1B,CAAC;YAED,IAAI,MAAM,IAAI,OAAO,EAAE,CAAC;gBACtB,MAAM,WAAW,GAAG,CAClB,MAAM,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC;oBACpC,IAAI,EAAE,UAAU,CAAC,aAAa;oBAC9B,KAAK,EAAE,OAAO,CAAC,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC;iBAC7C,CAAC,CACH,CAAC,IAAI,CAAC;gBAEP,IAAI,CAAC,WAAW,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC;oBACxC,OAAO,EAAE,CAAC;gBACZ,CAAC;gBAED,yBAAY,WAAW,CAAC,CAAC,CAAC,EAAG;YAC/B,CAAC;YAED,MAAM,IAAI,YAAY,CAAC,sDAAsD,EAAE,GAAG,CAAC,CAAC;QACtF,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA8CG;IACU,iBAAiB,CAAC,IAAyB;;YACtD,MAAM,QAAQ,GAAG,UAAU,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,MAAM,YAAY,GAAG,cAAc,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,MAAM,MAAM,GAAG,QAAQ,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,MAAM,OAAO,GAAG,SAAS,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC7D,MAAM,QAAQ,GAAG,UAAU,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAEhE,OAAO,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC;YAEvC,IAAI,QAAQ,IAAI,YAAY,EAAE,CAAC;gBAC7B,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;gBAE5D,IAAI,CAAC,UAAU,EAAE,CAAC;oBAChB,OAAO;gBACT,CAAC;gBAED,IAAI,UAAU,CAAC,YAAY,KAAK,YAAY,EAAE,CAAC;oBAC7C,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;oBAC5C,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,aAAa,EAAE,mBAAmB,CAAC,UAAU,CAAC,CAAC,CAAC;gBACpF,CAAC;qBAAM,CAAC;oBACN,MAAM,IAAI,YAAY,CAAC,uBAAuB,EAAE,GAAG,CAAC,CAAC;gBACvD,CAAC;gBAED,OAAO;YACT,CAAC;YAED,IAAI,MAAM,IAAI,OAAO,EAAE,CAAC;gBACtB,MAAM,WAAW,GAAG,CAClB,MAAM,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC;oBACpC,IAAI,EAAE,UAAU,CAAC,aAAa;oBAC9B,KAAK,EAAE,OAAO,CAAC,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC;iBAC7C,CAAC,CACH,CAAC,IAAI,CAAC;gBAEP,IAAI,CAAC,WAAW,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC;oBACxC,OAAO;gBACT,CAAC;gBAED,+BAA+B;gBAC/B,MAAM,mBAAmB,GAAG,QAAQ;oBAClC,CAAC,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,UAAU,EAAE,EAAE;wBAChC,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;4BACxB,IAAI,UAAU,CAAC,WAAW,EAAE,CAAC;gCAC3B,OAAO,IAAI,CAAC;4BACd,CAAC;wBACH,CAAC;wBACD,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;4BACxB,IAAI,UAAU,CAAC,YAAY,EAAE,CAAC;gCAC5B,OAAO,IAAI,CAAC;4BACd,CAAC;wBACH,CAAC;wBACD,OAAO,KAAK,CAAC;oBACf,CAAC,CAAC;oBACJ,CAAC,CAAC,WAAW,CAAC;gBAEhB,KAAK,MAAM,IAAI,IAAI,oBAAoB,CAAC,mBAAmB,CAAC,EAAE,CAAC;oBAC7D,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;oBACjD,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;gBACzD,CAAC;gBAED,OAAO;YACT,CAAC;YAED,MAAM,IAAI,YAAY,CAAC,yEAAyE,EAAE,GAAG,CAAC,CAAC;QACzG,CAAC;KAAA;IAEY,YAAY,CAAC,IAAyB;;YACjD,MAAM,IAAI,CAAC,iBAAiB,iCAAM,IAAI,KAAE,QAAQ,EAAE,MAAM,IAAG,CAAC;QAC9D,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA+EG;IACU,uBAAuB,CAClC,IAAwB;;YAExB,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;YAE3D,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,YAAY,CAAC,6BAA6B,EAAE,GAAG,CAAC,CAAC;YAC7D,CAAC;YAED,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,UAAU,CACvD;gBACE,IAAI,EAAE,UAAU,CAAC,OAAO;gBACxB,KAAK,EAAE,OAAO;aACf,EACD,UAAU,EACV,SAAS,EACT,SAAS,CACV,CAAC;YAEF,OAAO,EAAE,IAAI,EAAE,oBAAoB,CAAC,WAAW,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,CAAC;QACrE,CAAC;KAAA;IAEY,QAAQ,CAAC,GAAW;;YAC/B,OAAO,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QAClD,CAAC;KAAA;CACF"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import { IConnectionAPIController, OIDCSSOConnectionWithDiscoveryUrl, OIDCSSOConnectionWithMetadata, OIDCSSORecord, Storable, UpdateOIDCConnectionParams } from '../../typings';
|
|
2
|
+
import { OryController } from '../../ee/ory/ory';
|
|
3
|
+
declare const oidc: {
|
|
4
|
+
create: (body: OIDCSSOConnectionWithDiscoveryUrl | OIDCSSOConnectionWithMetadata, connectionStore: Storable, oryController: OryController) => Promise<OIDCSSORecord>;
|
|
5
|
+
update: (body: UpdateOIDCConnectionParams, connectionStore: Storable, connectionsGetter: IConnectionAPIController["getConnections"], oryController: OryController) => Promise<OIDCSSORecord>;
|
|
6
|
+
};
|
|
7
|
+
export default oidc;
|
|
@@ -0,0 +1,181 @@
|
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
9
|
+
};
|
|
10
|
+
var __rest = (this && this.__rest) || function (s, e) {
|
|
11
|
+
var t = {};
|
|
12
|
+
for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
|
|
13
|
+
t[p] = s[p];
|
|
14
|
+
if (s != null && typeof Object.getOwnPropertySymbols === "function")
|
|
15
|
+
for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
|
|
16
|
+
if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
|
|
17
|
+
t[p[i]] = s[p[i]];
|
|
18
|
+
}
|
|
19
|
+
return t;
|
|
20
|
+
};
|
|
21
|
+
import crypto from 'crypto';
|
|
22
|
+
import * as dbutils from '../../db/utils';
|
|
23
|
+
import { extractHostName, extractRedirectUrls, IndexNames, validateSSOConnection, validateRedirectUrl, validateTenantAndProduct, validateSortOrder, } from '../utils';
|
|
24
|
+
import { JacksonError } from '../error';
|
|
25
|
+
const oidc = {
|
|
26
|
+
create: (body, connectionStore, oryController) => __awaiter(void 0, void 0, void 0, function* () {
|
|
27
|
+
var _a, _b, _c;
|
|
28
|
+
validateSSOConnection(body, 'oidc');
|
|
29
|
+
const { defaultRedirectUrl, redirectUrl, tenant, product, name, label, description, oidcDiscoveryUrl = '', oidcMetadata = { issuer: '' }, oidcClientId = '', oidcClientSecret = '', } = body;
|
|
30
|
+
let connectionClientSecret;
|
|
31
|
+
const redirectUrlList = extractRedirectUrls(redirectUrl);
|
|
32
|
+
validateRedirectUrl({ defaultRedirectUrl, redirectUrlList });
|
|
33
|
+
validateTenantAndProduct(tenant, product);
|
|
34
|
+
if ('sortOrder' in body) {
|
|
35
|
+
validateSortOrder(body.sortOrder);
|
|
36
|
+
}
|
|
37
|
+
const record = {
|
|
38
|
+
defaultRedirectUrl,
|
|
39
|
+
redirectUrl: redirectUrlList,
|
|
40
|
+
tenant,
|
|
41
|
+
product,
|
|
42
|
+
name,
|
|
43
|
+
label,
|
|
44
|
+
description,
|
|
45
|
+
clientID: '',
|
|
46
|
+
clientSecret: '',
|
|
47
|
+
sortOrder: parseInt(body.sortOrder),
|
|
48
|
+
};
|
|
49
|
+
// from OpenID Provider
|
|
50
|
+
record.oidcProvider = {
|
|
51
|
+
clientId: oidcClientId,
|
|
52
|
+
clientSecret: oidcClientSecret,
|
|
53
|
+
};
|
|
54
|
+
if (oidcDiscoveryUrl) {
|
|
55
|
+
record.oidcProvider.discoveryUrl = oidcDiscoveryUrl;
|
|
56
|
+
}
|
|
57
|
+
else if (oidcMetadata.issuer) {
|
|
58
|
+
record.oidcProvider.metadata = oidcMetadata;
|
|
59
|
+
}
|
|
60
|
+
// extract provider
|
|
61
|
+
const providerName = extractHostName(oidcDiscoveryUrl || oidcMetadata.issuer);
|
|
62
|
+
record.oidcProvider.provider = providerName ? providerName : 'Unknown';
|
|
63
|
+
// Use the clientId from the OpenID Provider to generate the clientID hash for the connection
|
|
64
|
+
record.clientID = dbutils.keyDigest(dbutils.keyFromParts(tenant, product, oidcClientId));
|
|
65
|
+
const exists = yield connectionStore.get(record.clientID);
|
|
66
|
+
const oryProjectId = (_a = exists === null || exists === void 0 ? void 0 : exists.ory) === null || _a === void 0 ? void 0 : _a.projectId;
|
|
67
|
+
const oryOrganizationId = (_b = exists === null || exists === void 0 ? void 0 : exists.ory) === null || _b === void 0 ? void 0 : _b.organizationId;
|
|
68
|
+
if (exists) {
|
|
69
|
+
connectionClientSecret = exists.clientSecret;
|
|
70
|
+
}
|
|
71
|
+
else {
|
|
72
|
+
connectionClientSecret = crypto.randomBytes(24).toString('hex');
|
|
73
|
+
}
|
|
74
|
+
record.clientSecret = connectionClientSecret;
|
|
75
|
+
const oryRes = yield oryController.createConnection({
|
|
76
|
+
sdkToken: undefined,
|
|
77
|
+
projectId: oryProjectId,
|
|
78
|
+
domains: (_c = body.ory) === null || _c === void 0 ? void 0 : _c.domains,
|
|
79
|
+
organizationId: oryOrganizationId,
|
|
80
|
+
error: undefined,
|
|
81
|
+
}, tenant, product);
|
|
82
|
+
if (oryRes) {
|
|
83
|
+
record.ory = oryRes;
|
|
84
|
+
}
|
|
85
|
+
yield connectionStore.put(record.clientID, record, {
|
|
86
|
+
// secondary index on tenant + product
|
|
87
|
+
name: IndexNames.TenantProduct,
|
|
88
|
+
value: dbutils.keyFromParts(tenant, product),
|
|
89
|
+
}, {
|
|
90
|
+
// secondary index on product
|
|
91
|
+
name: IndexNames.Product,
|
|
92
|
+
value: product,
|
|
93
|
+
});
|
|
94
|
+
return record;
|
|
95
|
+
}),
|
|
96
|
+
update: (body, connectionStore, connectionsGetter, oryController) => __awaiter(void 0, void 0, void 0, function* () {
|
|
97
|
+
var _a, _b, _c;
|
|
98
|
+
const { defaultRedirectUrl, redirectUrl, name, label, description, oidcDiscoveryUrl, oidcMetadata, oidcClientId, oidcClientSecret } = body, clientInfo = __rest(body, ["defaultRedirectUrl", "redirectUrl", "name", "label", "description", "oidcDiscoveryUrl", "oidcMetadata", "oidcClientId", "oidcClientSecret"]);
|
|
99
|
+
if (!(clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientID)) {
|
|
100
|
+
throw new JacksonError('Please provide clientID', 400);
|
|
101
|
+
}
|
|
102
|
+
if (!(clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientSecret)) {
|
|
103
|
+
throw new JacksonError('Please provide clientSecret', 400);
|
|
104
|
+
}
|
|
105
|
+
if (!(clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.tenant)) {
|
|
106
|
+
throw new JacksonError('Please provide tenant', 400);
|
|
107
|
+
}
|
|
108
|
+
if (!(clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.product)) {
|
|
109
|
+
throw new JacksonError('Please provide product', 400);
|
|
110
|
+
}
|
|
111
|
+
if (description && description.length > 100) {
|
|
112
|
+
throw new JacksonError('Description should not exceed 100 characters', 400);
|
|
113
|
+
}
|
|
114
|
+
if ('sortOrder' in body) {
|
|
115
|
+
validateSortOrder(body.sortOrder);
|
|
116
|
+
}
|
|
117
|
+
const redirectUrlList = redirectUrl ? extractRedirectUrls(redirectUrl) : null;
|
|
118
|
+
validateRedirectUrl({ defaultRedirectUrl, redirectUrlList });
|
|
119
|
+
const _savedConnection = (yield connectionsGetter(clientInfo))[0];
|
|
120
|
+
if (_savedConnection.clientSecret !== (clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientSecret)) {
|
|
121
|
+
throw new JacksonError('clientSecret mismatch', 400);
|
|
122
|
+
}
|
|
123
|
+
let oidcProvider;
|
|
124
|
+
if (_savedConnection && typeof _savedConnection.oidcProvider === 'object') {
|
|
125
|
+
oidcProvider = Object.assign({}, _savedConnection.oidcProvider);
|
|
126
|
+
if (oidcClientId && typeof oidcClientId === 'string') {
|
|
127
|
+
const clientID = dbutils.keyDigest(dbutils.keyFromParts(clientInfo.tenant, clientInfo.product, oidcClientId));
|
|
128
|
+
if (clientID !== (clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientID)) {
|
|
129
|
+
throw new JacksonError('Tenant/Product config mismatch with OIDC Provider metadata', 400);
|
|
130
|
+
}
|
|
131
|
+
}
|
|
132
|
+
if (oidcClientSecret && typeof oidcClientSecret === 'string') {
|
|
133
|
+
oidcProvider.clientSecret = oidcClientSecret;
|
|
134
|
+
}
|
|
135
|
+
if (oidcDiscoveryUrl && typeof oidcDiscoveryUrl === 'string') {
|
|
136
|
+
oidcProvider.discoveryUrl = oidcDiscoveryUrl;
|
|
137
|
+
const providerName = extractHostName(oidcDiscoveryUrl);
|
|
138
|
+
oidcProvider.provider = providerName ? providerName : 'Unknown';
|
|
139
|
+
// Remove previous metadata if any
|
|
140
|
+
delete oidcProvider.metadata;
|
|
141
|
+
}
|
|
142
|
+
else if (oidcMetadata && typeof oidcMetadata === 'object') {
|
|
143
|
+
// Perform a merge of new metadata with existing one
|
|
144
|
+
oidcProvider.metadata = Object.assign(Object.assign({}, oidcProvider.metadata), oidcMetadata);
|
|
145
|
+
const providerName = extractHostName(oidcMetadata.issuer);
|
|
146
|
+
oidcProvider.provider = providerName ? providerName : 'Unknown';
|
|
147
|
+
// Remove previous discoveryUrl if any
|
|
148
|
+
delete oidcProvider.discoveryUrl;
|
|
149
|
+
}
|
|
150
|
+
}
|
|
151
|
+
const record = Object.assign(Object.assign({}, _savedConnection), { name: name || name === '' ? name : _savedConnection.name, label: label || label === '' ? label : _savedConnection.label, description: description || description === '' ? description : _savedConnection.description, defaultRedirectUrl: defaultRedirectUrl ? defaultRedirectUrl : _savedConnection.defaultRedirectUrl, redirectUrl: redirectUrlList ? redirectUrlList : _savedConnection.redirectUrl, oidcProvider: oidcProvider ? oidcProvider : _savedConnection.oidcProvider });
|
|
152
|
+
if ('sortOrder' in body) {
|
|
153
|
+
record.sortOrder = parseInt(body.sortOrder);
|
|
154
|
+
}
|
|
155
|
+
if ('deactivated' in body) {
|
|
156
|
+
record['deactivated'] = body.deactivated;
|
|
157
|
+
}
|
|
158
|
+
const oryRes = yield oryController.updateConnection({
|
|
159
|
+
sdkToken: undefined,
|
|
160
|
+
projectId: (_a = _savedConnection.ory) === null || _a === void 0 ? void 0 : _a.projectId,
|
|
161
|
+
domains: (_b = _savedConnection.ory) === null || _b === void 0 ? void 0 : _b.domains,
|
|
162
|
+
organizationId: (_c = _savedConnection.ory) === null || _c === void 0 ? void 0 : _c.organizationId,
|
|
163
|
+
error: undefined,
|
|
164
|
+
}, _savedConnection.tenant, _savedConnection.product);
|
|
165
|
+
if (oryRes) {
|
|
166
|
+
record.ory = oryRes;
|
|
167
|
+
}
|
|
168
|
+
yield connectionStore.put(clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientID, record, {
|
|
169
|
+
// secondary index on tenant + product
|
|
170
|
+
name: IndexNames.TenantProduct,
|
|
171
|
+
value: dbutils.keyFromParts(_savedConnection.tenant, _savedConnection.product),
|
|
172
|
+
}, {
|
|
173
|
+
// secondary index on product
|
|
174
|
+
name: IndexNames.Product,
|
|
175
|
+
value: _savedConnection.product,
|
|
176
|
+
});
|
|
177
|
+
return record;
|
|
178
|
+
}),
|
|
179
|
+
};
|
|
180
|
+
export default oidc;
|
|
181
|
+
//# sourceMappingURL=oidc.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oidc.js","sourceRoot":"","sources":["../../../../src/controller/connection/oidc.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA,OAAO,MAAM,MAAM,QAAQ,CAAC;AAS5B,OAAO,KAAK,OAAO,MAAM,gBAAgB,CAAC;AAC1C,OAAO,EACL,eAAe,EACf,mBAAmB,EACnB,UAAU,EACV,qBAAqB,EACrB,mBAAmB,EACnB,wBAAwB,EACxB,iBAAiB,GAClB,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAGxC,MAAM,IAAI,GAAG;IACX,MAAM,EAAE,CACN,IAAuE,EACvE,eAAyB,EACzB,aAA4B,EAC5B,EAAE;;QACF,qBAAqB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAEpC,MAAM,EACJ,kBAAkB,EAClB,WAAW,EACX,MAAM,EACN,OAAO,EACP,IAAI,EACJ,KAAK,EACL,WAAW,EACX,gBAAgB,GAAG,EAAE,EACrB,YAAY,GAAG,EAAE,MAAM,EAAE,EAAE,EAAE,EAC7B,YAAY,GAAG,EAAE,EACjB,gBAAgB,GAAG,EAAE,GACtB,GAAG,IAAI,CAAC;QAET,IAAI,sBAA8B,CAAC;QAEnC,MAAM,eAAe,GAAG,mBAAmB,CAAC,WAAW,CAAC,CAAC;QAEzD,mBAAmB,CAAC,EAAE,kBAAkB,EAAE,eAAe,EAAE,CAAC,CAAC;QAE7D,wBAAwB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAE1C,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;YACxB,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACpC,CAAC;QAED,MAAM,MAAM,GAA2B;YACrC,kBAAkB;YAClB,WAAW,EAAE,eAAe;YAC5B,MAAM;YACN,OAAO;YACP,IAAI;YACJ,KAAK;YACL,WAAW;YACX,QAAQ,EAAE,EAAE;YACZ,YAAY,EAAE,EAAE;YAChB,SAAS,EAAE,QAAQ,CAAC,IAAI,CAAC,SAAgB,CAAC;SAC3C,CAAC;QAEF,wBAAwB;QACxB,MAAM,CAAC,YAAY,GAAG;YACpB,QAAQ,EAAE,YAAY;YACtB,YAAY,EAAE,gBAAgB;SACE,CAAC;QAEnC,IAAI,gBAAgB,EAAE,CAAC;YACrB,MAAM,CAAC,YAAY,CAAC,YAAY,GAAG,gBAAgB,CAAC;QACtD,CAAC;aAAM,IAAI,YAAY,CAAC,MAAM,EAAE,CAAC;YAC/B,MAAM,CAAC,YAAY,CAAC,QAAQ,GAAG,YAAY,CAAC;QAC9C,CAAC;QAED,mBAAmB;QACnB,MAAM,YAAY,GAAG,eAAe,CAAC,gBAAgB,IAAI,YAAY,CAAC,MAAM,CAAC,CAAC;QAC9E,MAAM,CAAC,YAAY,CAAC,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;QAEvE,6FAA6F;QAC7F,MAAM,CAAC,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC,OAAO,CAAC,YAAY,CAAC,MAAM,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC,CAAC;QAEzF,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC1D,MAAM,YAAY,GAAG,MAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,GAAG,0CAAE,SAAS,CAAC;QAC5C,MAAM,iBAAiB,GAAG,MAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,GAAG,0CAAE,cAAc,CAAC;QAEtD,IAAI,MAAM,EAAE,CAAC;YACX,sBAAsB,GAAG,MAAM,CAAC,YAAY,CAAC;QAC/C,CAAC;aAAM,CAAC;YACN,sBAAsB,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,CAAC,YAAY,GAAG,sBAAsB,CAAC;QAE7C,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,gBAAgB,CACjD;YACE,QAAQ,EAAE,SAAS;YACnB,SAAS,EAAE,YAAY;YACvB,OAAO,EAAE,MAAA,IAAI,CAAC,GAAG,0CAAE,OAAO;YAC1B,cAAc,EAAE,iBAAiB;YACjC,KAAK,EAAE,SAAS;SACjB,EACD,MAAM,EACN,OAAO,CACR,CAAC;QACF,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,CAAC,GAAG,GAAG,MAAM,CAAC;QACtB,CAAC;QAED,MAAM,eAAe,CAAC,GAAG,CACvB,MAAM,CAAC,QAAQ,EACf,MAAM,EACN;YACE,sCAAsC;YACtC,IAAI,EAAE,UAAU,CAAC,aAAa;YAC9B,KAAK,EAAE,OAAO,CAAC,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC;SAC7C,EACD;YACE,6BAA6B;YAC7B,IAAI,EAAE,UAAU,CAAC,OAAO;YACxB,KAAK,EAAE,OAAO;SACf,CACF,CAAC;QAEF,OAAO,MAAuB,CAAC;IACjC,CAAC,CAAA;IAED,MAAM,EAAE,CACN,IAAgC,EAChC,eAAyB,EACzB,iBAA6D,EAC7D,aAA4B,EAC5B,EAAE;;QACF,MAAM,EACJ,kBAAkB,EAClB,WAAW,EACX,IAAI,EACJ,KAAK,EACL,WAAW,EACX,gBAAgB,EAChB,YAAY,EACZ,YAAY,EACZ,gBAAgB,KAEd,IAAI,EADH,UAAU,UACX,IAAI,EAXF,6IAWL,CAAO,CAAC;QAET,IAAI,CAAC,CAAA,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,QAAQ,CAAA,EAAE,CAAC;YAC1B,MAAM,IAAI,YAAY,CAAC,yBAAyB,EAAE,GAAG,CAAC,CAAC;QACzD,CAAC;QAED,IAAI,CAAC,CAAA,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,YAAY,CAAA,EAAE,CAAC;YAC9B,MAAM,IAAI,YAAY,CAAC,6BAA6B,EAAE,GAAG,CAAC,CAAC;QAC7D,CAAC;QAED,IAAI,CAAC,CAAA,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,MAAM,CAAA,EAAE,CAAC;YACxB,MAAM,IAAI,YAAY,CAAC,uBAAuB,EAAE,GAAG,CAAC,CAAC;QACvD,CAAC;QAED,IAAI,CAAC,CAAA,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,OAAO,CAAA,EAAE,CAAC;YACzB,MAAM,IAAI,YAAY,CAAC,wBAAwB,EAAE,GAAG,CAAC,CAAC;QACxD,CAAC;QAED,IAAI,WAAW,IAAI,WAAW,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;YAC5C,MAAM,IAAI,YAAY,CAAC,8CAA8C,EAAE,GAAG,CAAC,CAAC;QAC9E,CAAC;QAED,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;YACxB,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACpC,CAAC;QAED,MAAM,eAAe,GAAG,WAAW,CAAC,CAAC,CAAC,mBAAmB,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAC9E,mBAAmB,CAAC,EAAE,kBAAkB,EAAE,eAAe,EAAE,CAAC,CAAC;QAE7D,MAAM,gBAAgB,GAAG,CAAC,MAAM,iBAAiB,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAkB,CAAC;QAEnF,IAAI,gBAAgB,CAAC,YAAY,MAAK,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,YAAY,CAAA,EAAE,CAAC;YAC/D,MAAM,IAAI,YAAY,CAAC,uBAAuB,EAAE,GAAG,CAAC,CAAC;QACvD,CAAC;QAED,IAAI,YAAY,CAAC;QACjB,IAAI,gBAAgB,IAAI,OAAO,gBAAgB,CAAC,YAAY,KAAK,QAAQ,EAAE,CAAC;YAC1E,YAAY,qBAAQ,gBAAgB,CAAC,YAAY,CAAE,CAAC;YAEpD,IAAI,YAAY,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE,CAAC;gBACrD,MAAM,QAAQ,GAAG,OAAO,CAAC,SAAS,CAChC,OAAO,CAAC,YAAY,CAAC,UAAU,CAAC,MAAM,EAAE,UAAU,CAAC,OAAO,EAAE,YAAY,CAAC,CAC1E,CAAC;gBACF,IAAI,QAAQ,MAAK,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,QAAQ,CAAA,EAAE,CAAC;oBACtC,MAAM,IAAI,YAAY,CAAC,4DAA4D,EAAE,GAAG,CAAC,CAAC;gBAC5F,CAAC;YACH,CAAC;YAED,IAAI,gBAAgB,IAAI,OAAO,gBAAgB,KAAK,QAAQ,EAAE,CAAC;gBAC7D,YAAY,CAAC,YAAY,GAAG,gBAAgB,CAAC;YAC/C,CAAC;YAED,IAAI,gBAAgB,IAAI,OAAO,gBAAgB,KAAK,QAAQ,EAAE,CAAC;gBAC7D,YAAY,CAAC,YAAY,GAAG,gBAAgB,CAAC;gBAC7C,MAAM,YAAY,GAAG,eAAe,CAAC,gBAAgB,CAAC,CAAC;gBACvD,YAAY,CAAC,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;gBAChE,kCAAkC;gBAClC,OAAO,YAAY,CAAC,QAAQ,CAAC;YAC/B,CAAC;iBAAM,IAAI,YAAY,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE,CAAC;gBAC5D,oDAAoD;gBACpD,YAAY,CAAC,QAAQ,mCAAQ,YAAY,CAAC,QAAQ,GAAK,YAAY,CAAE,CAAC;gBACtE,MAAM,YAAY,GAAG,eAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;gBAC1D,YAAY,CAAC,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;gBAChE,sCAAsC;gBACtC,OAAO,YAAY,CAAC,YAAY,CAAC;YACnC,CAAC;QACH,CAAC;QAED,MAAM,MAAM,mCACP,gBAAgB,KACnB,IAAI,EAAE,IAAI,IAAI,IAAI,KAAK,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,gBAAgB,CAAC,IAAI,EACxD,KAAK,EAAE,KAAK,IAAI,KAAK,KAAK,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,gBAAgB,CAAC,KAAK,EAC7D,WAAW,EAAE,WAAW,IAAI,WAAW,KAAK,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,gBAAgB,CAAC,WAAW,EAC3F,kBAAkB,EAAE,kBAAkB,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,gBAAgB,CAAC,kBAAkB,EACjG,WAAW,EAAE,eAAe,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,gBAAgB,CAAC,WAAW,EAC7E,YAAY,EAAE,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,gBAAgB,CAAC,YAAY,GAC1E,CAAC;QAEF,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;YACxB,MAAM,CAAC,SAAS,GAAG,QAAQ,CAAC,IAAI,CAAC,SAAgB,CAAC,CAAC;QACrD,CAAC;QAED,IAAI,aAAa,IAAI,IAAI,EAAE,CAAC;YAC1B,MAAM,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC;QAC3C,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,gBAAgB,CACjD;YACE,QAAQ,EAAE,SAAS;YACnB,SAAS,EAAE,MAAA,gBAAgB,CAAC,GAAG,0CAAE,SAAS;YAC1C,OAAO,EAAE,MAAA,gBAAgB,CAAC,GAAG,0CAAE,OAAO;YACtC,cAAc,EAAE,MAAA,gBAAgB,CAAC,GAAG,0CAAE,cAAc;YACpD,KAAK,EAAE,SAAS;SACjB,EACD,gBAAgB,CAAC,MAAM,EACvB,gBAAgB,CAAC,OAAO,CACzB,CAAC;QACF,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,CAAC,GAAG,GAAG,MAAM,CAAC;QACtB,CAAC;QAED,MAAM,eAAe,CAAC,GAAG,CACvB,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,QAAQ,EACpB,MAAM,EACN;YACE,sCAAsC;YACtC,IAAI,EAAE,UAAU,CAAC,aAAa;YAC9B,KAAK,EAAE,OAAO,CAAC,YAAY,CAAC,gBAAgB,CAAC,MAAM,EAAE,gBAAgB,CAAC,OAAO,CAAC;SAC/E,EACD;YACE,6BAA6B;YAC7B,IAAI,EAAE,UAAU,CAAC,OAAO;YACxB,KAAK,EAAE,gBAAgB,CAAC,OAAO;SAChC,CACF,CAAC;QAEF,OAAO,MAAM,CAAC;IAChB,CAAC,CAAA;CACF,CAAC;AAEF,eAAe,IAAI,CAAC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import { IConnectionAPIController, SAMLSSOConnectionWithEncodedMetadata, SAMLSSOConnectionWithRawMetadata, SAMLSSORecord, Storable, UpdateSAMLConnectionParams } from '../../typings';
|
|
2
|
+
import { OryController } from '../../ee/ory/ory';
|
|
3
|
+
declare const saml: {
|
|
4
|
+
create: (body: SAMLSSOConnectionWithRawMetadata | SAMLSSOConnectionWithEncodedMetadata, connectionStore: Storable, oryController: OryController) => Promise<SAMLSSORecord>;
|
|
5
|
+
update: (body: UpdateSAMLConnectionParams, connectionStore: Storable, connectionsGetter: IConnectionAPIController["getConnections"], oryController: OryController) => Promise<SAMLSSORecord>;
|
|
6
|
+
};
|
|
7
|
+
export default saml;
|
|
@@ -0,0 +1,250 @@
|
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
9
|
+
};
|
|
10
|
+
var __rest = (this && this.__rest) || function (s, e) {
|
|
11
|
+
var t = {};
|
|
12
|
+
for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
|
|
13
|
+
t[p] = s[p];
|
|
14
|
+
if (s != null && typeof Object.getOwnPropertySymbols === "function")
|
|
15
|
+
for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
|
|
16
|
+
if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
|
|
17
|
+
t[p[i]] = s[p[i]];
|
|
18
|
+
}
|
|
19
|
+
return t;
|
|
20
|
+
};
|
|
21
|
+
import crypto from 'crypto';
|
|
22
|
+
import saml20 from '@boxyhq/saml20';
|
|
23
|
+
import axios from 'axios';
|
|
24
|
+
import * as dbutils from '../../db/utils';
|
|
25
|
+
import { extractHostName, extractRedirectUrls, IndexNames, validateSSOConnection, validateRedirectUrl, validateTenantAndProduct, isLocalhost, validateSortOrder, } from '../utils';
|
|
26
|
+
import { JacksonError } from '../error';
|
|
27
|
+
function fetchMetadata(resource) {
|
|
28
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
29
|
+
var _a;
|
|
30
|
+
try {
|
|
31
|
+
const response = yield axios(resource, {
|
|
32
|
+
maxContentLength: 1000000,
|
|
33
|
+
maxBodyLength: 1000000,
|
|
34
|
+
timeout: 8000,
|
|
35
|
+
});
|
|
36
|
+
return response.data;
|
|
37
|
+
}
|
|
38
|
+
catch (error) {
|
|
39
|
+
throw new JacksonError("Couldn't fetch XML data", ((_a = error.response) === null || _a === void 0 ? void 0 : _a.status) || 400);
|
|
40
|
+
}
|
|
41
|
+
});
|
|
42
|
+
}
|
|
43
|
+
function validateParsedMetadata(metadata) {
|
|
44
|
+
if (metadata.loginType !== 'idp') {
|
|
45
|
+
throw new JacksonError('Please provide a metadata with IDPSSODescriptor', 400);
|
|
46
|
+
}
|
|
47
|
+
if (!metadata.entityID) {
|
|
48
|
+
throw new JacksonError("Couldn't parse EntityID from SAML metadata", 400);
|
|
49
|
+
}
|
|
50
|
+
if (!metadata.sso.redirectUrl && !metadata.sso.postUrl) {
|
|
51
|
+
throw new JacksonError("Couldn't find SAML bindings for POST/REDIRECT", 400);
|
|
52
|
+
}
|
|
53
|
+
}
|
|
54
|
+
function validateMetadataURL(metadataUrl) {
|
|
55
|
+
if (!isLocalhost(metadataUrl) && !metadataUrl.startsWith('https')) {
|
|
56
|
+
throw new JacksonError('Metadata URL not valid, allowed ones are localhost/HTTPS URLs', 400);
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
const saml = {
|
|
60
|
+
create: (body, connectionStore, oryController) => __awaiter(void 0, void 0, void 0, function* () {
|
|
61
|
+
var _a, _b, _c;
|
|
62
|
+
const { encodedRawMetadata, rawMetadata, defaultRedirectUrl, redirectUrl, tenant, product, name, label, description, metadataUrl, identifierFormat, } = body;
|
|
63
|
+
const forceAuthn = body.forceAuthn == 'true' || body.forceAuthn == true;
|
|
64
|
+
let connectionClientSecret;
|
|
65
|
+
validateSSOConnection(body, 'saml');
|
|
66
|
+
const redirectUrlList = extractRedirectUrls(redirectUrl);
|
|
67
|
+
validateRedirectUrl({ defaultRedirectUrl, redirectUrlList });
|
|
68
|
+
validateTenantAndProduct(tenant, product);
|
|
69
|
+
if ('sortOrder' in body) {
|
|
70
|
+
validateSortOrder(body.sortOrder);
|
|
71
|
+
}
|
|
72
|
+
const record = {
|
|
73
|
+
defaultRedirectUrl,
|
|
74
|
+
redirectUrl: redirectUrlList,
|
|
75
|
+
tenant,
|
|
76
|
+
product,
|
|
77
|
+
name,
|
|
78
|
+
label,
|
|
79
|
+
description,
|
|
80
|
+
clientID: '',
|
|
81
|
+
clientSecret: '',
|
|
82
|
+
forceAuthn,
|
|
83
|
+
identifierFormat,
|
|
84
|
+
metadataUrl,
|
|
85
|
+
sortOrder: parseInt(body.sortOrder),
|
|
86
|
+
};
|
|
87
|
+
let metadata = rawMetadata;
|
|
88
|
+
if (encodedRawMetadata) {
|
|
89
|
+
metadata = Buffer.from(encodedRawMetadata, 'base64').toString();
|
|
90
|
+
}
|
|
91
|
+
// eslint-disable-next-line @typescript-eslint/no-unused-expressions
|
|
92
|
+
metadataUrl && validateMetadataURL(metadataUrl);
|
|
93
|
+
metadata = metadataUrl ? yield fetchMetadata(metadataUrl) : metadata;
|
|
94
|
+
const idpMetadata = (yield saml20.parseMetadata(metadata, {}));
|
|
95
|
+
validateParsedMetadata(idpMetadata);
|
|
96
|
+
// extract provider
|
|
97
|
+
let providerName = extractHostName(idpMetadata.entityID);
|
|
98
|
+
if (!providerName) {
|
|
99
|
+
providerName = extractHostName(idpMetadata.sso.redirectUrl || idpMetadata.sso.postUrl || '');
|
|
100
|
+
}
|
|
101
|
+
idpMetadata.provider = providerName ? providerName : 'Unknown';
|
|
102
|
+
record.clientID = dbutils.keyDigest(dbutils.keyFromParts(tenant, product, idpMetadata.entityID));
|
|
103
|
+
record.idpMetadata = idpMetadata;
|
|
104
|
+
const existing = (yield connectionStore.getByIndex({
|
|
105
|
+
name: IndexNames.EntityID,
|
|
106
|
+
value: idpMetadata.entityID,
|
|
107
|
+
})).data;
|
|
108
|
+
if (existing.length > 0) {
|
|
109
|
+
for (let i = 0; i < existing.length; i++) {
|
|
110
|
+
const samlConfig = existing[i];
|
|
111
|
+
if (samlConfig.tenant !== tenant && samlConfig.product === product) {
|
|
112
|
+
throw new JacksonError('EntityID already exists for different tenant/product');
|
|
113
|
+
}
|
|
114
|
+
else if (samlConfig.tenant !== tenant && samlConfig.product !== product) {
|
|
115
|
+
throw new JacksonError('EntityID already exists for different tenant/product');
|
|
116
|
+
}
|
|
117
|
+
else {
|
|
118
|
+
continue;
|
|
119
|
+
}
|
|
120
|
+
}
|
|
121
|
+
}
|
|
122
|
+
const exists = yield connectionStore.get(record.clientID);
|
|
123
|
+
const oryProjectId = (_a = exists === null || exists === void 0 ? void 0 : exists.ory) === null || _a === void 0 ? void 0 : _a.projectId;
|
|
124
|
+
const oryOrganizationId = (_b = exists === null || exists === void 0 ? void 0 : exists.ory) === null || _b === void 0 ? void 0 : _b.organizationId;
|
|
125
|
+
if (exists) {
|
|
126
|
+
connectionClientSecret = exists.clientSecret;
|
|
127
|
+
}
|
|
128
|
+
else {
|
|
129
|
+
connectionClientSecret = crypto.randomBytes(24).toString('hex');
|
|
130
|
+
}
|
|
131
|
+
record.clientSecret = connectionClientSecret;
|
|
132
|
+
const oryRes = yield oryController.createConnection({
|
|
133
|
+
sdkToken: undefined,
|
|
134
|
+
projectId: oryProjectId,
|
|
135
|
+
domains: (_c = body.ory) === null || _c === void 0 ? void 0 : _c.domains,
|
|
136
|
+
organizationId: oryOrganizationId,
|
|
137
|
+
error: undefined,
|
|
138
|
+
}, tenant, product);
|
|
139
|
+
if (oryRes) {
|
|
140
|
+
record.ory = oryRes;
|
|
141
|
+
}
|
|
142
|
+
yield connectionStore.put(record.clientID, record, {
|
|
143
|
+
name: IndexNames.EntityID, // secondary index on entityID
|
|
144
|
+
value: idpMetadata.entityID,
|
|
145
|
+
}, {
|
|
146
|
+
// secondary index on tenant + product
|
|
147
|
+
name: IndexNames.TenantProduct,
|
|
148
|
+
value: dbutils.keyFromParts(tenant, product),
|
|
149
|
+
}, {
|
|
150
|
+
// secondary index on product
|
|
151
|
+
name: IndexNames.Product,
|
|
152
|
+
value: product,
|
|
153
|
+
});
|
|
154
|
+
return record;
|
|
155
|
+
}),
|
|
156
|
+
update: (body, connectionStore, connectionsGetter, oryController) => __awaiter(void 0, void 0, void 0, function* () {
|
|
157
|
+
var _a, _b, _c;
|
|
158
|
+
const { encodedRawMetadata, // could be empty
|
|
159
|
+
rawMetadata, // could be empty
|
|
160
|
+
defaultRedirectUrl, redirectUrl, name, label, description, forceAuthn, metadataUrl } = body, clientInfo = __rest(body, ["encodedRawMetadata", "rawMetadata", "defaultRedirectUrl", "redirectUrl", "name", "label", "description", "forceAuthn", "metadataUrl"]);
|
|
161
|
+
if (!(clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientID)) {
|
|
162
|
+
throw new JacksonError('Please provide clientID', 400);
|
|
163
|
+
}
|
|
164
|
+
if (!(clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientSecret)) {
|
|
165
|
+
throw new JacksonError('Please provide clientSecret', 400);
|
|
166
|
+
}
|
|
167
|
+
if (!(clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.tenant)) {
|
|
168
|
+
throw new JacksonError('Please provide tenant', 400);
|
|
169
|
+
}
|
|
170
|
+
if (!(clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.product)) {
|
|
171
|
+
throw new JacksonError('Please provide product', 400);
|
|
172
|
+
}
|
|
173
|
+
if (description && description.length > 100) {
|
|
174
|
+
throw new JacksonError('Description should not exceed 100 characters', 400);
|
|
175
|
+
}
|
|
176
|
+
if ('sortOrder' in body) {
|
|
177
|
+
validateSortOrder(body.sortOrder);
|
|
178
|
+
}
|
|
179
|
+
const redirectUrlList = redirectUrl ? extractRedirectUrls(redirectUrl) : null;
|
|
180
|
+
validateRedirectUrl({ defaultRedirectUrl, redirectUrlList });
|
|
181
|
+
const _savedConnection = (yield connectionsGetter(clientInfo))[0];
|
|
182
|
+
if (_savedConnection.clientSecret !== (clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientSecret)) {
|
|
183
|
+
throw new JacksonError('clientSecret mismatch', 400);
|
|
184
|
+
}
|
|
185
|
+
let metadata = rawMetadata;
|
|
186
|
+
if (encodedRawMetadata) {
|
|
187
|
+
metadata = Buffer.from(encodedRawMetadata, 'base64').toString();
|
|
188
|
+
}
|
|
189
|
+
// eslint-disable-next-line @typescript-eslint/no-unused-expressions
|
|
190
|
+
metadataUrl && validateMetadataURL(metadataUrl);
|
|
191
|
+
metadata = metadataUrl ? yield fetchMetadata(metadataUrl) : metadata;
|
|
192
|
+
let newMetadata, newMetadataUrl;
|
|
193
|
+
if (metadata) {
|
|
194
|
+
newMetadata = yield saml20.parseMetadata(metadata, {});
|
|
195
|
+
validateParsedMetadata(newMetadata);
|
|
196
|
+
// extract provider
|
|
197
|
+
let providerName = extractHostName(newMetadata.entityID);
|
|
198
|
+
if (!providerName) {
|
|
199
|
+
providerName = extractHostName(newMetadata.sso.redirectUrl || newMetadata.sso.postUrl);
|
|
200
|
+
}
|
|
201
|
+
newMetadata.provider = providerName ? providerName : 'Unknown';
|
|
202
|
+
}
|
|
203
|
+
if (newMetadata) {
|
|
204
|
+
// check if clientID matches with new metadata payload
|
|
205
|
+
const clientID = dbutils.keyDigest(dbutils.keyFromParts(clientInfo.tenant, clientInfo.product, newMetadata.entityID));
|
|
206
|
+
if (clientID !== (clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientID)) {
|
|
207
|
+
throw new JacksonError('Tenant/Product config mismatch with IdP metadata', 400);
|
|
208
|
+
}
|
|
209
|
+
if (metadataUrl) {
|
|
210
|
+
newMetadataUrl = metadataUrl;
|
|
211
|
+
}
|
|
212
|
+
}
|
|
213
|
+
const record = Object.assign(Object.assign({}, _savedConnection), { name: name || name === '' ? name : _savedConnection.name, label: label || label === '' ? label : _savedConnection.label, description: description || description === '' ? description : _savedConnection.description, idpMetadata: newMetadata ? newMetadata : _savedConnection.idpMetadata, metadataUrl: newMetadata ? newMetadataUrl : _savedConnection.metadataUrl, defaultRedirectUrl: defaultRedirectUrl ? defaultRedirectUrl : _savedConnection.defaultRedirectUrl, redirectUrl: redirectUrlList ? redirectUrlList : _savedConnection.redirectUrl, forceAuthn: typeof forceAuthn === 'boolean' ? forceAuthn : _savedConnection.forceAuthn });
|
|
214
|
+
if ('sortOrder' in body) {
|
|
215
|
+
record.sortOrder = parseInt(body.sortOrder);
|
|
216
|
+
}
|
|
217
|
+
if ('deactivated' in body) {
|
|
218
|
+
record['deactivated'] = body.deactivated;
|
|
219
|
+
}
|
|
220
|
+
if ('identifierFormat' in body) {
|
|
221
|
+
record['identifierFormat'] = body.identifierFormat;
|
|
222
|
+
}
|
|
223
|
+
const oryRes = yield oryController.updateConnection({
|
|
224
|
+
sdkToken: undefined,
|
|
225
|
+
projectId: (_a = _savedConnection.ory) === null || _a === void 0 ? void 0 : _a.projectId,
|
|
226
|
+
domains: (_b = _savedConnection.ory) === null || _b === void 0 ? void 0 : _b.domains,
|
|
227
|
+
organizationId: (_c = _savedConnection.ory) === null || _c === void 0 ? void 0 : _c.organizationId,
|
|
228
|
+
error: undefined,
|
|
229
|
+
}, _savedConnection.tenant, _savedConnection.product);
|
|
230
|
+
if (oryRes) {
|
|
231
|
+
record.ory = oryRes;
|
|
232
|
+
}
|
|
233
|
+
yield connectionStore.put(clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientID, record, {
|
|
234
|
+
// secondary index on entityID
|
|
235
|
+
name: IndexNames.EntityID,
|
|
236
|
+
value: _savedConnection.idpMetadata.entityID,
|
|
237
|
+
}, {
|
|
238
|
+
// secondary index on tenant + product
|
|
239
|
+
name: IndexNames.TenantProduct,
|
|
240
|
+
value: dbutils.keyFromParts(_savedConnection.tenant, _savedConnection.product),
|
|
241
|
+
}, {
|
|
242
|
+
// secondary index on product
|
|
243
|
+
name: IndexNames.Product,
|
|
244
|
+
value: _savedConnection.product,
|
|
245
|
+
});
|
|
246
|
+
return record;
|
|
247
|
+
}),
|
|
248
|
+
};
|
|
249
|
+
export default saml;
|
|
250
|
+
//# sourceMappingURL=saml.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"saml.js","sourceRoot":"","sources":["../../../../src/controller/connection/saml.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,MAAM,MAAM,gBAAgB,CAAC;AACpC,OAAO,KAAK,MAAM,OAAO,CAAC;AAU1B,OAAO,KAAK,OAAO,MAAM,gBAAgB,CAAC;AAC1C,OAAO,EACL,eAAe,EACf,mBAAmB,EACnB,UAAU,EACV,qBAAqB,EACrB,mBAAmB,EACnB,wBAAwB,EACxB,WAAW,EACX,iBAAiB,GAClB,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAGxC,SAAe,aAAa,CAAC,QAAgB;;;QAC3C,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,QAAQ,EAAE;gBACrC,gBAAgB,EAAE,OAAO;gBACzB,aAAa,EAAE,OAAO;gBACtB,OAAO,EAAE,IAAI;aACd,CAAC,CAAC;YACH,OAAO,QAAQ,CAAC,IAAI,CAAC;QACvB,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,MAAM,IAAI,YAAY,CAAC,yBAAyB,EAAE,CAAA,MAAA,KAAK,CAAC,QAAQ,0CAAE,MAAM,KAAI,GAAG,CAAC,CAAC;QACnF,CAAC;IACH,CAAC;CAAA;AAED,SAAS,sBAAsB,CAAC,QAAsC;IACpE,IAAI,QAAQ,CAAC,SAAS,KAAK,KAAK,EAAE,CAAC;QACjC,MAAM,IAAI,YAAY,CAAC,iDAAiD,EAAE,GAAG,CAAC,CAAC;IACjF,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;QACvB,MAAM,IAAI,YAAY,CAAC,4CAA4C,EAAE,GAAG,CAAC,CAAC;IAC5E,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,WAAW,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;QACvD,MAAM,IAAI,YAAY,CAAC,+CAA+C,EAAE,GAAG,CAAC,CAAC;IAC/E,CAAC;AACH,CAAC;AAED,SAAS,mBAAmB,CAAC,WAAmB;IAC9C,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAClE,MAAM,IAAI,YAAY,CAAC,+DAA+D,EAAE,GAAG,CAAC,CAAC;IAC/F,CAAC;AACH,CAAC;AAED,MAAM,IAAI,GAAG;IACX,MAAM,EAAE,CACN,IAA6E,EAC7E,eAAyB,EACzB,aAA4B,EAC5B,EAAE;;QACF,MAAM,EACJ,kBAAkB,EAClB,WAAW,EACX,kBAAkB,EAClB,WAAW,EACX,MAAM,EACN,OAAO,EACP,IAAI,EACJ,KAAK,EACL,WAAW,EACX,WAAW,EACX,gBAAgB,GACjB,GAAG,IAAI,CAAC;QACT,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,IAAI,MAAM,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC;QAExE,IAAI,sBAA8B,CAAC;QAEnC,qBAAqB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAEpC,MAAM,eAAe,GAAG,mBAAmB,CAAC,WAAW,CAAC,CAAC;QAEzD,mBAAmB,CAAC,EAAE,kBAAkB,EAAE,eAAe,EAAE,CAAC,CAAC;QAE7D,wBAAwB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAE1C,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;YACxB,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACpC,CAAC;QAED,MAAM,MAAM,GAA2B;YACrC,kBAAkB;YAClB,WAAW,EAAE,eAAe;YAC5B,MAAM;YACN,OAAO;YACP,IAAI;YACJ,KAAK;YACL,WAAW;YACX,QAAQ,EAAE,EAAE;YACZ,YAAY,EAAE,EAAE;YAChB,UAAU;YACV,gBAAgB;YAChB,WAAW;YACX,SAAS,EAAE,QAAQ,CAAC,IAAI,CAAC,SAAgB,CAAC;SAC3C,CAAC;QAEF,IAAI,QAAQ,GAAG,WAAqB,CAAC;QACrC,IAAI,kBAAkB,EAAE,CAAC;YACvB,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,kBAAkB,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC;QAClE,CAAC;QAED,oEAAoE;QACpE,WAAW,IAAI,mBAAmB,CAAC,WAAW,CAAC,CAAC;QAEhD,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,MAAM,aAAa,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;QAErE,MAAM,WAAW,GAAG,CAAC,MAAM,MAAM,CAAC,aAAa,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAiC,CAAC;QAE/F,sBAAsB,CAAC,WAAW,CAAC,CAAC;QAEpC,mBAAmB;QACnB,IAAI,YAAY,GAAG,eAAe,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;QACzD,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,YAAY,GAAG,eAAe,CAAC,WAAW,CAAC,GAAG,CAAC,WAAW,IAAI,WAAW,CAAC,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;QAC/F,CAAC;QAED,WAAW,CAAC,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;QAE/D,MAAM,CAAC,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC,OAAO,CAAC,YAAY,CAAC,MAAM,EAAE,OAAO,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC;QAEjG,MAAM,CAAC,WAAW,GAAG,WAAW,CAAC;QAEjC,MAAM,QAAQ,GAAG,CACf,MAAM,eAAe,CAAC,UAAU,CAAC;YAC/B,IAAI,EAAE,UAAU,CAAC,QAAQ;YACzB,KAAK,EAAE,WAAW,CAAC,QAAQ;SAC5B,CAAC,CACH,CAAC,IAAI,CAAC;QAEP,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACzC,MAAM,UAAU,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;gBAC/B,IAAI,UAAU,CAAC,MAAM,KAAK,MAAM,IAAI,UAAU,CAAC,OAAO,KAAK,OAAO,EAAE,CAAC;oBACnE,MAAM,IAAI,YAAY,CAAC,sDAAsD,CAAC,CAAC;gBACjF,CAAC;qBAAM,IAAI,UAAU,CAAC,MAAM,KAAK,MAAM,IAAI,UAAU,CAAC,OAAO,KAAK,OAAO,EAAE,CAAC;oBAC1E,MAAM,IAAI,YAAY,CAAC,sDAAsD,CAAC,CAAC;gBACjF,CAAC;qBAAM,CAAC;oBACN,SAAS;gBACX,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC1D,MAAM,YAAY,GAAG,MAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,GAAG,0CAAE,SAAS,CAAC;QAC5C,MAAM,iBAAiB,GAAG,MAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,GAAG,0CAAE,cAAc,CAAC;QAEtD,IAAI,MAAM,EAAE,CAAC;YACX,sBAAsB,GAAG,MAAM,CAAC,YAAY,CAAC;QAC/C,CAAC;aAAM,CAAC;YACN,sBAAsB,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,CAAC,YAAY,GAAG,sBAAsB,CAAC;QAE7C,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,gBAAgB,CACjD;YACE,QAAQ,EAAE,SAAS;YACnB,SAAS,EAAE,YAAY;YACvB,OAAO,EAAE,MAAA,IAAI,CAAC,GAAG,0CAAE,OAAO;YAC1B,cAAc,EAAE,iBAAiB;YACjC,KAAK,EAAE,SAAS;SACjB,EACD,MAAM,EACN,OAAO,CACR,CAAC;QACF,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,CAAC,GAAG,GAAG,MAAM,CAAC;QACtB,CAAC;QAED,MAAM,eAAe,CAAC,GAAG,CACvB,MAAM,CAAC,QAAQ,EACf,MAAM,EACN;YACE,IAAI,EAAE,UAAU,CAAC,QAAQ,EAAE,8BAA8B;YACzD,KAAK,EAAE,WAAW,CAAC,QAAQ;SAC5B,EACD;YACE,sCAAsC;YACtC,IAAI,EAAE,UAAU,CAAC,aAAa;YAC9B,KAAK,EAAE,OAAO,CAAC,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC;SAC7C,EACD;YACE,6BAA6B;YAC7B,IAAI,EAAE,UAAU,CAAC,OAAO;YACxB,KAAK,EAAE,OAAO;SACf,CACF,CAAC;QAEF,OAAO,MAAuB,CAAC;IACjC,CAAC,CAAA;IAED,MAAM,EAAE,CACN,IAAgC,EAChC,eAAyB,EACzB,iBAA6D,EAC7D,aAA4B,EAC5B,EAAE;;QACF,MAAM,EACJ,kBAAkB,EAAE,iBAAiB;QACrC,WAAW,EAAE,iBAAiB;QAC9B,kBAAkB,EAClB,WAAW,EACX,IAAI,EACJ,KAAK,EACL,WAAW,EACX,UAAU,EACV,WAAW,KAET,IAAI,EADH,UAAU,UACX,IAAI,EAXF,uIAWL,CAAO,CAAC;QAET,IAAI,CAAC,CAAA,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,QAAQ,CAAA,EAAE,CAAC;YAC1B,MAAM,IAAI,YAAY,CAAC,yBAAyB,EAAE,GAAG,CAAC,CAAC;QACzD,CAAC;QAED,IAAI,CAAC,CAAA,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,YAAY,CAAA,EAAE,CAAC;YAC9B,MAAM,IAAI,YAAY,CAAC,6BAA6B,EAAE,GAAG,CAAC,CAAC;QAC7D,CAAC;QAED,IAAI,CAAC,CAAA,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,MAAM,CAAA,EAAE,CAAC;YACxB,MAAM,IAAI,YAAY,CAAC,uBAAuB,EAAE,GAAG,CAAC,CAAC;QACvD,CAAC;QAED,IAAI,CAAC,CAAA,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,OAAO,CAAA,EAAE,CAAC;YACzB,MAAM,IAAI,YAAY,CAAC,wBAAwB,EAAE,GAAG,CAAC,CAAC;QACxD,CAAC;QAED,IAAI,WAAW,IAAI,WAAW,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;YAC5C,MAAM,IAAI,YAAY,CAAC,8CAA8C,EAAE,GAAG,CAAC,CAAC;QAC9E,CAAC;QAED,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;YACxB,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACpC,CAAC;QAED,MAAM,eAAe,GAAG,WAAW,CAAC,CAAC,CAAC,mBAAmB,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAC9E,mBAAmB,CAAC,EAAE,kBAAkB,EAAE,eAAe,EAAE,CAAC,CAAC;QAE7D,MAAM,gBAAgB,GAAG,CAAC,MAAM,iBAAiB,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAkB,CAAC;QAEnF,IAAI,gBAAgB,CAAC,YAAY,MAAK,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,YAAY,CAAA,EAAE,CAAC;YAC/D,MAAM,IAAI,YAAY,CAAC,uBAAuB,EAAE,GAAG,CAAC,CAAC;QACvD,CAAC;QAED,IAAI,QAAQ,GAAG,WAAW,CAAC;QAC3B,IAAI,kBAAkB,EAAE,CAAC;YACvB,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,kBAAkB,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC;QAClE,CAAC;QAED,oEAAoE;QACpE,WAAW,IAAI,mBAAmB,CAAC,WAAW,CAAC,CAAC;QAEhD,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,MAAM,aAAa,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;QAErE,IAAI,WAAW,EAAE,cAAc,CAAC;QAChC,IAAI,QAAQ,EAAE,CAAC;YACb,WAAW,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;YAEvD,sBAAsB,CAAC,WAAW,CAAC,CAAC;YAEpC,mBAAmB;YACnB,IAAI,YAAY,GAAG,eAAe,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;YACzD,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,YAAY,GAAG,eAAe,CAAC,WAAW,CAAC,GAAG,CAAC,WAAW,IAAI,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YACzF,CAAC;YAED,WAAW,CAAC,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;QACjE,CAAC;QAED,IAAI,WAAW,EAAE,CAAC;YAChB,sDAAsD;YACtD,MAAM,QAAQ,GAAG,OAAO,CAAC,SAAS,CAChC,OAAO,CAAC,YAAY,CAAC,UAAU,CAAC,MAAM,EAAE,UAAU,CAAC,OAAO,EAAE,WAAW,CAAC,QAAQ,CAAC,CAClF,CAAC;YAEF,IAAI,QAAQ,MAAK,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,QAAQ,CAAA,EAAE,CAAC;gBACtC,MAAM,IAAI,YAAY,CAAC,kDAAkD,EAAE,GAAG,CAAC,CAAC;YAClF,CAAC;YAED,IAAI,WAAW,EAAE,CAAC;gBAChB,cAAc,GAAG,WAAW,CAAC;YAC/B,CAAC;QACH,CAAC;QAED,MAAM,MAAM,mCACP,gBAAgB,KACnB,IAAI,EAAE,IAAI,IAAI,IAAI,KAAK,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,gBAAgB,CAAC,IAAI,EACxD,KAAK,EAAE,KAAK,IAAI,KAAK,KAAK,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,gBAAgB,CAAC,KAAK,EAC7D,WAAW,EAAE,WAAW,IAAI,WAAW,KAAK,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,gBAAgB,CAAC,WAAW,EAC3F,WAAW,EAAE,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,gBAAgB,CAAC,WAAW,EACrE,WAAW,EAAE,WAAW,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,gBAAgB,CAAC,WAAW,EACxE,kBAAkB,EAAE,kBAAkB,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,gBAAgB,CAAC,kBAAkB,EACjG,WAAW,EAAE,eAAe,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,gBAAgB,CAAC,WAAW,EAC7E,UAAU,EAAE,OAAO,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,gBAAgB,CAAC,UAAU,GACvF,CAAC;QAEF,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;YACxB,MAAM,CAAC,SAAS,GAAG,QAAQ,CAAC,IAAI,CAAC,SAAgB,CAAC,CAAC;QACrD,CAAC;QAED,IAAI,aAAa,IAAI,IAAI,EAAE,CAAC;YAC1B,MAAM,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC;QAC3C,CAAC;QAED,IAAI,kBAAkB,IAAI,IAAI,EAAE,CAAC;YAC/B,MAAM,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAAC,gBAAgB,CAAC;QACrD,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,gBAAgB,CACjD;YACE,QAAQ,EAAE,SAAS;YACnB,SAAS,EAAE,MAAA,gBAAgB,CAAC,GAAG,0CAAE,SAAS;YAC1C,OAAO,EAAE,MAAA,gBAAgB,CAAC,GAAG,0CAAE,OAAO;YACtC,cAAc,EAAE,MAAA,gBAAgB,CAAC,GAAG,0CAAE,cAAc;YACpD,KAAK,EAAE,SAAS;SACjB,EACD,gBAAgB,CAAC,MAAM,EACvB,gBAAgB,CAAC,OAAO,CACzB,CAAC;QACF,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,CAAC,GAAG,GAAG,MAAM,CAAC;QACtB,CAAC;QAED,MAAM,eAAe,CAAC,GAAG,CACvB,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,QAAQ,EACpB,MAAM,EACN;YACE,8BAA8B;YAC9B,IAAI,EAAE,UAAU,CAAC,QAAQ;YACzB,KAAK,EAAE,gBAAgB,CAAC,WAAW,CAAC,QAAQ;SAC7C,EACD;YACE,sCAAsC;YACtC,IAAI,EAAE,UAAU,CAAC,aAAa;YAC9B,KAAK,EAAE,OAAO,CAAC,YAAY,CAAC,gBAAgB,CAAC,MAAM,EAAE,gBAAgB,CAAC,OAAO,CAAC;SAC/E,EACD;YACE,6BAA6B;YAC7B,IAAI,EAAE,UAAU,CAAC,OAAO;YACxB,KAAK,EAAE,gBAAgB,CAAC,OAAO;SAChC,CACF,CAAC;QAEF,OAAO,MAAM,CAAC;IAChB,CAAC,CAAA;CACF,CAAC;AAEF,eAAe,IAAI,CAAC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import { ApiError } from '../typings';
|
|
2
|
+
export declare class JacksonError extends Error {
|
|
3
|
+
name: string;
|
|
4
|
+
statusCode: number;
|
|
5
|
+
constructor(message: string, statusCode?: number);
|
|
6
|
+
}
|
|
7
|
+
export declare const apiError: (err: any) => {
|
|
8
|
+
data: null;
|
|
9
|
+
error: ApiError;
|
|
10
|
+
};
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
export class JacksonError extends Error {
|
|
2
|
+
constructor(message, statusCode = 500) {
|
|
3
|
+
super(message);
|
|
4
|
+
this.name = this.constructor.name;
|
|
5
|
+
this.statusCode = statusCode;
|
|
6
|
+
Error.captureStackTrace(this, this.constructor);
|
|
7
|
+
}
|
|
8
|
+
}
|
|
9
|
+
export const apiError = (err) => {
|
|
10
|
+
const { message, statusCode = 500 } = err;
|
|
11
|
+
return { data: null, error: { message, code: statusCode } };
|
|
12
|
+
};
|
|
13
|
+
//# sourceMappingURL=error.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"error.js","sourceRoot":"","sources":["../../../src/controller/error.ts"],"names":[],"mappings":"AAEA,MAAM,OAAO,YAAa,SAAQ,KAAK;IAIrC,YAAY,OAAe,EAAE,UAAU,GAAG,GAAG;QAC3C,KAAK,CAAC,OAAO,CAAC,CAAC;QAEf,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC;QAClC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAE7B,KAAK,CAAC,iBAAiB,CAAC,IAAI,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;IAClD,CAAC;CACF;AAED,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,GAAQ,EAAE,EAAE;IACnC,MAAM,EAAE,OAAO,EAAE,UAAU,GAAG,GAAG,EAAE,GAAG,GAAG,CAAC;IAE1C,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAc,EAAE,CAAC;AAC1E,CAAC,CAAC"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { IHealthCheckController, Storable } from '../typings';
|
|
2
|
+
export declare class HealthCheckController implements IHealthCheckController {
|
|
3
|
+
healthCheckStore: Storable;
|
|
4
|
+
constructor({ healthCheckStore }: {
|
|
5
|
+
healthCheckStore: any;
|
|
6
|
+
});
|
|
7
|
+
init(): Promise<void>;
|
|
8
|
+
status(): Promise<{
|
|
9
|
+
status: number;
|
|
10
|
+
}>;
|
|
11
|
+
}
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
9
|
+
};
|
|
10
|
+
import { JacksonError } from './error';
|
|
11
|
+
const healthKey = 'amihealthy';
|
|
12
|
+
const healthValue = 'fit';
|
|
13
|
+
const g = global;
|
|
14
|
+
export class HealthCheckController {
|
|
15
|
+
constructor({ healthCheckStore }) {
|
|
16
|
+
this.healthCheckStore = healthCheckStore;
|
|
17
|
+
}
|
|
18
|
+
init() {
|
|
19
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
20
|
+
this.healthCheckStore.put(healthKey, healthValue);
|
|
21
|
+
});
|
|
22
|
+
}
|
|
23
|
+
status() {
|
|
24
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
25
|
+
try {
|
|
26
|
+
if (!g.jacksonInstance) {
|
|
27
|
+
return {
|
|
28
|
+
status: 503,
|
|
29
|
+
};
|
|
30
|
+
}
|
|
31
|
+
const response = yield Promise.race([
|
|
32
|
+
this.healthCheckStore.get(healthKey),
|
|
33
|
+
new Promise((_, reject) => setTimeout(() => reject(new Error('timeout')), 1000)),
|
|
34
|
+
]);
|
|
35
|
+
if (response === healthValue) {
|
|
36
|
+
return {
|
|
37
|
+
status: 200,
|
|
38
|
+
};
|
|
39
|
+
}
|
|
40
|
+
return {
|
|
41
|
+
status: 503,
|
|
42
|
+
};
|
|
43
|
+
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
|
44
|
+
}
|
|
45
|
+
catch (err) {
|
|
46
|
+
throw new JacksonError('Service not available', 503);
|
|
47
|
+
}
|
|
48
|
+
});
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
//# sourceMappingURL=health-check.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"health-check.js","sourceRoot":"","sources":["../../../src/controller/health-check.ts"],"names":[],"mappings":";;;;;;;;;AACA,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,MAAM,SAAS,GAAG,YAAY,CAAC;AAC/B,MAAM,WAAW,GAAG,KAAK,CAAC;AAE1B,MAAM,CAAC,GAAG,MAAa,CAAC;AAExB,MAAM,OAAO,qBAAqB;IAGhC,YAAY,EAAE,gBAAgB,EAAE;QAC9B,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;IAC3C,CAAC;IAEY,IAAI;;YACf,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;QACpD,CAAC;KAAA;IAEY,MAAM;;YAGjB,IAAI,CAAC;gBACH,IAAI,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC;oBACvB,OAAO;wBACL,MAAM,EAAE,GAAG;qBACZ,CAAC;gBACJ,CAAC;gBACD,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC;oBAClC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,SAAS,CAAC;oBACpC,IAAI,OAAO,CAAM,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;iBACtF,CAAC,CAAC;gBAEH,IAAI,QAAQ,KAAK,WAAW,EAAE,CAAC;oBAC7B,OAAO;wBACL,MAAM,EAAE,GAAG;qBACZ,CAAC;gBACJ,CAAC;gBAED,OAAO;oBACL,MAAM,EAAE,GAAG;iBACZ,CAAC;gBACF,6DAA6D;YAC/D,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,YAAY,CAAC,uBAAuB,EAAE,GAAG,CAAC,CAAC;YACvD,CAAC;QACH,CAAC;KAAA;CACF"}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
import { SAMLResponsePayload, SLORequestParams } from '../typings';
|
|
2
|
+
export declare class LogoutController {
|
|
3
|
+
private connectionStore;
|
|
4
|
+
private sessionStore;
|
|
5
|
+
private opts;
|
|
6
|
+
constructor({ connectionStore, sessionStore, opts }: {
|
|
7
|
+
connectionStore: any;
|
|
8
|
+
sessionStore: any;
|
|
9
|
+
opts: any;
|
|
10
|
+
});
|
|
11
|
+
createRequest({ nameId, tenant, product, redirectUrl }: SLORequestParams): Promise<{
|
|
12
|
+
logoutUrl: string | null;
|
|
13
|
+
logoutForm: string | null;
|
|
14
|
+
}>;
|
|
15
|
+
handleResponse({ SAMLResponse, RelayState }: SAMLResponsePayload): Promise<{
|
|
16
|
+
redirectUrl: any;
|
|
17
|
+
}>;
|
|
18
|
+
}
|