@boxyhq/saml-jackson 1.4.0 → 1.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/controller/analytics.d.ts +12 -0
- package/dist/controller/analytics.js +66 -0
- package/dist/controller/analytics.js.map +1 -0
- package/dist/controller/api.js +12 -1
- package/dist/controller/api.js.map +1 -1
- package/dist/controller/oauth.d.ts +3 -2
- package/dist/controller/oauth.js +132 -280
- package/dist/controller/oauth.js.map +1 -1
- package/dist/controller/saml-handler.d.ts +38 -0
- package/dist/controller/saml-handler.js +166 -0
- package/dist/controller/saml-handler.js.map +1 -0
- package/dist/controller/setup-link.d.ts +7 -7
- package/dist/controller/setup-link.js +45 -64
- package/dist/controller/setup-link.js.map +1 -1
- package/dist/controller/utils.d.ts +13 -1
- package/dist/controller/utils.js +45 -3
- package/dist/controller/utils.js.map +1 -1
- package/dist/db/mem.js +6 -2
- package/dist/db/mem.js.map +1 -1
- package/dist/db/utils.js +0 -1
- package/dist/db/utils.js.map +1 -1
- package/dist/directory-sync/Base.js +2 -2
- package/dist/directory-sync/Base.js.map +1 -1
- package/dist/directory-sync/WebhookEventsLogger.d.ts +4 -1
- package/dist/directory-sync/WebhookEventsLogger.js +3 -3
- package/dist/directory-sync/WebhookEventsLogger.js.map +1 -1
- package/dist/ee/common/checkLicense.d.ts +2 -0
- package/dist/ee/common/checkLicense.js +19 -0
- package/dist/ee/common/checkLicense.js.map +1 -0
- package/dist/ee/federated-saml/app.d.ts +19 -0
- package/dist/ee/federated-saml/app.js +126 -0
- package/dist/ee/federated-saml/app.js.map +1 -0
- package/dist/ee/federated-saml/index.d.ts +12 -0
- package/dist/ee/federated-saml/index.js +56 -0
- package/dist/ee/federated-saml/index.js.map +1 -0
- package/dist/ee/federated-saml/sso.d.ts +17 -0
- package/dist/ee/federated-saml/sso.js +76 -0
- package/dist/ee/federated-saml/sso.js.map +1 -0
- package/dist/ee/federated-saml/types.d.ts +18 -0
- package/dist/ee/federated-saml/types.js +3 -0
- package/dist/ee/federated-saml/types.js.map +1 -0
- package/dist/index.d.ts +7 -0
- package/dist/index.js +18 -2
- package/dist/index.js.map +1 -1
- package/dist/saml/lib.d.ts +31 -0
- package/dist/saml/lib.js +217 -0
- package/dist/saml/lib.js.map +1 -0
- package/dist/typings.d.ts +18 -19
- package/dist/typings.js +15 -0
- package/dist/typings.js.map +1 -1
- package/package.json +14 -13
package/dist/index.js
CHANGED
|
@@ -52,7 +52,10 @@ const directory_sync_1 = __importDefault(require("./directory-sync"));
|
|
|
52
52
|
const oidc_discovery_1 = require("./controller/oidc-discovery");
|
|
53
53
|
const sp_config_1 = require("./controller/sp-config");
|
|
54
54
|
const setup_link_1 = require("./controller/setup-link");
|
|
55
|
+
const analytics_1 = require("./controller/analytics");
|
|
55
56
|
const x509 = __importStar(require("./saml/x509"));
|
|
57
|
+
const federated_saml_1 = __importDefault(require("./ee/federated-saml"));
|
|
58
|
+
const checkLicense_1 = __importDefault(require("./ee/common/checkLicense"));
|
|
56
59
|
const defaultOpts = (opts) => {
|
|
57
60
|
const newOpts = Object.assign({}, opts);
|
|
58
61
|
if (!newOpts.externalUrl) {
|
|
@@ -72,6 +75,7 @@ const defaultOpts = (opts) => {
|
|
|
72
75
|
newOpts.db.pageLimit = newOpts.db.pageLimit || 50;
|
|
73
76
|
newOpts.openid = newOpts.openid || {};
|
|
74
77
|
newOpts.openid.jwsAlg = newOpts.openid.jwsAlg || 'RS256';
|
|
78
|
+
newOpts.boxyhqLicenseKey = newOpts.boxyhqLicenseKey || undefined;
|
|
75
79
|
return newOpts;
|
|
76
80
|
};
|
|
77
81
|
const controllers = (opts) => __awaiter(void 0, void 0, void 0, function* () {
|
|
@@ -88,8 +92,14 @@ const controllers = (opts) => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
88
92
|
const connectionAPIController = new api_1.ConnectionAPIController({ connectionStore, opts });
|
|
89
93
|
const adminController = new admin_1.AdminController({ connectionStore });
|
|
90
94
|
const healthCheckController = new health_check_1.HealthCheckController({ healthCheckStore });
|
|
91
|
-
const setupLinkController = new setup_link_1.SetupLinkController({ setupLinkStore });
|
|
92
95
|
yield healthCheckController.init();
|
|
96
|
+
const setupLinkController = new setup_link_1.SetupLinkController({ setupLinkStore });
|
|
97
|
+
if (!opts.noAnalytics) {
|
|
98
|
+
console.info('Anonymous analytics enabled. You can disable this by setting the DO_NOT_TRACK=1 or BOXYHQ_NO_ANALYTICS=1 environment variables');
|
|
99
|
+
const analyticsStore = db.store('_analytics:events');
|
|
100
|
+
const analyticsController = new analytics_1.AnalyticsController({ analyticsStore });
|
|
101
|
+
yield analyticsController.init();
|
|
102
|
+
}
|
|
93
103
|
// Create default certificate if it doesn't exist.
|
|
94
104
|
yield x509.init(certificateStore, opts);
|
|
95
105
|
const oauthController = new oauth_1.OAuthController({
|
|
@@ -104,9 +114,10 @@ const controllers = (opts) => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
104
114
|
sessionStore,
|
|
105
115
|
opts,
|
|
106
116
|
});
|
|
107
|
-
const directorySyncController = yield (0, directory_sync_1.default)({ db, opts });
|
|
108
117
|
const oidcDiscoveryController = new oidc_discovery_1.OidcDiscoveryController({ opts });
|
|
109
118
|
const spConfig = new sp_config_1.SPSAMLConfig(opts);
|
|
119
|
+
const directorySyncController = yield (0, directory_sync_1.default)({ db, opts });
|
|
120
|
+
const samlFederatedController = yield (0, federated_saml_1.default)({ db, opts });
|
|
110
121
|
// write pre-loaded connections if present
|
|
111
122
|
const preLoadedConnection = opts.preLoadedConnection || opts.preLoadedConfig;
|
|
112
123
|
if (preLoadedConnection && preLoadedConnection.length > 0) {
|
|
@@ -134,9 +145,14 @@ const controllers = (opts) => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
134
145
|
setupLinkController,
|
|
135
146
|
directorySyncController,
|
|
136
147
|
oidcDiscoveryController,
|
|
148
|
+
samlFederatedController,
|
|
149
|
+
checkLicense: () => {
|
|
150
|
+
return (0, checkLicense_1.default)(opts.boxyhqLicenseKey);
|
|
151
|
+
},
|
|
137
152
|
};
|
|
138
153
|
});
|
|
139
154
|
exports.controllers = controllers;
|
|
140
155
|
exports.default = exports.controllers;
|
|
141
156
|
__exportStar(require("./typings"), exports);
|
|
157
|
+
__exportStar(require("./ee/federated-saml/types"), exports);
|
|
142
158
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,iDAAyB;AACzB,+DAAuC;AACvC,sEAA8C;AAC9C,qDAA8D;AAC9D,8CAAqD;AACrD,0CAA2D;AAC3D,8CAAqD;AACrD,4DAAkE;AAClE,gDAAuD;AACvD,sEAAiD;AACjD,gEAAsE;AACtE,sDAAsD;AACtD,wDAA8D;AAC9D,sDAA6D;AAC7D,kDAAoC;AACpC,yEAAwF;AACxF,4EAAoD;AAEpD,MAAM,WAAW,GAAG,CAAC,IAAmB,EAAiB,EAAE;IACzD,MAAM,OAAO,qBACR,IAAI,CACR,CAAC;IAEF,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE;QACxB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;KAC5C;IAED,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE;QACrB,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;KACzC;IAED,OAAO,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,gBAAgB,CAAC;IAExD,OAAO,CAAC,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,yBAAyB,CAAC;IACzE,oMAAoM;IACpM,OAAO,CAAC,mBAAmB,GAAG,OAAO,CAAC,mBAAmB,IAAI,EAAE,CAAC;IAChE,OAAO,CAAC,eAAe,GAAG,OAAO,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC,8BAA8B;IAEvF,OAAO,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,KAAK,IAAI,CAAC;IACjD,IAAA,mBAAS,EAAC,OAAO,CAAC,CAAC;IAEnB,OAAO,CAAC,oBAAoB,GAAG,OAAO,CAAC,oBAAoB,IAAI,OAAO,CAAC;IACvE,OAAO,CAAC,EAAE,CAAC,SAAS,GAAG,OAAO,CAAC,EAAE,CAAC,SAAS,IAAI,EAAE,CAAC;IAElD,OAAO,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC;IACtC,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,IAAI,OAAO,CAAC;IAEzD,OAAO,CAAC,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,IAAI,SAAS,CAAC;IAEjE,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AAEK,MAAM,WAAW,GAAG,CACzB,IAAmB,EAclB,EAAE;IACH,IAAI,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;IAEzB,IAAA,cAAW,GAAE,CAAC;IAEd,MAAM,EAAE,GAAG,MAAM,YAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEjC,MAAM,eAAe,GAAG,EAAE,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;IAChD,MAAM,YAAY,GAAG,EAAE,CAAC,KAAK,CAAC,eAAe,EAAE,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;IAC5D,MAAM,SAAS,GAAG,EAAE,CAAC,KAAK,CAAC,YAAY,EAAE,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;IACtD,MAAM,UAAU,GAAG,EAAE,CAAC,KAAK,CAAC,aAAa,EAAE,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,EAAE,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;IACnD,MAAM,cAAc,GAAG,EAAE,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;IAC9C,MAAM,gBAAgB,GAAG,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;IAEvD,MAAM,uBAAuB,GAAG,IAAI,6BAAuB,CAAC,EAAE,eAAe,EAAE,IAAI,EAAE,CAAC,CAAC;IACvF,MAAM,eAAe,GAAG,IAAI,uBAAe,CAAC,EAAE,eAAe,EAAE,CAAC,CAAC;IACjE,MAAM,qBAAqB,GAAG,IAAI,oCAAqB,CAAC,EAAE,gBAAgB,EAAE,CAAC,CAAC;IAC9E,MAAM,qBAAqB,CAAC,IAAI,EAAE,CAAC;IACnC,MAAM,mBAAmB,GAAG,IAAI,gCAAmB,CAAC,EAAE,cAAc,EAAE,CAAC,CAAC;IAExE,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE;QACrB,OAAO,CAAC,IAAI,CACV,gIAAgI,CACjI,CAAC;QACF,MAAM,cAAc,GAAG,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;QACrD,MAAM,mBAAmB,GAAG,IAAI,+BAAmB,CAAC,EAAE,cAAc,EAAE,CAAC,CAAC;QACxE,MAAM,mBAAmB,CAAC,IAAI,EAAE,CAAC;KAClC;IAED,kDAAkD;IAClD,MAAM,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC;IAExC,MAAM,eAAe,GAAG,IAAI,uBAAe,CAAC;QAC1C,eAAe;QACf,YAAY;QACZ,SAAS;QACT,UAAU;QACV,IAAI;KACL,CAAC,CAAC;IAEH,MAAM,gBAAgB,GAAG,IAAI,yBAAgB,CAAC;QAC5C,eAAe;QACf,YAAY;QACZ,IAAI;KACL,CAAC,CAAC;IAEH,MAAM,uBAAuB,GAAG,IAAI,wCAAuB,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;IACtE,MAAM,QAAQ,GAAG,IAAI,wBAAY,CAAC,IAAI,CAAC,CAAC;IACxC,MAAM,uBAAuB,GAAG,MAAM,IAAA,wBAAiB,EAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IACtE,MAAM,uBAAuB,GAAG,MAAM,IAAA,wBAAiB,EAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IAEtE,0CAA0C;IAC1C,MAAM,mBAAmB,GAAG,IAAI,CAAC,mBAAmB,IAAI,IAAI,CAAC,eAAe,CAAC;IAC7E,IAAI,mBAAmB,IAAI,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAAE;QACzD,MAAM,WAAW,GAAG,MAAM,IAAA,wBAAc,EAAC,mBAAmB,CAAC,CAAC;QAE9D,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE;YACpC,IAAI,kBAAkB,IAAI,UAAU,EAAE;gBACpC,MAAM,uBAAuB,CAAC,oBAAoB,CAAC,UAAU,CAAC,CAAC;aAChE;iBAAM;gBACL,MAAM,uBAAuB,CAAC,oBAAoB,CAAC,UAAU,CAAC,CAAC;aAChE;YAED,OAAO,CAAC,IAAI,CAAC,iCAAiC,UAAU,CAAC,MAAM,kBAAkB,UAAU,CAAC,OAAO,GAAG,CAAC,CAAC;SACzG;KACF;IAED,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,MAAM,KAAK,KAAK,IAAI,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,GAAG,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;IAEtF,OAAO,CAAC,IAAI,CAAC,iBAAiB,IAAI,CAAC,EAAE,CAAC,MAAM,IAAI,IAAI,EAAE,CAAC,CAAC;IAExD,OAAO;QACL,QAAQ;QACR,aAAa,EAAE,uBAAuB;QACtC,uBAAuB;QACvB,eAAe;QACf,eAAe;QACf,gBAAgB;QAChB,qBAAqB;QACrB,mBAAmB;QACnB,uBAAuB;QACvB,uBAAuB;QACvB,uBAAuB;QACvB,YAAY,EAAE,GAAG,EAAE;YACjB,OAAO,IAAA,sBAAY,EAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAC7C,CAAC;KACF,CAAC;AACJ,CAAC,CAAA,CAAC;AAvGW,QAAA,WAAW,eAuGtB;AAEF,kBAAe,mBAAW,CAAC;AAE3B,4CAA0B;AAC1B,4DAA0C"}
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
import type { SAMLProfile } from '@boxyhq/saml20/dist/typings';
|
|
2
|
+
export declare const extractSAMLResponseAttributes: (decodedResponse: string, validateOpts: ValidateOption) => Promise<SAMLProfile>;
|
|
3
|
+
export declare const extractSAMLRequestAttributes: (samlRequest: string) => Promise<{
|
|
4
|
+
id: string;
|
|
5
|
+
acsUrl: string;
|
|
6
|
+
entityId: string;
|
|
7
|
+
publicKey: string;
|
|
8
|
+
providerName: string;
|
|
9
|
+
}>;
|
|
10
|
+
export declare const createMetadataXML: ({ ssoUrl, entityId, x509cert, }: {
|
|
11
|
+
ssoUrl: string;
|
|
12
|
+
entityId: string;
|
|
13
|
+
x509cert: string;
|
|
14
|
+
}) => Promise<string>;
|
|
15
|
+
export declare const decodeBase64: (string: string, isDeflated: boolean) => Promise<string>;
|
|
16
|
+
export declare const createSAMLResponse: ({ audience, issuer, acsUrl, profile, requestId, privateKey, publicKey, }: {
|
|
17
|
+
audience: string;
|
|
18
|
+
issuer: string;
|
|
19
|
+
acsUrl: string;
|
|
20
|
+
profile: SAMLProfile;
|
|
21
|
+
requestId: string;
|
|
22
|
+
privateKey: string;
|
|
23
|
+
publicKey: string;
|
|
24
|
+
}) => Promise<string>;
|
|
25
|
+
type ValidateOption = {
|
|
26
|
+
thumbprint: string;
|
|
27
|
+
audience: string;
|
|
28
|
+
privateKey: string;
|
|
29
|
+
inResponseTo?: string;
|
|
30
|
+
};
|
|
31
|
+
export {};
|
package/dist/saml/lib.js
ADDED
|
@@ -0,0 +1,217 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
+
});
|
|
10
|
+
};
|
|
11
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
12
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
13
|
+
};
|
|
14
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
|
+
exports.createSAMLResponse = exports.decodeBase64 = exports.createMetadataXML = exports.extractSAMLRequestAttributes = exports.extractSAMLResponseAttributes = void 0;
|
|
16
|
+
const crypto_1 = __importDefault(require("crypto"));
|
|
17
|
+
const xml2js_1 = __importDefault(require("xml2js"));
|
|
18
|
+
const zlib_1 = require("zlib");
|
|
19
|
+
const util_1 = require("util");
|
|
20
|
+
const saml20_1 = __importDefault(require("@boxyhq/saml20"));
|
|
21
|
+
const xmlbuilder_1 = __importDefault(require("xmlbuilder"));
|
|
22
|
+
const claims_1 = __importDefault(require("../saml/claims"));
|
|
23
|
+
// Validate the SAMLResponse and extract the user profile
|
|
24
|
+
const extractSAMLResponseAttributes = (decodedResponse, validateOpts) => __awaiter(void 0, void 0, void 0, function* () {
|
|
25
|
+
const attributes = yield saml20_1.default.validate(decodedResponse, validateOpts);
|
|
26
|
+
if (attributes && attributes.claims) {
|
|
27
|
+
// We map claims to our attributes id, email, firstName, lastName where possible. We also map original claims to raw
|
|
28
|
+
attributes.claims = claims_1.default.map(attributes.claims);
|
|
29
|
+
// Some providers don't return the id in the assertion, we set it to a sha256 hash of the email
|
|
30
|
+
if (!attributes.claims.id && attributes.claims.email) {
|
|
31
|
+
attributes.claims.id = crypto_1.default.createHash('sha256').update(attributes.claims.email).digest('hex');
|
|
32
|
+
}
|
|
33
|
+
}
|
|
34
|
+
return attributes;
|
|
35
|
+
});
|
|
36
|
+
exports.extractSAMLResponseAttributes = extractSAMLResponseAttributes;
|
|
37
|
+
const extractSAMLRequestAttributes = (samlRequest) => __awaiter(void 0, void 0, void 0, function* () {
|
|
38
|
+
const decodeRequest = yield (0, exports.decodeBase64)(samlRequest, true);
|
|
39
|
+
const result = yield parseXML(decodeRequest);
|
|
40
|
+
const publicKey = result['samlp:AuthnRequest']['Signature']
|
|
41
|
+
? result['samlp:AuthnRequest']['Signature'][0]['KeyInfo'][0]['X509Data'][0]['X509Certificate'][0]
|
|
42
|
+
: null;
|
|
43
|
+
const attributes = result['samlp:AuthnRequest']['$'];
|
|
44
|
+
const id = attributes.ID;
|
|
45
|
+
const providerName = attributes.ProviderName;
|
|
46
|
+
const acsUrl = attributes.AssertionConsumerServiceURL;
|
|
47
|
+
const entityId = result['samlp:AuthnRequest']['saml:Issuer'][0];
|
|
48
|
+
if (!entityId) {
|
|
49
|
+
throw new Error("Missing 'Entity ID' in SAML Request.");
|
|
50
|
+
}
|
|
51
|
+
if (!acsUrl) {
|
|
52
|
+
throw new Error("Missing 'ACS URL' in SAML Request.");
|
|
53
|
+
}
|
|
54
|
+
return {
|
|
55
|
+
id,
|
|
56
|
+
acsUrl,
|
|
57
|
+
entityId,
|
|
58
|
+
publicKey,
|
|
59
|
+
providerName,
|
|
60
|
+
};
|
|
61
|
+
});
|
|
62
|
+
exports.extractSAMLRequestAttributes = extractSAMLRequestAttributes;
|
|
63
|
+
// Create Metadata XML
|
|
64
|
+
const createMetadataXML = ({ ssoUrl, entityId, x509cert, }) => __awaiter(void 0, void 0, void 0, function* () {
|
|
65
|
+
x509cert = saml20_1.default.stripCertHeaderAndFooter(x509cert);
|
|
66
|
+
const today = new Date();
|
|
67
|
+
const nodes = {
|
|
68
|
+
'md:EntityDescriptor': {
|
|
69
|
+
'@xmlns:md': 'urn:oasis:names:tc:SAML:2.0:metadata',
|
|
70
|
+
'@entityID': entityId,
|
|
71
|
+
'@validUntil': new Date(today.setFullYear(today.getFullYear() + 10)).toISOString(),
|
|
72
|
+
'md:IDPSSODescriptor': {
|
|
73
|
+
'@WantAuthnRequestsSigned': false,
|
|
74
|
+
'@protocolSupportEnumeration': 'urn:oasis:names:tc:SAML:2.0:protocol',
|
|
75
|
+
'md:KeyDescriptor': {
|
|
76
|
+
'@use': 'signing',
|
|
77
|
+
'ds:KeyInfo': {
|
|
78
|
+
'@xmlns:ds': 'http://www.w3.org/2000/09/xmldsig#',
|
|
79
|
+
'ds:X509Data': {
|
|
80
|
+
'ds:X509Certificate': {
|
|
81
|
+
'#text': x509cert,
|
|
82
|
+
},
|
|
83
|
+
},
|
|
84
|
+
},
|
|
85
|
+
},
|
|
86
|
+
'md:NameIDFormat': {
|
|
87
|
+
'#text': 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
|
|
88
|
+
},
|
|
89
|
+
'md:SingleSignOnService': [
|
|
90
|
+
{
|
|
91
|
+
'@Binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
|
|
92
|
+
'@Location': ssoUrl,
|
|
93
|
+
},
|
|
94
|
+
{
|
|
95
|
+
'@Binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
|
|
96
|
+
'@Location': ssoUrl,
|
|
97
|
+
},
|
|
98
|
+
],
|
|
99
|
+
},
|
|
100
|
+
},
|
|
101
|
+
};
|
|
102
|
+
return xmlbuilder_1.default.create(nodes, { encoding: 'UTF-8', standalone: false }).end({ pretty: true });
|
|
103
|
+
});
|
|
104
|
+
exports.createMetadataXML = createMetadataXML;
|
|
105
|
+
// Decode the base64 string
|
|
106
|
+
const decodeBase64 = (string, isDeflated) => __awaiter(void 0, void 0, void 0, function* () {
|
|
107
|
+
const inflateRawAsync = (0, util_1.promisify)(zlib_1.inflateRaw);
|
|
108
|
+
return isDeflated
|
|
109
|
+
? (yield inflateRawAsync(Buffer.from(string, 'base64'))).toString()
|
|
110
|
+
: Buffer.from(string, 'base64').toString();
|
|
111
|
+
});
|
|
112
|
+
exports.decodeBase64 = decodeBase64;
|
|
113
|
+
// Parse XML
|
|
114
|
+
const parseXML = (xml) => __awaiter(void 0, void 0, void 0, function* () {
|
|
115
|
+
return new Promise((resolve, reject) => {
|
|
116
|
+
xml2js_1.default.parseString(xml, (err, result) => {
|
|
117
|
+
if (err) {
|
|
118
|
+
reject(err);
|
|
119
|
+
}
|
|
120
|
+
resolve(result);
|
|
121
|
+
});
|
|
122
|
+
});
|
|
123
|
+
});
|
|
124
|
+
const randomId = () => {
|
|
125
|
+
return '_' + crypto_1.default.randomBytes(10).toString('hex');
|
|
126
|
+
};
|
|
127
|
+
// Create SAML Response and sign it
|
|
128
|
+
const createSAMLResponse = ({ audience, issuer, acsUrl, profile, requestId, privateKey, publicKey, }) => __awaiter(void 0, void 0, void 0, function* () {
|
|
129
|
+
const authDate = new Date();
|
|
130
|
+
const authTimestamp = authDate.toISOString();
|
|
131
|
+
authDate.setMinutes(authDate.getMinutes() - 5);
|
|
132
|
+
const notBefore = authDate.toISOString();
|
|
133
|
+
authDate.setMinutes(authDate.getMinutes() + 10);
|
|
134
|
+
const notAfter = authDate.toISOString();
|
|
135
|
+
const nodes = {
|
|
136
|
+
'samlp:Response': {
|
|
137
|
+
'@xmlns:samlp': 'urn:oasis:names:tc:SAML:2.0:protocol',
|
|
138
|
+
'@Version': '2.0',
|
|
139
|
+
'@ID': randomId(),
|
|
140
|
+
'@Destination': acsUrl,
|
|
141
|
+
'@InResponseTo': requestId,
|
|
142
|
+
'@IssueInstant': authTimestamp,
|
|
143
|
+
'saml:Issuer': {
|
|
144
|
+
'@xmlns:saml': 'urn:oasis:names:tc:SAML:2.0:assertion',
|
|
145
|
+
'@Format': 'urn:oasis:names:tc:SAML:2.0:assertion',
|
|
146
|
+
'#text': issuer,
|
|
147
|
+
},
|
|
148
|
+
'samlp:Status': {
|
|
149
|
+
'samlp:StatusCode': {
|
|
150
|
+
'@Value': 'urn:oasis:names:tc:SAML:2.0:status:Success',
|
|
151
|
+
},
|
|
152
|
+
},
|
|
153
|
+
'saml:Assertion': {
|
|
154
|
+
'@xmlns:saml': 'urn:oasis:names:tc:SAML:2.0:assertion',
|
|
155
|
+
'@Version': '2.0',
|
|
156
|
+
'@ID': randomId(),
|
|
157
|
+
'@IssueInstant': authTimestamp,
|
|
158
|
+
'saml:Issuer': {
|
|
159
|
+
'#text': issuer,
|
|
160
|
+
},
|
|
161
|
+
'saml:Subject': {
|
|
162
|
+
'@xmlns:saml': 'urn:oasis:names:tc:SAML:2.0:assertion',
|
|
163
|
+
'saml:NameID': {
|
|
164
|
+
'@Format': 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
|
|
165
|
+
'#text': profile.claims.email,
|
|
166
|
+
},
|
|
167
|
+
'saml:SubjectConfirmation': {
|
|
168
|
+
'@Method': 'urn:oasis:names:tc:SAML:2.0:cm:bearer',
|
|
169
|
+
'saml:SubjectConfirmationData': {
|
|
170
|
+
'@Recipient': acsUrl,
|
|
171
|
+
'@NotOnOrAfter': notAfter,
|
|
172
|
+
'@InResponseTo': requestId,
|
|
173
|
+
},
|
|
174
|
+
},
|
|
175
|
+
},
|
|
176
|
+
'saml:Conditions': {
|
|
177
|
+
'@NotBefore': notBefore,
|
|
178
|
+
'@NotOnOrAfter': notAfter,
|
|
179
|
+
'saml:AudienceRestriction': {
|
|
180
|
+
'saml:Audience': {
|
|
181
|
+
'#text': audience,
|
|
182
|
+
},
|
|
183
|
+
},
|
|
184
|
+
},
|
|
185
|
+
'saml:AuthnStatement': {
|
|
186
|
+
'@AuthnInstant': authTimestamp,
|
|
187
|
+
'@SessionIndex': '_YIlFoNFzLMDYxdwf-T_BuimfkGa5qhKg',
|
|
188
|
+
'saml:AuthnContext': {
|
|
189
|
+
'saml:AuthnContextClassRef': {
|
|
190
|
+
'#text': 'urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified',
|
|
191
|
+
},
|
|
192
|
+
},
|
|
193
|
+
},
|
|
194
|
+
'saml:AttributeStatement': {
|
|
195
|
+
'@xmlns:xs': 'http://www.w3.org/2001/XMLSchema',
|
|
196
|
+
'@xmlns:xsi': 'http://www.w3.org/2001/XMLSchema-instance',
|
|
197
|
+
'saml:Attribute': Object.keys(profile.claims.raw).map((attributeName) => {
|
|
198
|
+
return {
|
|
199
|
+
'@Name': attributeName,
|
|
200
|
+
'@NameFormat': 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
|
|
201
|
+
'saml:AttributeValue': {
|
|
202
|
+
'@xmlns:xs': 'http://www.w3.org/2001/XMLSchema',
|
|
203
|
+
'@xmlns:xsi': 'http://www.w3.org/2001/XMLSchema-instance',
|
|
204
|
+
'@xsi:type': 'xs:string',
|
|
205
|
+
'#text': profile.claims.raw[attributeName],
|
|
206
|
+
},
|
|
207
|
+
};
|
|
208
|
+
}),
|
|
209
|
+
},
|
|
210
|
+
},
|
|
211
|
+
},
|
|
212
|
+
};
|
|
213
|
+
const xml = xmlbuilder_1.default.create(nodes, { encoding: 'UTF-8' }).end();
|
|
214
|
+
return yield saml20_1.default.sign(xml, privateKey, publicKey, '/*[local-name(.)="Response" and namespace-uri(.)="urn:oasis:names:tc:SAML:2.0:protocol"]');
|
|
215
|
+
});
|
|
216
|
+
exports.createSAMLResponse = createSAMLResponse;
|
|
217
|
+
//# sourceMappingURL=lib.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"lib.js","sourceRoot":"","sources":["../../src/saml/lib.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,oDAA4B;AAC5B,oDAA4B;AAC5B,+BAAkC;AAClC,+BAAiC;AACjC,4DAAkC;AAClC,4DAAoC;AAGpC,4DAAoC;AAEpC,yDAAyD;AAClD,MAAM,6BAA6B,GAAG,CAC3C,eAAuB,EACvB,YAA4B,EAC5B,EAAE;IACF,MAAM,UAAU,GAAG,MAAM,gBAAI,CAAC,QAAQ,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;IAEtE,IAAI,UAAU,IAAI,UAAU,CAAC,MAAM,EAAE;QACnC,oHAAoH;QACpH,UAAU,CAAC,MAAM,GAAG,gBAAM,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QAElD,+FAA+F;QAC/F,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,IAAI,UAAU,CAAC,MAAM,CAAC,KAAK,EAAE;YACpD,UAAU,CAAC,MAAM,CAAC,EAAE,GAAG,gBAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;SAClG;KACF;IAED,OAAO,UAAU,CAAC;AACpB,CAAC,CAAA,CAAC;AAjBW,QAAA,6BAA6B,iCAiBxC;AAEK,MAAM,4BAA4B,GAAG,CAAO,WAAmB,EAAE,EAAE;IACxE,MAAM,aAAa,GAAG,MAAM,IAAA,oBAAY,EAAC,WAAW,EAAE,IAAI,CAAC,CAAC;IAC5D,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,aAAa,CAAC,CAAC;IAE7C,MAAM,SAAS,GAAW,MAAM,CAAC,oBAAoB,CAAC,CAAC,WAAW,CAAC;QACjE,CAAC,CAAC,MAAM,CAAC,oBAAoB,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC;QACjG,CAAC,CAAC,IAAI,CAAC;IAET,MAAM,UAAU,GAAG,MAAM,CAAC,oBAAoB,CAAC,CAAC,GAAG,CAAC,CAAC;IAErD,MAAM,EAAE,GAAW,UAAU,CAAC,EAAE,CAAC;IACjC,MAAM,YAAY,GAAW,UAAU,CAAC,YAAY,CAAC;IACrD,MAAM,MAAM,GAAW,UAAU,CAAC,2BAA2B,CAAC;IAC9D,MAAM,QAAQ,GAAW,MAAM,CAAC,oBAAoB,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC;IAExE,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;KACzD;IAED,IAAI,CAAC,MAAM,EAAE;QACX,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;KACvD;IAED,OAAO;QACL,EAAE;QACF,MAAM;QACN,QAAQ;QACR,SAAS;QACT,YAAY;KACb,CAAC;AACJ,CAAC,CAAA,CAAC;AA9BW,QAAA,4BAA4B,gCA8BvC;AAEF,sBAAsB;AACf,MAAM,iBAAiB,GAAG,CAAO,EACtC,MAAM,EACN,QAAQ,EACR,QAAQ,GAKT,EAAmB,EAAE;IACpB,QAAQ,GAAG,gBAAI,CAAC,wBAAwB,CAAC,QAAQ,CAAC,CAAC;IAEnD,MAAM,KAAK,GAAG,IAAI,IAAI,EAAE,CAAC;IACzB,MAAM,KAAK,GAAG;QACZ,qBAAqB,EAAE;YACrB,WAAW,EAAE,sCAAsC;YACnD,WAAW,EAAE,QAAQ;YACrB,aAAa,EAAE,IAAI,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,WAAW,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE;YAClF,qBAAqB,EAAE;gBACrB,0BAA0B,EAAE,KAAK;gBACjC,6BAA6B,EAAE,sCAAsC;gBACrE,kBAAkB,EAAE;oBAClB,MAAM,EAAE,SAAS;oBACjB,YAAY,EAAE;wBACZ,WAAW,EAAE,oCAAoC;wBACjD,aAAa,EAAE;4BACb,oBAAoB,EAAE;gCACpB,OAAO,EAAE,QAAQ;6BAClB;yBACF;qBACF;iBACF;gBACD,iBAAiB,EAAE;oBACjB,OAAO,EAAE,wDAAwD;iBAClE;gBACD,wBAAwB,EAAE;oBACxB;wBACE,UAAU,EAAE,oDAAoD;wBAChE,WAAW,EAAE,MAAM;qBACpB;oBACD;wBACE,UAAU,EAAE,gDAAgD;wBAC5D,WAAW,EAAE,MAAM;qBACpB;iBACF;aACF;SACF;KACF,CAAC;IAEF,OAAO,oBAAU,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;AAClG,CAAC,CAAA,CAAC;AAjDW,QAAA,iBAAiB,qBAiD5B;AAEF,2BAA2B;AACpB,MAAM,YAAY,GAAG,CAAO,MAAc,EAAE,UAAmB,EAAE,EAAE;IACxE,MAAM,eAAe,GAAG,IAAA,gBAAS,EAAC,iBAAU,CAAC,CAAC;IAE9C,OAAO,UAAU;QACf,CAAC,CAAC,CAAC,MAAM,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;QACnE,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC;AAC/C,CAAC,CAAA,CAAC;AANW,QAAA,YAAY,gBAMvB;AAEF,YAAY;AACZ,MAAM,QAAQ,GAAG,CAAO,GAAW,EAAmC,EAAE;IACtE,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,gBAAM,CAAC,WAAW,CAAC,GAAG,EAAE,CAAC,GAAiB,EAAE,MAAW,EAAE,EAAE;YACzD,IAAI,GAAG,EAAE;gBACP,MAAM,CAAC,GAAG,CAAC,CAAC;aACb;YAED,OAAO,CAAC,MAAM,CAAC,CAAC;QAClB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAA,CAAC;AAEF,MAAM,QAAQ,GAAG,GAAG,EAAE;IACpB,OAAO,GAAG,GAAG,gBAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACtD,CAAC,CAAC;AAEF,mCAAmC;AAC5B,MAAM,kBAAkB,GAAG,CAAO,EACvC,QAAQ,EACR,MAAM,EACN,MAAM,EACN,OAAO,EACP,SAAS,EACT,UAAU,EACV,SAAS,GASV,EAAmB,EAAE;IACpB,MAAM,QAAQ,GAAG,IAAI,IAAI,EAAE,CAAC;IAC5B,MAAM,aAAa,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IAE7C,QAAQ,CAAC,UAAU,CAAC,QAAQ,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC;IAC/C,MAAM,SAAS,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IAEzC,QAAQ,CAAC,UAAU,CAAC,QAAQ,CAAC,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;IAChD,MAAM,QAAQ,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IAExC,MAAM,KAAK,GAAG;QACZ,gBAAgB,EAAE;YAChB,cAAc,EAAE,sCAAsC;YACtD,UAAU,EAAE,KAAK;YACjB,KAAK,EAAE,QAAQ,EAAE;YACjB,cAAc,EAAE,MAAM;YACtB,eAAe,EAAE,SAAS;YAC1B,eAAe,EAAE,aAAa;YAC9B,aAAa,EAAE;gBACb,aAAa,EAAE,uCAAuC;gBACtD,SAAS,EAAE,uCAAuC;gBAClD,OAAO,EAAE,MAAM;aAChB;YACD,cAAc,EAAE;gBACd,kBAAkB,EAAE;oBAClB,QAAQ,EAAE,4CAA4C;iBACvD;aACF;YACD,gBAAgB,EAAE;gBAChB,aAAa,EAAE,uCAAuC;gBACtD,UAAU,EAAE,KAAK;gBACjB,KAAK,EAAE,QAAQ,EAAE;gBACjB,eAAe,EAAE,aAAa;gBAC9B,aAAa,EAAE;oBACb,OAAO,EAAE,MAAM;iBAChB;gBACD,cAAc,EAAE;oBACd,aAAa,EAAE,uCAAuC;oBACtD,aAAa,EAAE;wBACb,SAAS,EAAE,wDAAwD;wBACnE,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC,KAAK;qBAC9B;oBACD,0BAA0B,EAAE;wBAC1B,SAAS,EAAE,uCAAuC;wBAClD,8BAA8B,EAAE;4BAC9B,YAAY,EAAE,MAAM;4BACpB,eAAe,EAAE,QAAQ;4BACzB,eAAe,EAAE,SAAS;yBAC3B;qBACF;iBACF;gBACD,iBAAiB,EAAE;oBACjB,YAAY,EAAE,SAAS;oBACvB,eAAe,EAAE,QAAQ;oBACzB,0BAA0B,EAAE;wBAC1B,eAAe,EAAE;4BACf,OAAO,EAAE,QAAQ;yBAClB;qBACF;iBACF;gBACD,qBAAqB,EAAE;oBACrB,eAAe,EAAE,aAAa;oBAC9B,eAAe,EAAE,mCAAmC;oBACpD,mBAAmB,EAAE;wBACnB,2BAA2B,EAAE;4BAC3B,OAAO,EAAE,oDAAoD;yBAC9D;qBACF;iBACF;gBACD,yBAAyB,EAAE;oBACzB,WAAW,EAAE,kCAAkC;oBAC/C,YAAY,EAAE,2CAA2C;oBACzD,gBAAgB,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,aAAa,EAAE,EAAE;wBACtE,OAAO;4BACL,OAAO,EAAE,aAAa;4BACtB,aAAa,EAAE,mDAAmD;4BAClE,qBAAqB,EAAE;gCACrB,WAAW,EAAE,kCAAkC;gCAC/C,YAAY,EAAE,2CAA2C;gCACzD,WAAW,EAAE,WAAW;gCACxB,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC;6BAC3C;yBACF,CAAC;oBACJ,CAAC,CAAC;iBACH;aACF;SACF;KACF,CAAC;IAEF,MAAM,GAAG,GAAG,oBAAU,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC;IAElE,OAAO,MAAM,gBAAI,CAAC,IAAI,CACpB,GAAG,EACH,UAAU,EACV,SAAS,EACT,0FAA0F,CAC3F,CAAC;AACJ,CAAC,CAAA,CAAC;AAjHW,QAAA,kBAAkB,sBAiH7B"}
|
package/dist/typings.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { type JWK } from 'jose';
|
|
2
|
+
export * from '../src/ee/federated-saml/types';
|
|
2
3
|
interface SSOConnection {
|
|
3
4
|
defaultRedirectUrl: string;
|
|
4
5
|
redirectUrl: string[] | string;
|
|
@@ -68,7 +69,9 @@ type TenantProduct = {
|
|
|
68
69
|
tenant: string;
|
|
69
70
|
product: string;
|
|
70
71
|
};
|
|
71
|
-
export type GetConnectionsQuery = ClientIDQuery | TenantQuery
|
|
72
|
+
export type GetConnectionsQuery = ClientIDQuery | TenantQuery | {
|
|
73
|
+
entityId: string;
|
|
74
|
+
};
|
|
72
75
|
export type GetIDPEntityIDBody = TenantProduct;
|
|
73
76
|
export type DelConnectionsQuery = (ClientIDQuery & {
|
|
74
77
|
clientSecret: string;
|
|
@@ -119,6 +122,7 @@ export interface IOAuthController {
|
|
|
119
122
|
samlResponse(body: SAMLResponsePayload): Promise<{
|
|
120
123
|
redirect_url?: string;
|
|
121
124
|
app_select_form?: string;
|
|
125
|
+
responseForm?: string;
|
|
122
126
|
}>;
|
|
123
127
|
oidcAuthzResponse(body: OIDCAuthzResponsePayload): Promise<{
|
|
124
128
|
redirect_url?: string;
|
|
@@ -301,6 +305,12 @@ export interface JacksonOption {
|
|
|
301
305
|
publicKey: string;
|
|
302
306
|
privateKey: string;
|
|
303
307
|
};
|
|
308
|
+
boxyhqLicenseKey?: string;
|
|
309
|
+
retraced?: {
|
|
310
|
+
host?: string;
|
|
311
|
+
adminToken?: string;
|
|
312
|
+
};
|
|
313
|
+
noAnalytics?: boolean;
|
|
304
314
|
}
|
|
305
315
|
export interface SLORequestParams {
|
|
306
316
|
nameId: string;
|
|
@@ -546,7 +556,10 @@ export interface IDirectoryGroups {
|
|
|
546
556
|
}
|
|
547
557
|
export interface IWebhookEventsLogger extends Base {
|
|
548
558
|
log(directory: Directory, event: DirectorySyncEvent): Promise<WebhookEventLog>;
|
|
549
|
-
getAll(
|
|
559
|
+
getAll({ pageOffset, pageLimit }: {
|
|
560
|
+
pageOffset?: number;
|
|
561
|
+
pageLimit?: number;
|
|
562
|
+
}): Promise<WebhookEventLog[]>;
|
|
550
563
|
get(id: string): Promise<WebhookEventLog>;
|
|
551
564
|
clear(): Promise<void>;
|
|
552
565
|
delete(id: string): Promise<void>;
|
|
@@ -614,29 +627,15 @@ export interface WebhookEventLog extends DirectorySyncEvent {
|
|
|
614
627
|
export type SetupLinkCreatePayload = {
|
|
615
628
|
tenant: string;
|
|
616
629
|
product: string;
|
|
617
|
-
service:
|
|
630
|
+
service: SetupLinkService;
|
|
618
631
|
regenerate?: boolean;
|
|
619
632
|
};
|
|
620
|
-
export type SetupLinkRegeneratePayload = {
|
|
621
|
-
reference: string;
|
|
622
|
-
};
|
|
623
633
|
export type SetupLink = {
|
|
624
634
|
setupID: string;
|
|
625
635
|
tenant: string;
|
|
626
636
|
product: string;
|
|
627
637
|
url: string;
|
|
628
|
-
service:
|
|
638
|
+
service: SetupLinkService;
|
|
629
639
|
validTill: number;
|
|
630
640
|
};
|
|
631
|
-
export type
|
|
632
|
-
data: T | null;
|
|
633
|
-
error: ApiError | null;
|
|
634
|
-
};
|
|
635
|
-
export interface ISetupLinkController {
|
|
636
|
-
create(body: SetupLinkCreatePayload): Promise<ApiResponse<SetupLink>>;
|
|
637
|
-
getAll(): Promise<ApiResponse<SetupLink[]>>;
|
|
638
|
-
getByService(service: any): Promise<ApiResponse<SetupLink[]>>;
|
|
639
|
-
getByToken(token: any): Promise<ApiResponse<SetupLink>>;
|
|
640
|
-
remove(key: string): Promise<ApiResponse<boolean>>;
|
|
641
|
-
}
|
|
642
|
-
export {};
|
|
641
|
+
export type SetupLinkService = 'sso' | 'dsync';
|
package/dist/typings.js
CHANGED
|
@@ -1,6 +1,21 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
+
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
+
};
|
|
2
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
17
|
exports.DirectorySyncProviders = void 0;
|
|
18
|
+
__exportStar(require("../src/ee/federated-saml/types"), exports);
|
|
4
19
|
var DirectorySyncProviders;
|
|
5
20
|
(function (DirectorySyncProviders) {
|
|
6
21
|
DirectorySyncProviders["azure-scim-v2"] = "Azure SCIM v2.0";
|
package/dist/typings.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"typings.js","sourceRoot":"","sources":["../src/typings.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"typings.js","sourceRoot":"","sources":["../src/typings.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAEA,iEAA+C;AA0f/C,IAAY,sBAMX;AAND,WAAY,sBAAsB;IAChC,2DAAmC,CAAA;IACnC,iEAAyC,CAAA;IACzC,yDAAiC,CAAA;IACjC,8DAAsC,CAAA;IACtC,+DAAuC,CAAA;AACzC,CAAC,EANW,sBAAsB,GAAtB,8BAAsB,KAAtB,8BAAsB,QAMjC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@boxyhq/saml-jackson",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.5.0",
|
|
4
4
|
"description": "SAML Jackson library",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"SAML 2.0"
|
|
@@ -42,10 +42,11 @@
|
|
|
42
42
|
"dependencies": {
|
|
43
43
|
"@boxyhq/saml20": "1.1.0",
|
|
44
44
|
"@opentelemetry/api": "1.3.0",
|
|
45
|
-
"axios": "1.
|
|
46
|
-
"jose": "4.11.
|
|
47
|
-
"marked": "4.2.
|
|
48
|
-
"
|
|
45
|
+
"axios": "1.2.2",
|
|
46
|
+
"jose": "4.11.2",
|
|
47
|
+
"marked": "4.2.5",
|
|
48
|
+
"mixpanel": "0.17.0",
|
|
49
|
+
"mongodb": "4.13.0",
|
|
49
50
|
"mssql": "9.0.1",
|
|
50
51
|
"mysql2": "2.3.3",
|
|
51
52
|
"node-forge": "1.3.1",
|
|
@@ -60,20 +61,20 @@
|
|
|
60
61
|
},
|
|
61
62
|
"devDependencies": {
|
|
62
63
|
"@faker-js/faker": "7.6.0",
|
|
63
|
-
"@types/node": "18.11.
|
|
64
|
+
"@types/node": "18.11.18",
|
|
64
65
|
"@types/sinon": "10.0.13",
|
|
65
66
|
"@types/tap": "15.0.7",
|
|
66
|
-
"@typescript-eslint/eslint-plugin": "5.
|
|
67
|
-
"@typescript-eslint/parser": "5.
|
|
67
|
+
"@typescript-eslint/eslint-plugin": "5.47.1",
|
|
68
|
+
"@typescript-eslint/parser": "5.47.1",
|
|
68
69
|
"cross-env": "7.0.3",
|
|
69
|
-
"eslint": "8.
|
|
70
|
+
"eslint": "8.31.0",
|
|
70
71
|
"eslint-config-prettier": "8.5.0",
|
|
71
|
-
"prettier": "2.8.
|
|
72
|
-
"sinon": "
|
|
72
|
+
"prettier": "2.8.1",
|
|
73
|
+
"sinon": "15.0.1",
|
|
73
74
|
"tap": "16.3.2",
|
|
74
75
|
"ts-node": "10.9.1",
|
|
75
|
-
"tsconfig-paths": "4.1.
|
|
76
|
-
"typescript": "4.9.
|
|
76
|
+
"tsconfig-paths": "4.1.2",
|
|
77
|
+
"typescript": "4.9.4"
|
|
77
78
|
},
|
|
78
79
|
"engines": {
|
|
79
80
|
"node": ">=14.18.1 <=18.x"
|