npm - @boxyhq/saml-jackson - Versions diffs - 1.4.0 → 1.5.1 - Mend

@boxyhq/saml-jackson 1.4.0 → 1.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (66) hide show

package/dist/controller/analytics.d.ts +12 -0
package/dist/controller/analytics.js +66 -0
package/dist/controller/analytics.js.map +1 -0
package/dist/controller/api.js +12 -1
package/dist/controller/api.js.map +1 -1
package/dist/controller/oauth.d.ts +3 -2
package/dist/controller/oauth.js +132 -280
package/dist/controller/oauth.js.map +1 -1
package/dist/controller/saml-handler.d.ts +38 -0
package/dist/controller/saml-handler.js +166 -0
package/dist/controller/saml-handler.js.map +1 -0
package/dist/controller/setup-link.d.ts +7 -7
package/dist/controller/setup-link.js +56 -67
package/dist/controller/setup-link.js.map +1 -1
package/dist/controller/utils.d.ts +13 -1
package/dist/controller/utils.js +45 -3
package/dist/controller/utils.js.map +1 -1
package/dist/db/db.d.ts +1 -1
package/dist/db/db.js +2 -2
package/dist/db/db.js.map +1 -1
package/dist/db/mem.d.ts +2 -2
package/dist/db/mem.js +27 -6
package/dist/db/mem.js.map +1 -1
package/dist/db/mongo.d.ts +2 -2
package/dist/db/mongo.js +14 -8
package/dist/db/mongo.js.map +1 -1
package/dist/db/redis.d.ts +2 -2
package/dist/db/redis.js +57 -5
package/dist/db/redis.js.map +1 -1
package/dist/db/sql/sql.d.ts +2 -2
package/dist/db/sql/sql.js +19 -9
package/dist/db/sql/sql.js.map +1 -1
package/dist/db/store.js +2 -2
package/dist/db/store.js.map +1 -1
package/dist/db/utils.js +0 -1
package/dist/db/utils.js.map +1 -1
package/dist/directory-sync/Base.js +2 -2
package/dist/directory-sync/Base.js.map +1 -1
package/dist/directory-sync/WebhookEventsLogger.d.ts +4 -1
package/dist/directory-sync/WebhookEventsLogger.js +3 -3
package/dist/directory-sync/WebhookEventsLogger.js.map +1 -1
package/dist/ee/common/checkLicense.d.ts +2 -0
package/dist/ee/common/checkLicense.js +19 -0
package/dist/ee/common/checkLicense.js.map +1 -0
package/dist/ee/federated-saml/app.d.ts +19 -0
package/dist/ee/federated-saml/app.js +126 -0
package/dist/ee/federated-saml/app.js.map +1 -0
package/dist/ee/federated-saml/index.d.ts +12 -0
package/dist/ee/federated-saml/index.js +56 -0
package/dist/ee/federated-saml/index.js.map +1 -0
package/dist/ee/federated-saml/sso.d.ts +17 -0
package/dist/ee/federated-saml/sso.js +76 -0
package/dist/ee/federated-saml/sso.js.map +1 -0
package/dist/ee/federated-saml/types.d.ts +18 -0
package/dist/ee/federated-saml/types.js +3 -0
package/dist/ee/federated-saml/types.js.map +1 -0
package/dist/index.d.ts +7 -0
package/dist/index.js +18 -2
package/dist/index.js.map +1 -1
package/dist/saml/lib.d.ts +31 -0
package/dist/saml/lib.js +217 -0
package/dist/saml/lib.js.map +1 -0
package/dist/typings.d.ts +28 -21
package/dist/typings.js +15 -0
package/dist/typings.js.map +1 -1
package/package.json +12 -16

package/dist/ee/federated-saml/app.d.ts ADDED Viewed

@@ -0,0 +1,19 @@
+import type { Storable, JacksonOption, SAMLFederationAppWithMetadata, SAMLFederationApp } from '../../typings';
+export declare class App {
+    protected store: Storable;
+    private opts;
+    constructor({ store, opts }: {
+        store: Storable;
+        opts: JacksonOption;
+    });
+    create({ name, tenant, product, acsUrl, entityId, }: Omit<SAMLFederationApp, 'id'>): Promise<SAMLFederationApp>;
+    get(id: string): Promise<SAMLFederationApp>;
+    getByEntityId(entityId: string): Promise<SAMLFederationApp>;
+    update(id: string, { acsUrl, entityId, name }: Partial<Omit<SAMLFederationApp, 'id'>>): Promise<SAMLFederationApp>;
+    getAll({ pageOffset, pageLimit, }: {
+        pageOffset?: number;
+        pageLimit?: number;
+    }): Promise<SAMLFederationApp[]>;
+    delete(id: string): Promise<void>;
+    getMetadata(): Promise<Pick<SAMLFederationAppWithMetadata, 'metadata'>['metadata']>;
+}

package/dist/ee/federated-saml/app.js ADDED Viewed

@@ -0,0 +1,126 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.App = void 0;
+const utils_1 = require("../../controller/utils");
+const lib_1 = require("../../saml/lib");
+const error_1 = require("../../controller/error");
+const x509_1 = require("../../saml/x509");
+const utils_2 = require("../../controller/utils");
+class App {
+    constructor({ store, opts }) {
+        this.store = store;
+        this.opts = opts;
+    }
+    // Create a new SAML Federation app for the tenant and product
+    create({ name, tenant, product, acsUrl, entityId, }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!tenant || !product || !acsUrl || !entityId || !name) {
+                throw new error_1.JacksonError('Missing required parameters. Required parameters are: name, tenant, product, acsUrl, entityId', 400);
+            }
+            (0, utils_2.validateTenantAndProduct)(tenant, product);
+            const id = (0, utils_1.appID)(tenant, product);
+            const app = {
+                id,
+                name,
+                tenant,
+                product,
+                acsUrl,
+                entityId,
+            };
+            yield this.store.put(id, app, {
+                name: utils_2.IndexNames.EntityID,
+                value: entityId,
+            });
+            return Object.assign({}, app);
+        });
+    }
+    // Get an app by tenant and product
+    get(id) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!id) {
+                throw new error_1.JacksonError('Missing required parameters. Required parameters are: id', 400);
+            }
+            const app = yield this.store.get(id);
+            if (!app) {
+                throw new error_1.JacksonError('SAML Federation app not found', 404);
+            }
+            return Object.assign({}, app);
+        });
+    }
+    // Get the app by SP EntityId
+    getByEntityId(entityId) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!entityId) {
+                throw new error_1.JacksonError('Missing required parameters. Required parameters are: entityId', 400);
+            }
+            const apps = yield this.store.getByIndex({
+                name: utils_2.IndexNames.EntityID,
+                value: entityId,
+            });
+            if (!apps || apps.length === 0) {
+                throw new error_1.JacksonError('SAML Federation app not found', 404);
+            }
+            return Object.assign({}, apps[0]);
+        });
+    }
+    // Update the app
+    update(id, { acsUrl, entityId, name }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!id && (!acsUrl || !entityId || !name)) {
+                throw new error_1.JacksonError("Missing required parameters. Required parameters are: id, acsUrl, entityId, name'", 400);
+            }
+            const app = yield this.get(id);
+            const updatedApp = Object.assign(Object.assign({}, app), { name: name || app.name, acsUrl: acsUrl || app.acsUrl, entityId: entityId || app.entityId });
+            yield this.store.put(id, updatedApp);
+            return Object.assign({}, updatedApp);
+        });
+    }
+    // Get all apps
+    getAll({ pageOffset, pageLimit, }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const apps = (yield this.store.getAll(pageOffset, pageLimit));
+            return apps.map((app) => (Object.assign({}, app)));
+        });
+    }
+    // Delete the app
+    delete(id) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!id) {
+                throw new error_1.JacksonError('Missing required parameters. Required parameters are: id', 400);
+            }
+            yield this.get(id);
+            yield this.store.delete(id);
+            return;
+        });
+    }
+    // Get the metadata for the app
+    getMetadata() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { publicKey } = yield (0, x509_1.getDefaultCertificate)();
+            const ssoUrl = `${this.opts.externalUrl}/api/federated-saml/sso`;
+            const entityId = `${this.opts.samlAudience}`;
+            const xml = yield (0, lib_1.createMetadataXML)({
+                entityId,
+                ssoUrl,
+                x509cert: publicKey,
+            });
+            return {
+                xml,
+                entityId,
+                ssoUrl,
+                x509cert: publicKey,
+            };
+        });
+    }
+}
+exports.App = App;
+//# sourceMappingURL=app.js.map

package/dist/ee/federated-saml/app.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"app.js","sourceRoot":"","sources":["../../../src/ee/federated-saml/app.ts"],"names":[],"mappings":";;;;;;;;;;;;AAMA,kDAA+C;AAC/C,wCAAmD;AACnD,kDAAsD;AACtD,0CAAwD;AACxD,kDAA8E;AAE9E,MAAa,GAAG;IAId,YAAY,EAAE,KAAK,EAAE,IAAI,EAA4C;QACnE,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;IACnB,CAAC;IAED,8DAA8D;IACjD,MAAM,CAAC,EAClB,IAAI,EACJ,MAAM,EACN,OAAO,EACP,MAAM,EACN,QAAQ,GACsB;;YAC9B,IAAI,CAAC,MAAM,IAAI,CAAC,OAAO,IAAI,CAAC,MAAM,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,EAAE;gBACxD,MAAM,IAAI,oBAAY,CACpB,+FAA+F,EAC/F,GAAG,CACJ,CAAC;aACH;YAED,IAAA,gCAAwB,EAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YAE1C,MAAM,EAAE,GAAG,IAAA,aAAK,EAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YAElC,MAAM,GAAG,GAAG;gBACV,EAAE;gBACF,IAAI;gBACJ,MAAM;gBACN,OAAO;gBACP,MAAM;gBACN,QAAQ;aACT,CAAC;YAEF,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE;gBAC5B,IAAI,EAAE,kBAAU,CAAC,QAAQ;gBACzB,KAAK,EAAE,QAAQ;aAChB,CAAC,CAAC;YAEH,yBAAY,GAAG,EAAG;QACpB,CAAC;KAAA;IAED,mCAAmC;IACtB,GAAG,CAAC,EAAU;;YACzB,IAAI,CAAC,EAAE,EAAE;gBACP,MAAM,IAAI,oBAAY,CAAC,0DAA0D,EAAE,GAAG,CAAC,CAAC;aACzF;YAED,MAAM,GAAG,GAAsB,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAExD,IAAI,CAAC,GAAG,EAAE;gBACR,MAAM,IAAI,oBAAY,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC;aAC9D;YAED,yBAAY,GAAG,EAAG;QACpB,CAAC;KAAA;IAED,6BAA6B;IAChB,aAAa,CAAC,QAAgB;;YACzC,IAAI,CAAC,QAAQ,EAAE;gBACb,MAAM,IAAI,oBAAY,CAAC,gEAAgE,EAAE,GAAG,CAAC,CAAC;aAC/F;YAED,MAAM,IAAI,GAAwB,MAAM,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC;gBAC5D,IAAI,EAAE,kBAAU,CAAC,QAAQ;gBACzB,KAAK,EAAE,QAAQ;aAChB,CAAC,CAAC;YAEH,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC9B,MAAM,IAAI,oBAAY,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC;aAC9D;YAED,yBAAY,IAAI,CAAC,CAAC,CAAC,EAAG;QACxB,CAAC;KAAA;IAED,iBAAiB;IACJ,MAAM,CACjB,EAAU,EACV,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAA0C;;YAElE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,EAAE;gBAC1C,MAAM,IAAI,oBAAY,CACpB,mFAAmF,EACnF,GAAG,CACJ,CAAC;aACH;YAED,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAE/B,MAAM,UAAU,mCACX,GAAG,KACN,IAAI,EAAE,IAAI,IAAI,GAAG,CAAC,IAAI,EACtB,MAAM,EAAE,MAAM,IAAI,GAAG,CAAC,MAAM,EAC5B,QAAQ,EAAE,QAAQ,IAAI,GAAG,CAAC,QAAQ,GACnC,CAAC;YAEF,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,CAAC;YAErC,yBAAY,UAAU,EAAG;QAC3B,CAAC;KAAA;IAED,eAAe;IACF,MAAM,CAAC,EAClB,UAAU,EACV,SAAS,GAIV;;YACC,MAAM,IAAI,GAAG,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,SAAS,CAAC,CAAwB,CAAC;YAErF,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,mBAAM,GAAG,EAAG,CAAC,CAAC;QACzC,CAAC;KAAA;IAED,iBAAiB;IACJ,MAAM,CAAC,EAAU;;YAC5B,IAAI,CAAC,EAAE,EAAE;gBACP,MAAM,IAAI,oBAAY,CAAC,0DAA0D,EAAE,GAAG,CAAC,CAAC;aACzF;YAED,MAAM,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACnB,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;YAE5B,OAAO;QACT,CAAC;KAAA;IAED,+BAA+B;IAClB,WAAW;;YACtB,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,IAAA,4BAAqB,GAAE,CAAC;YAEpD,MAAM,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,yBAAyB,CAAC;YACjE,MAAM,QAAQ,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YAE7C,MAAM,GAAG,GAAG,MAAM,IAAA,uBAAiB,EAAC;gBAClC,QAAQ;gBACR,MAAM;gBACN,QAAQ,EAAE,SAAS;aACpB,CAAC,CAAC;YAEH,OAAO;gBACL,GAAG;gBACH,QAAQ;gBACR,MAAM;gBACN,QAAQ,EAAE,SAAS;aACpB,CAAC;QACJ,CAAC;KAAA;CACF;AArJD,kBAqJC"}

package/dist/ee/federated-saml/index.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import { SSO } from './sso';
+import { App } from './app';
+import type { JacksonOption } from '../../typings';
+declare const SAMLFederation: ({ db, opts }: {
+    db: any;
+    opts: JacksonOption;
+}) => Promise<{
+    app: App;
+    sso: SSO;
+}>;
+export default SAMLFederation;
+export * from './types';

package/dist/ee/federated-saml/index.js ADDED Viewed

@@ -0,0 +1,56 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const sso_1 = require("./sso");
+const app_1 = require("./app");
+const saml_handler_1 = require("../../controller/saml-handler");
+// This is the main entry point for the SAML Federation module
+const SAMLFederation = ({ db, opts }) => __awaiter(void 0, void 0, void 0, function* () {
+    const appStore = db.store('samlfed:apps');
+    const sessionStore = db.store('oauth:session', opts.db.ttl);
+    const connectionStore = db.store('saml:config');
+    const samlHandler = new saml_handler_1.SAMLHandler({
+        connection: connectionStore,
+        session: sessionStore,
+        opts,
+    });
+    const app = new app_1.App({ store: appStore, opts });
+    const sso = new sso_1.SSO({ app, samlHandler });
+    const response = {
+        app,
+        sso,
+    };
+    return response;
+});
+exports.default = SAMLFederation;
+__exportStar(require("./types"), exports);
+// SAML Federation flow:
+// SP (Eg: Twilio Flex) --> SAML Jackson --> IdP (Eg: Okta) --> SAML Jackson --> SP (Eg: Twilio Flex)
+// 1. SP send SAML Request to Jackson's SSO endpoint
+// 2. Jackson process SAML Request and create a new session to store SP request information
+// 3. Jackson create a new SAML Request and send it to chosen IdP
+// 4. After successful authentication, IdP send (POST) SAML Response to Jackson's ACS endpoint
+// 5. Jackson process SAML Response from the IdP and create a new SAML Response to send (POST) back to the SP's ACS endpoint
+//# sourceMappingURL=index.js.map

package/dist/ee/federated-saml/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/ee/federated-saml/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+BAA4B;AAC5B,+BAA4B;AAE5B,gEAA4D;AAE5D,8DAA8D;AAC9D,MAAM,cAAc,GAAG,CAAO,EAAE,EAAE,EAAE,IAAI,EAA+B,EAAE,EAAE;IACzE,MAAM,QAAQ,GAAG,EAAE,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;IAC1C,MAAM,YAAY,GAAG,EAAE,CAAC,KAAK,CAAC,eAAe,EAAE,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;IAC5D,MAAM,eAAe,GAAG,EAAE,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;IAEhD,MAAM,WAAW,GAAG,IAAI,0BAAW,CAAC;QAClC,UAAU,EAAE,eAAe;QAC3B,OAAO,EAAE,YAAY;QACrB,IAAI;KACL,CAAC,CAAC;IAEH,MAAM,GAAG,GAAG,IAAI,SAAG,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;IAC/C,MAAM,GAAG,GAAG,IAAI,SAAG,CAAC,EAAE,GAAG,EAAE,WAAW,EAAE,CAAC,CAAC;IAE1C,MAAM,QAAQ,GAAG;QACf,GAAG;QACH,GAAG;KACJ,CAAC;IAEF,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAA,CAAC;AAEF,kBAAe,cAAc,CAAC;AAE9B,0CAAwB;AAExB,wBAAwB;AACxB,qGAAqG;AACrG,oDAAoD;AACpD,2FAA2F;AAC3F,iEAAiE;AACjE,8FAA8F;AAC9F,4HAA4H"}

package/dist/ee/federated-saml/sso.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import { App } from './app';
+import { SAMLHandler } from '../../controller/saml-handler';
+export declare class SSO {
+    private app;
+    private samlHandler;
+    constructor({ app, samlHandler }: {
+        app: App;
+        samlHandler: SAMLHandler;
+    });
+    getAuthorizeUrl: ({ request, relayState, idp_hint, }: {
+        request: string;
+        relayState: string;
+        idp_hint?: string | undefined;
+    }) => Promise<{
+        redirectUrl: string;
+    }>;
+}

package/dist/ee/federated-saml/sso.js ADDED Viewed

@@ -0,0 +1,76 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SSO = void 0;
+const saml20_1 = __importDefault(require("@boxyhq/saml20"));
+const error_1 = require("../../controller/error");
+const lib_1 = require("../../saml/lib");
+class SSO {
+    constructor({ app, samlHandler }) {
+        // Accept the SAML Request from Service Provider, and create a new SAML Request to be sent to Identity Provider
+        this.getAuthorizeUrl = ({ request, relayState, idp_hint, }) => __awaiter(this, void 0, void 0, function* () {
+            const { id, acsUrl, entityId, publicKey, providerName } = yield (0, lib_1.extractSAMLRequestAttributes)(request);
+            // Verify the request if it is signed
+            if (publicKey && !saml20_1.default.hasValidSignature(request, publicKey, null)) {
+                throw new error_1.JacksonError('Invalid SAML Request signature.', 400);
+            }
+            const app = yield this.app.getByEntityId(entityId);
+            if (app.acsUrl !== acsUrl) {
+                throw new error_1.JacksonError("Assertion Consumer Service URL doesn't match.", 400);
+            }
+            const response = yield this.samlHandler.resolveConnection({
+                tenant: app.tenant,
+                product: app.product,
+                idp_hint,
+                authFlow: 'saml',
+                originalParams: {
+                    RelayState: relayState,
+                    SAMLRequest: request,
+                },
+            });
+            // If there is a redirect URL, then we need to redirect to that URL
+            if ('redirectUrl' in response) {
+                return {
+                    redirectUrl: response.redirectUrl,
+                };
+            }
+            let connection;
+            // If there is a connection, use that connection
+            if ('connection' in response && 'idpMetadata' in response.connection) {
+                connection = response.connection;
+            }
+            if (!connection) {
+                throw new error_1.JacksonError('No SAML connection found.', 404);
+            }
+            const { redirectUrl } = yield this.samlHandler.createSAMLRequest({
+                connection,
+                requestParams: {
+                    id,
+                    acsUrl,
+                    entityId,
+                    publicKey,
+                    providerName,
+                    relayState,
+                },
+            });
+            return {
+                redirectUrl,
+            };
+        });
+        this.app = app;
+        this.samlHandler = samlHandler;
+    }
+}
+exports.SSO = SSO;
+//# sourceMappingURL=sso.js.map

package/dist/ee/federated-saml/sso.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"sso.js","sourceRoot":"","sources":["../../../src/ee/federated-saml/sso.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,4DAAkC;AAGlC,kDAAsD;AAGtD,wCAA8D;AAE9D,MAAa,GAAG;IAId,YAAY,EAAE,GAAG,EAAE,WAAW,EAA0C;QAKxE,+GAA+G;QACxG,oBAAe,GAAG,CAAO,EAC9B,OAAO,EACP,UAAU,EACV,QAAQ,GAKT,EAAE,EAAE;YACH,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,YAAY,EAAE,GAAG,MAAM,IAAA,kCAA4B,EAAC,OAAO,CAAC,CAAC;YAEtG,qCAAqC;YACrC,IAAI,SAAS,IAAI,CAAC,gBAAI,CAAC,iBAAiB,CAAC,OAAO,EAAE,SAAS,EAAE,IAAI,CAAC,EAAE;gBAClE,MAAM,IAAI,oBAAY,CAAC,iCAAiC,EAAE,GAAG,CAAC,CAAC;aAChE;YAED,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;YAEnD,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,EAAE;gBACzB,MAAM,IAAI,oBAAY,CAAC,+CAA+C,EAAE,GAAG,CAAC,CAAC;aAC9E;YAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,iBAAiB,CAAC;gBACxD,MAAM,EAAE,GAAG,CAAC,MAAM;gBAClB,OAAO,EAAE,GAAG,CAAC,OAAO;gBACpB,QAAQ;gBACR,QAAQ,EAAE,MAAM;gBAChB,cAAc,EAAE;oBACd,UAAU,EAAE,UAAU;oBACtB,WAAW,EAAE,OAAO;iBACrB;aACF,CAAC,CAAC;YAEH,mEAAmE;YACnE,IAAI,aAAa,IAAI,QAAQ,EAAE;gBAC7B,OAAO;oBACL,WAAW,EAAE,QAAQ,CAAC,WAAW;iBAClC,CAAC;aACH;YAED,IAAI,UAAqC,CAAC;YAE1C,gDAAgD;YAChD,IAAI,YAAY,IAAI,QAAQ,IAAI,aAAa,IAAI,QAAQ,CAAC,UAAU,EAAE;gBACpE,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC;aAClC;YAED,IAAI,CAAC,UAAU,EAAE;gBACf,MAAM,IAAI,oBAAY,CAAC,2BAA2B,EAAE,GAAG,CAAC,CAAC;aAC1D;YAED,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,iBAAiB,CAAC;gBAC/D,UAAU;gBACV,aAAa,EAAE;oBACb,EAAE;oBACF,MAAM;oBACN,QAAQ;oBACR,SAAS;oBACT,YAAY;oBACZ,UAAU;iBACX;aACF,CAAC,CAAC;YAEH,OAAO;gBACL,WAAW;aACZ,CAAC;QACJ,CAAC,CAAA,CAAC;QAvEA,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;IACjC,CAAC;CAsEF;AA7ED,kBA6EC"}

package/dist/ee/federated-saml/types.d.ts ADDED Viewed

@@ -0,0 +1,18 @@
+import SAMLFederation from '.';
+export type ISAMLFederationController = Awaited<ReturnType<typeof SAMLFederation>>;
+export type SAMLFederationApp = {
+    id: string;
+    name: string;
+    tenant: string;
+    product: string;
+    acsUrl: string;
+    entityId: string;
+};
+export type SAMLFederationAppWithMetadata = SAMLFederationApp & {
+    metadata: {
+        entityId: string;
+        ssoUrl: string;
+        x509cert: string;
+        xml: string;
+    };
+};

package/dist/ee/federated-saml/types.js ADDED Viewed

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map

package/dist/ee/federated-saml/types.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/ee/federated-saml/types.ts"],"names":[],"mappings":""}

package/dist/index.d.ts CHANGED Viewed

@@ -7,6 +7,8 @@ import { LogoutController } from './controller/logout';
 import { OidcDiscoveryController } from './controller/oidc-discovery';
 import { SPSAMLConfig } from './controller/sp-config';
 import { SetupLinkController } from './controller/setup-link';
+import { type ISAMLFederationController } from './ee/federated-saml';
+import checkLicense from './ee/common/checkLicense';
 export declare const controllers: (opts: JacksonOption) => Promise<{
     apiController: ConnectionAPIController;
     connectionAPIController: ConnectionAPIController;
@@ -18,6 +20,11 @@ export declare const controllers: (opts: JacksonOption) => Promise<{
     directorySyncController: IDirectorySyncController;
     oidcDiscoveryController: OidcDiscoveryController;
     spConfig: SPSAMLConfig;
+    samlFederatedController: ISAMLFederationController;
+    checkLicense: () => Promise<boolean>;
 }>;
 export default controllers;
 export * from './typings';
+export * from './ee/federated-saml/types';
+export type SAMLJackson = Awaited<ReturnType<typeof controllers>>;
+export type ISetupLinkController = InstanceType<typeof SetupLinkController>;

package/dist/index.js CHANGED Viewed

@@ -52,7 +52,10 @@ const directory_sync_1 = __importDefault(require("./directory-sync"));
 const oidc_discovery_1 = require("./controller/oidc-discovery");
 const sp_config_1 = require("./controller/sp-config");
 const setup_link_1 = require("./controller/setup-link");
+const analytics_1 = require("./controller/analytics");
 const x509 = __importStar(require("./saml/x509"));
+const federated_saml_1 = __importDefault(require("./ee/federated-saml"));
+const checkLicense_1 = __importDefault(require("./ee/common/checkLicense"));
 const defaultOpts = (opts) => {
     const newOpts = Object.assign({}, opts);
     if (!newOpts.externalUrl) {
@@ -72,6 +75,7 @@ const defaultOpts = (opts) => {
     newOpts.db.pageLimit = newOpts.db.pageLimit || 50;
     newOpts.openid = newOpts.openid || {};
     newOpts.openid.jwsAlg = newOpts.openid.jwsAlg || 'RS256';
+    newOpts.boxyhqLicenseKey = newOpts.boxyhqLicenseKey || undefined;
     return newOpts;
 };
 const controllers = (opts) => __awaiter(void 0, void 0, void 0, function* () {
@@ -88,8 +92,14 @@ const controllers = (opts) => __awaiter(void 0, void 0, void 0, function* () {
     const connectionAPIController = new api_1.ConnectionAPIController({ connectionStore, opts });
     const adminController = new admin_1.AdminController({ connectionStore });
     const healthCheckController = new health_check_1.HealthCheckController({ healthCheckStore });
-    const setupLinkController = new setup_link_1.SetupLinkController({ setupLinkStore });
     yield healthCheckController.init();
+    const setupLinkController = new setup_link_1.SetupLinkController({ setupLinkStore });
+    if (!opts.noAnalytics) {
+        console.info('Anonymous analytics enabled. You can disable this by setting the DO_NOT_TRACK=1 or BOXYHQ_NO_ANALYTICS=1 environment variables');
+        const analyticsStore = db.store('_analytics:events');
+        const analyticsController = new analytics_1.AnalyticsController({ analyticsStore });
+        yield analyticsController.init();
+    }
     // Create default certificate if it doesn't exist.
     yield x509.init(certificateStore, opts);
     const oauthController = new oauth_1.OAuthController({
@@ -104,9 +114,10 @@ const controllers = (opts) => __awaiter(void 0, void 0, void 0, function* () {
         sessionStore,
         opts,
     });
-    const directorySyncController = yield (0, directory_sync_1.default)({ db, opts });
     const oidcDiscoveryController = new oidc_discovery_1.OidcDiscoveryController({ opts });
     const spConfig = new sp_config_1.SPSAMLConfig(opts);
+    const directorySyncController = yield (0, directory_sync_1.default)({ db, opts });
+    const samlFederatedController = yield (0, federated_saml_1.default)({ db, opts });
     // write pre-loaded connections if present
     const preLoadedConnection = opts.preLoadedConnection || opts.preLoadedConfig;
     if (preLoadedConnection && preLoadedConnection.length > 0) {
@@ -134,9 +145,14 @@ const controllers = (opts) => __awaiter(void 0, void 0, void 0, function* () {
         setupLinkController,
         directorySyncController,
         oidcDiscoveryController,
+        samlFederatedController,
+        checkLicense: () => {
+            return (0, checkLicense_1.default)(opts.boxyhqLicenseKey);
+        },
     };
 });
 exports.controllers = controllers;
 exports.default = exports.controllers;
 __exportStar(require("./typings"), exports);
+__exportStar(require("./ee/federated-saml/types"), exports);
 //# sourceMappingURL=index.js.map

package/dist/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;~~AAEA~~,iDAAyB;AACzB,+DAAuC;AACvC,sEAA8C;~~AAE9C~~,qDAA8D;~~AAE9D~~,8CAAqD;AACrD,0CAA2D;AAC3D,8CAAqD;AACrD,4DAAkE;AAClE,gDAAuD;AACvD,sEAAiD;AACjD,gEAAsE;AACtE,sDAAsD;AACtD,wDAA8D;AAC9D,kDAAoC;~~AAEpC~~,MAAM,WAAW,GAAG,CAAC,IAAmB,EAAiB,EAAE;IACzD,MAAM,OAAO,qBACR,IAAI,CACR,CAAC;IAEF,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE;QACxB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;KAC5C;IAED,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE;QACrB,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;KACzC;IAED,OAAO,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,gBAAgB,CAAC;IAExD,OAAO,CAAC,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,yBAAyB,CAAC;IACzE,oMAAoM;IACpM,OAAO,CAAC,mBAAmB,GAAG,OAAO,CAAC,mBAAmB,IAAI,EAAE,CAAC;IAChE,OAAO,CAAC,eAAe,GAAG,OAAO,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC,8BAA8B;IAEvF,OAAO,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,KAAK,IAAI,CAAC;IACjD,IAAA,mBAAS,EAAC,OAAO,CAAC,CAAC;IAEnB,OAAO,CAAC,oBAAoB,GAAG,OAAO,CAAC,oBAAoB,IAAI,OAAO,CAAC;IACvE,OAAO,CAAC,EAAE,CAAC,SAAS,GAAG,OAAO,CAAC,EAAE,CAAC,SAAS,IAAI,EAAE,CAAC;IAElD,OAAO,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC;IACtC,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,IAAI,OAAO,CAAC;IAEzD,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AAEK,MAAM,WAAW,GAAG,CACzB,IAAmB,~~EAYlB~~,EAAE;IACH,IAAI,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;IAEzB,IAAA,cAAW,GAAE,CAAC;IAEd,MAAM,EAAE,GAAG,MAAM,YAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEjC,MAAM,eAAe,GAAG,EAAE,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;IAChD,MAAM,YAAY,GAAG,EAAE,CAAC,KAAK,CAAC,eAAe,EAAE,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;IAC5D,MAAM,SAAS,GAAG,EAAE,CAAC,KAAK,CAAC,YAAY,EAAE,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;IACtD,MAAM,UAAU,GAAG,EAAE,CAAC,KAAK,CAAC,aAAa,EAAE,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,EAAE,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;IACnD,MAAM,cAAc,GAAG,EAAE,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;IAC9C,MAAM,gBAAgB,GAAG,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;IAEvD,MAAM,uBAAuB,GAAG,IAAI,6BAAuB,CAAC,EAAE,eAAe,EAAE,IAAI,EAAE,CAAC,CAAC;IACvF,MAAM,eAAe,GAAG,IAAI,uBAAe,CAAC,EAAE,eAAe,EAAE,CAAC,CAAC;IACjE,MAAM,qBAAqB,GAAG,IAAI,oCAAqB,CAAC,EAAE,gBAAgB,EAAE,CAAC,CAAC;IAC9E,MAAM,mBAAmB,GAAG,IAAI,gCAAmB,CAAC,EAAE,cAAc,EAAE,CAAC,CAAC;~~IACxE~~,MAAM,~~qBAAqB~~,CAAC,IAAI,EAAE,CAAC;~~IAEnC~~,kDAAkD;IAClD,MAAM,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC;IAExC,MAAM,eAAe,GAAG,IAAI,uBAAe,CAAC;QAC1C,eAAe;QACf,YAAY;QACZ,SAAS;QACT,UAAU;QACV,IAAI;KACL,CAAC,CAAC;IAEH,MAAM,gBAAgB,GAAG,IAAI,yBAAgB,CAAC;QAC5C,eAAe;QACf,YAAY;QACZ,IAAI;KACL,CAAC,CAAC;IAEH,MAAM,uBAAuB,GAAG,~~MAAM~~,~~IAAA~~,~~wBAAiB~~,~~EAAC,~~EAAE,~~EAAE~~,EAAE,IAAI,~~EAAE~~,CAAC,CAAC;~~IAEtE~~,MAAM,uBAAuB,GAAG,~~IAAI~~,~~wCAAuB~~,~~CAAC~~,EAAE,IAAI,EAAE,CAAC,CAAC;~~IAEtE~~,MAAM,~~QAAQ~~,GAAG,~~IAAI~~,~~wBAAY~~,~~CAAC~~,IAAI,CAAC,CAAC;~~IAExC~~,0CAA0C;IAC1C,MAAM,mBAAmB,GAAG,IAAI,CAAC,mBAAmB,IAAI,IAAI,CAAC,eAAe,CAAC;IAC7E,IAAI,mBAAmB,IAAI,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAAE;QACzD,MAAM,WAAW,GAAG,MAAM,IAAA,wBAAc,EAAC,mBAAmB,CAAC,CAAC;QAE9D,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE;YACpC,IAAI,kBAAkB,IAAI,UAAU,EAAE;gBACpC,MAAM,uBAAuB,CAAC,oBAAoB,CAAC,UAAU,CAAC,CAAC;aAChE;iBAAM;gBACL,MAAM,uBAAuB,CAAC,oBAAoB,CAAC,UAAU,CAAC,CAAC;aAChE;YAED,OAAO,CAAC,IAAI,CAAC,iCAAiC,UAAU,CAAC,MAAM,kBAAkB,UAAU,CAAC,OAAO,GAAG,CAAC,CAAC;SACzG;KACF;IAED,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,MAAM,KAAK,KAAK,IAAI,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,GAAG,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;IAEtF,OAAO,CAAC,IAAI,CAAC,iBAAiB,IAAI,CAAC,EAAE,CAAC,MAAM,IAAI,IAAI,EAAE,CAAC,CAAC;IAExD,OAAO;QACL,QAAQ;QACR,aAAa,EAAE,uBAAuB;QACtC,uBAAuB;QACvB,eAAe;QACf,eAAe;QACf,gBAAgB;QAChB,qBAAqB;QACrB,mBAAmB;QACnB,uBAAuB;QACvB,uBAAuB;~~KACxB~~,CAAC;AACJ,CAAC,CAAA,CAAC;~~AAzFW~~,QAAA,WAAW,~~eAyFtB~~;AAEF,kBAAe,mBAAW,CAAC;AAE3B,4CAA0B"}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,iDAAyB;AACzB,+DAAuC;AACvC,sEAA8C;AAC9C,qDAA8D;AAC9D,8CAAqD;AACrD,0CAA2D;AAC3D,8CAAqD;AACrD,4DAAkE;AAClE,gDAAuD;AACvD,sEAAiD;AACjD,gEAAsE;AACtE,sDAAsD;AACtD,wDAA8D;AAC9D,sDAA6D;AAC7D,kDAAoC;AACpC,yEAAwF;AACxF,4EAAoD;AAEpD,MAAM,WAAW,GAAG,CAAC,IAAmB,EAAiB,EAAE;IACzD,MAAM,OAAO,qBACR,IAAI,CACR,CAAC;IAEF,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE;QACxB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;KAC5C;IAED,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE;QACrB,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;KACzC;IAED,OAAO,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,gBAAgB,CAAC;IAExD,OAAO,CAAC,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,yBAAyB,CAAC;IACzE,oMAAoM;IACpM,OAAO,CAAC,mBAAmB,GAAG,OAAO,CAAC,mBAAmB,IAAI,EAAE,CAAC;IAChE,OAAO,CAAC,eAAe,GAAG,OAAO,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC,8BAA8B;IAEvF,OAAO,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,KAAK,IAAI,CAAC;IACjD,IAAA,mBAAS,EAAC,OAAO,CAAC,CAAC;IAEnB,OAAO,CAAC,oBAAoB,GAAG,OAAO,CAAC,oBAAoB,IAAI,OAAO,CAAC;IACvE,OAAO,CAAC,EAAE,CAAC,SAAS,GAAG,OAAO,CAAC,EAAE,CAAC,SAAS,IAAI,EAAE,CAAC;IAElD,OAAO,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC;IACtC,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,IAAI,OAAO,CAAC;IAEzD,OAAO,CAAC,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,IAAI,SAAS,CAAC;IAEjE,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AAEK,MAAM,WAAW,GAAG,CACzB,IAAmB,EAclB,EAAE;IACH,IAAI,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;IAEzB,IAAA,cAAW,GAAE,CAAC;IAEd,MAAM,EAAE,GAAG,MAAM,YAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEjC,MAAM,eAAe,GAAG,EAAE,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;IAChD,MAAM,YAAY,GAAG,EAAE,CAAC,KAAK,CAAC,eAAe,EAAE,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;IAC5D,MAAM,SAAS,GAAG,EAAE,CAAC,KAAK,CAAC,YAAY,EAAE,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;IACtD,MAAM,UAAU,GAAG,EAAE,CAAC,KAAK,CAAC,aAAa,EAAE,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,EAAE,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;IACnD,MAAM,cAAc,GAAG,EAAE,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;IAC9C,MAAM,gBAAgB,GAAG,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;IAEvD,MAAM,uBAAuB,GAAG,IAAI,6BAAuB,CAAC,EAAE,eAAe,EAAE,IAAI,EAAE,CAAC,CAAC;IACvF,MAAM,eAAe,GAAG,IAAI,uBAAe,CAAC,EAAE,eAAe,EAAE,CAAC,CAAC;IACjE,MAAM,qBAAqB,GAAG,IAAI,oCAAqB,CAAC,EAAE,gBAAgB,EAAE,CAAC,CAAC;IAC9E,MAAM,qBAAqB,CAAC,IAAI,EAAE,CAAC;IACnC,MAAM,mBAAmB,GAAG,IAAI,gCAAmB,CAAC,EAAE,cAAc,EAAE,CAAC,CAAC;IAExE,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE;QACrB,OAAO,CAAC,IAAI,CACV,gIAAgI,CACjI,CAAC;QACF,MAAM,cAAc,GAAG,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;QACrD,MAAM,mBAAmB,GAAG,IAAI,+BAAmB,CAAC,EAAE,cAAc,EAAE,CAAC,CAAC;QACxE,MAAM,mBAAmB,CAAC,IAAI,EAAE,CAAC;KAClC;IAED,kDAAkD;IAClD,MAAM,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC;IAExC,MAAM,eAAe,GAAG,IAAI,uBAAe,CAAC;QAC1C,eAAe;QACf,YAAY;QACZ,SAAS;QACT,UAAU;QACV,IAAI;KACL,CAAC,CAAC;IAEH,MAAM,gBAAgB,GAAG,IAAI,yBAAgB,CAAC;QAC5C,eAAe;QACf,YAAY;QACZ,IAAI;KACL,CAAC,CAAC;IAEH,MAAM,uBAAuB,GAAG,IAAI,wCAAuB,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;IACtE,MAAM,QAAQ,GAAG,IAAI,wBAAY,CAAC,IAAI,CAAC,CAAC;IACxC,MAAM,uBAAuB,GAAG,MAAM,IAAA,wBAAiB,EAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IACtE,MAAM,uBAAuB,GAAG,MAAM,IAAA,wBAAiB,EAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IAEtE,0CAA0C;IAC1C,MAAM,mBAAmB,GAAG,IAAI,CAAC,mBAAmB,IAAI,IAAI,CAAC,eAAe,CAAC;IAC7E,IAAI,mBAAmB,IAAI,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAAE;QACzD,MAAM,WAAW,GAAG,MAAM,IAAA,wBAAc,EAAC,mBAAmB,CAAC,CAAC;QAE9D,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE;YACpC,IAAI,kBAAkB,IAAI,UAAU,EAAE;gBACpC,MAAM,uBAAuB,CAAC,oBAAoB,CAAC,UAAU,CAAC,CAAC;aAChE;iBAAM;gBACL,MAAM,uBAAuB,CAAC,oBAAoB,CAAC,UAAU,CAAC,CAAC;aAChE;YAED,OAAO,CAAC,IAAI,CAAC,iCAAiC,UAAU,CAAC,MAAM,kBAAkB,UAAU,CAAC,OAAO,GAAG,CAAC,CAAC;SACzG;KACF;IAED,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,MAAM,KAAK,KAAK,IAAI,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,GAAG,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;IAEtF,OAAO,CAAC,IAAI,CAAC,iBAAiB,IAAI,CAAC,EAAE,CAAC,MAAM,IAAI,IAAI,EAAE,CAAC,CAAC;IAExD,OAAO;QACL,QAAQ;QACR,aAAa,EAAE,uBAAuB;QACtC,uBAAuB;QACvB,eAAe;QACf,eAAe;QACf,gBAAgB;QAChB,qBAAqB;QACrB,mBAAmB;QACnB,uBAAuB;QACvB,uBAAuB;QACvB,uBAAuB;QACvB,YAAY,EAAE,GAAG,EAAE;YACjB,OAAO,IAAA,sBAAY,EAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAC7C,CAAC;KACF,CAAC;AACJ,CAAC,CAAA,CAAC;AAvGW,QAAA,WAAW,eAuGtB;AAEF,kBAAe,mBAAW,CAAC;AAE3B,4CAA0B;AAC1B,4DAA0C"}

package/dist/saml/lib.d.ts ADDED Viewed

@@ -0,0 +1,31 @@
+import type { SAMLProfile } from '@boxyhq/saml20/dist/typings';
+export declare const extractSAMLResponseAttributes: (decodedResponse: string, validateOpts: ValidateOption) => Promise<SAMLProfile>;
+export declare const extractSAMLRequestAttributes: (samlRequest: string) => Promise<{
+    id: string;
+    acsUrl: string;
+    entityId: string;
+    publicKey: string;
+    providerName: string;
+}>;
+export declare const createMetadataXML: ({ ssoUrl, entityId, x509cert, }: {
+    ssoUrl: string;
+    entityId: string;
+    x509cert: string;
+}) => Promise<string>;
+export declare const decodeBase64: (string: string, isDeflated: boolean) => Promise<string>;
+export declare const createSAMLResponse: ({ audience, issuer, acsUrl, profile, requestId, privateKey, publicKey, }: {
+    audience: string;
+    issuer: string;
+    acsUrl: string;
+    profile: SAMLProfile;
+    requestId: string;
+    privateKey: string;
+    publicKey: string;
+}) => Promise<string>;
+type ValidateOption = {
+    thumbprint: string;
+    audience: string;
+    privateKey: string;
+    inResponseTo?: string;
+};
+export {};