@boxyhq/saml-jackson 1.4.0 → 1.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (66) hide show
  1. package/dist/controller/analytics.d.ts +12 -0
  2. package/dist/controller/analytics.js +66 -0
  3. package/dist/controller/analytics.js.map +1 -0
  4. package/dist/controller/api.js +12 -1
  5. package/dist/controller/api.js.map +1 -1
  6. package/dist/controller/oauth.d.ts +3 -2
  7. package/dist/controller/oauth.js +132 -280
  8. package/dist/controller/oauth.js.map +1 -1
  9. package/dist/controller/saml-handler.d.ts +38 -0
  10. package/dist/controller/saml-handler.js +166 -0
  11. package/dist/controller/saml-handler.js.map +1 -0
  12. package/dist/controller/setup-link.d.ts +7 -7
  13. package/dist/controller/setup-link.js +56 -67
  14. package/dist/controller/setup-link.js.map +1 -1
  15. package/dist/controller/utils.d.ts +13 -1
  16. package/dist/controller/utils.js +45 -3
  17. package/dist/controller/utils.js.map +1 -1
  18. package/dist/db/db.d.ts +1 -1
  19. package/dist/db/db.js +2 -2
  20. package/dist/db/db.js.map +1 -1
  21. package/dist/db/mem.d.ts +2 -2
  22. package/dist/db/mem.js +27 -6
  23. package/dist/db/mem.js.map +1 -1
  24. package/dist/db/mongo.d.ts +2 -2
  25. package/dist/db/mongo.js +14 -8
  26. package/dist/db/mongo.js.map +1 -1
  27. package/dist/db/redis.d.ts +2 -2
  28. package/dist/db/redis.js +57 -5
  29. package/dist/db/redis.js.map +1 -1
  30. package/dist/db/sql/sql.d.ts +2 -2
  31. package/dist/db/sql/sql.js +19 -9
  32. package/dist/db/sql/sql.js.map +1 -1
  33. package/dist/db/store.js +2 -2
  34. package/dist/db/store.js.map +1 -1
  35. package/dist/db/utils.js +0 -1
  36. package/dist/db/utils.js.map +1 -1
  37. package/dist/directory-sync/Base.js +2 -2
  38. package/dist/directory-sync/Base.js.map +1 -1
  39. package/dist/directory-sync/WebhookEventsLogger.d.ts +4 -1
  40. package/dist/directory-sync/WebhookEventsLogger.js +3 -3
  41. package/dist/directory-sync/WebhookEventsLogger.js.map +1 -1
  42. package/dist/ee/common/checkLicense.d.ts +2 -0
  43. package/dist/ee/common/checkLicense.js +19 -0
  44. package/dist/ee/common/checkLicense.js.map +1 -0
  45. package/dist/ee/federated-saml/app.d.ts +19 -0
  46. package/dist/ee/federated-saml/app.js +126 -0
  47. package/dist/ee/federated-saml/app.js.map +1 -0
  48. package/dist/ee/federated-saml/index.d.ts +12 -0
  49. package/dist/ee/federated-saml/index.js +56 -0
  50. package/dist/ee/federated-saml/index.js.map +1 -0
  51. package/dist/ee/federated-saml/sso.d.ts +17 -0
  52. package/dist/ee/federated-saml/sso.js +76 -0
  53. package/dist/ee/federated-saml/sso.js.map +1 -0
  54. package/dist/ee/federated-saml/types.d.ts +18 -0
  55. package/dist/ee/federated-saml/types.js +3 -0
  56. package/dist/ee/federated-saml/types.js.map +1 -0
  57. package/dist/index.d.ts +7 -0
  58. package/dist/index.js +18 -2
  59. package/dist/index.js.map +1 -1
  60. package/dist/saml/lib.d.ts +31 -0
  61. package/dist/saml/lib.js +217 -0
  62. package/dist/saml/lib.js.map +1 -0
  63. package/dist/typings.d.ts +28 -21
  64. package/dist/typings.js +15 -0
  65. package/dist/typings.js.map +1 -1
  66. package/package.json +12 -16
package/dist/saml/lib.js ADDED
@@ -0,0 +1,217 @@
1
+ "use strict";
2
+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
+ return new (P || (P = Promise))(function (resolve, reject) {
5
+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
9
+ });
10
+ };
11
+ var __importDefault = (this && this.__importDefault) || function (mod) {
12
+ return (mod && mod.__esModule) ? mod : { "default": mod };
13
+ };
14
+ Object.defineProperty(exports, "__esModule", { value: true });
15
+ exports.createSAMLResponse = exports.decodeBase64 = exports.createMetadataXML = exports.extractSAMLRequestAttributes = exports.extractSAMLResponseAttributes = void 0;
16
+ const crypto_1 = __importDefault(require("crypto"));
17
+ const xml2js_1 = __importDefault(require("xml2js"));
18
+ const zlib_1 = require("zlib");
19
+ const util_1 = require("util");
20
+ const saml20_1 = __importDefault(require("@boxyhq/saml20"));
21
+ const xmlbuilder_1 = __importDefault(require("xmlbuilder"));
22
+ const claims_1 = __importDefault(require("../saml/claims"));
23
+ // Validate the SAMLResponse and extract the user profile
24
+ const extractSAMLResponseAttributes = (decodedResponse, validateOpts) => __awaiter(void 0, void 0, void 0, function* () {
25
+ const attributes = yield saml20_1.default.validate(decodedResponse, validateOpts);
26
+ if (attributes && attributes.claims) {
27
+ // We map claims to our attributes id, email, firstName, lastName where possible. We also map original claims to raw
28
+ attributes.claims = claims_1.default.map(attributes.claims);
29
+ // Some providers don't return the id in the assertion, we set it to a sha256 hash of the email
30
+ if (!attributes.claims.id && attributes.claims.email) {
31
+ attributes.claims.id = crypto_1.default.createHash('sha256').update(attributes.claims.email).digest('hex');
32
+ }
33
+ }
34
+ return attributes;
35
+ });
36
+ exports.extractSAMLResponseAttributes = extractSAMLResponseAttributes;
37
+ const extractSAMLRequestAttributes = (samlRequest) => __awaiter(void 0, void 0, void 0, function* () {
38
+ const decodeRequest = yield (0, exports.decodeBase64)(samlRequest, true);
39
+ const result = yield parseXML(decodeRequest);
40
+ const publicKey = result['samlp:AuthnRequest']['Signature']
41
+ ? result['samlp:AuthnRequest']['Signature'][0]['KeyInfo'][0]['X509Data'][0]['X509Certificate'][0]
42
+ : null;
43
+ const attributes = result['samlp:AuthnRequest']['$'];
44
+ const id = attributes.ID;
45
+ const providerName = attributes.ProviderName;
46
+ const acsUrl = attributes.AssertionConsumerServiceURL;
47
+ const entityId = result['samlp:AuthnRequest']['saml:Issuer'][0];
48
+ if (!entityId) {
49
+ throw new Error("Missing 'Entity ID' in SAML Request.");
50
+ }
51
+ if (!acsUrl) {
52
+ throw new Error("Missing 'ACS URL' in SAML Request.");
53
+ }
54
+ return {
55
+ id,
56
+ acsUrl,
57
+ entityId,
58
+ publicKey,
59
+ providerName,
60
+ };
61
+ });
62
+ exports.extractSAMLRequestAttributes = extractSAMLRequestAttributes;
63
+ // Create Metadata XML
64
+ const createMetadataXML = ({ ssoUrl, entityId, x509cert, }) => __awaiter(void 0, void 0, void 0, function* () {
65
+ x509cert = saml20_1.default.stripCertHeaderAndFooter(x509cert);
66
+ const today = new Date();
67
+ const nodes = {
68
+ 'md:EntityDescriptor': {
69
+ '@xmlns:md': 'urn:oasis:names:tc:SAML:2.0:metadata',
70
+ '@entityID': entityId,
71
+ '@validUntil': new Date(today.setFullYear(today.getFullYear() + 10)).toISOString(),
72
+ 'md:IDPSSODescriptor': {
73
+ '@WantAuthnRequestsSigned': false,
74
+ '@protocolSupportEnumeration': 'urn:oasis:names:tc:SAML:2.0:protocol',
75
+ 'md:KeyDescriptor': {
76
+ '@use': 'signing',
77
+ 'ds:KeyInfo': {
78
+ '@xmlns:ds': 'http://www.w3.org/2000/09/xmldsig#',
79
+ 'ds:X509Data': {
80
+ 'ds:X509Certificate': {
81
+ '#text': x509cert,
82
+ },
83
+ },
84
+ },
85
+ },
86
+ 'md:NameIDFormat': {
87
+ '#text': 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
88
+ },
89
+ 'md:SingleSignOnService': [
90
+ {
91
+ '@Binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
92
+ '@Location': ssoUrl,
93
+ },
94
+ {
95
+ '@Binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
96
+ '@Location': ssoUrl,
97
+ },
98
+ ],
99
+ },
100
+ },
101
+ };
102
+ return xmlbuilder_1.default.create(nodes, { encoding: 'UTF-8', standalone: false }).end({ pretty: true });
103
+ });
104
+ exports.createMetadataXML = createMetadataXML;
105
+ // Decode the base64 string
106
+ const decodeBase64 = (string, isDeflated) => __awaiter(void 0, void 0, void 0, function* () {
107
+ const inflateRawAsync = (0, util_1.promisify)(zlib_1.inflateRaw);
108
+ return isDeflated
109
+ ? (yield inflateRawAsync(Buffer.from(string, 'base64'))).toString()
110
+ : Buffer.from(string, 'base64').toString();
111
+ });
112
+ exports.decodeBase64 = decodeBase64;
113
+ // Parse XML
114
+ const parseXML = (xml) => __awaiter(void 0, void 0, void 0, function* () {
115
+ return new Promise((resolve, reject) => {
116
+ xml2js_1.default.parseString(xml, (err, result) => {
117
+ if (err) {
118
+ reject(err);
119
+ }
120
+ resolve(result);
121
+ });
122
+ });
123
+ });
124
+ const randomId = () => {
125
+ return '_' + crypto_1.default.randomBytes(10).toString('hex');
126
+ };
127
+ // Create SAML Response and sign it
128
+ const createSAMLResponse = ({ audience, issuer, acsUrl, profile, requestId, privateKey, publicKey, }) => __awaiter(void 0, void 0, void 0, function* () {
129
+ const authDate = new Date();
130
+ const authTimestamp = authDate.toISOString();
131
+ authDate.setMinutes(authDate.getMinutes() - 5);
132
+ const notBefore = authDate.toISOString();
133
+ authDate.setMinutes(authDate.getMinutes() + 10);
134
+ const notAfter = authDate.toISOString();
135
+ const nodes = {
136
+ 'samlp:Response': {
137
+ '@xmlns:samlp': 'urn:oasis:names:tc:SAML:2.0:protocol',
138
+ '@Version': '2.0',
139
+ '@ID': randomId(),
140
+ '@Destination': acsUrl,
141
+ '@InResponseTo': requestId,
142
+ '@IssueInstant': authTimestamp,
143
+ 'saml:Issuer': {
144
+ '@xmlns:saml': 'urn:oasis:names:tc:SAML:2.0:assertion',
145
+ '@Format': 'urn:oasis:names:tc:SAML:2.0:assertion',
146
+ '#text': issuer,
147
+ },
148
+ 'samlp:Status': {
149
+ 'samlp:StatusCode': {
150
+ '@Value': 'urn:oasis:names:tc:SAML:2.0:status:Success',
151
+ },
152
+ },
153
+ 'saml:Assertion': {
154
+ '@xmlns:saml': 'urn:oasis:names:tc:SAML:2.0:assertion',
155
+ '@Version': '2.0',
156
+ '@ID': randomId(),
157
+ '@IssueInstant': authTimestamp,
158
+ 'saml:Issuer': {
159
+ '#text': issuer,
160
+ },
161
+ 'saml:Subject': {
162
+ '@xmlns:saml': 'urn:oasis:names:tc:SAML:2.0:assertion',
163
+ 'saml:NameID': {
164
+ '@Format': 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
165
+ '#text': profile.claims.email,
166
+ },
167
+ 'saml:SubjectConfirmation': {
168
+ '@Method': 'urn:oasis:names:tc:SAML:2.0:cm:bearer',
169
+ 'saml:SubjectConfirmationData': {
170
+ '@Recipient': acsUrl,
171
+ '@NotOnOrAfter': notAfter,
172
+ '@InResponseTo': requestId,
173
+ },
174
+ },
175
+ },
176
+ 'saml:Conditions': {
177
+ '@NotBefore': notBefore,
178
+ '@NotOnOrAfter': notAfter,
179
+ 'saml:AudienceRestriction': {
180
+ 'saml:Audience': {
181
+ '#text': audience,
182
+ },
183
+ },
184
+ },
185
+ 'saml:AuthnStatement': {
186
+ '@AuthnInstant': authTimestamp,
187
+ '@SessionIndex': '_YIlFoNFzLMDYxdwf-T_BuimfkGa5qhKg',
188
+ 'saml:AuthnContext': {
189
+ 'saml:AuthnContextClassRef': {
190
+ '#text': 'urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified',
191
+ },
192
+ },
193
+ },
194
+ 'saml:AttributeStatement': {
195
+ '@xmlns:xs': 'http://www.w3.org/2001/XMLSchema',
196
+ '@xmlns:xsi': 'http://www.w3.org/2001/XMLSchema-instance',
197
+ 'saml:Attribute': Object.keys(profile.claims.raw).map((attributeName) => {
198
+ return {
199
+ '@Name': attributeName,
200
+ '@NameFormat': 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
201
+ 'saml:AttributeValue': {
202
+ '@xmlns:xs': 'http://www.w3.org/2001/XMLSchema',
203
+ '@xmlns:xsi': 'http://www.w3.org/2001/XMLSchema-instance',
204
+ '@xsi:type': 'xs:string',
205
+ '#text': profile.claims.raw[attributeName],
206
+ },
207
+ };
208
+ }),
209
+ },
210
+ },
211
+ },
212
+ };
213
+ const xml = xmlbuilder_1.default.create(nodes, { encoding: 'UTF-8' }).end();
214
+ return yield saml20_1.default.sign(xml, privateKey, publicKey, '/*[local-name(.)="Response" and namespace-uri(.)="urn:oasis:names:tc:SAML:2.0:protocol"]');
215
+ });
216
+ exports.createSAMLResponse = createSAMLResponse;
217
+ //# sourceMappingURL=lib.js.map
package/dist/saml/lib.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"lib.js","sourceRoot":"","sources":["../../src/saml/lib.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,oDAA4B;AAC5B,oDAA4B;AAC5B,+BAAkC;AAClC,+BAAiC;AACjC,4DAAkC;AAClC,4DAAoC;AAGpC,4DAAoC;AAEpC,yDAAyD;AAClD,MAAM,6BAA6B,GAAG,CAC3C,eAAuB,EACvB,YAA4B,EAC5B,EAAE;IACF,MAAM,UAAU,GAAG,MAAM,gBAAI,CAAC,QAAQ,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;IAEtE,IAAI,UAAU,IAAI,UAAU,CAAC,MAAM,EAAE;QACnC,oHAAoH;QACpH,UAAU,CAAC,MAAM,GAAG,gBAAM,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QAElD,+FAA+F;QAC/F,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,IAAI,UAAU,CAAC,MAAM,CAAC,KAAK,EAAE;YACpD,UAAU,CAAC,MAAM,CAAC,EAAE,GAAG,gBAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;SAClG;KACF;IAED,OAAO,UAAU,CAAC;AACpB,CAAC,CAAA,CAAC;AAjBW,QAAA,6BAA6B,iCAiBxC;AAEK,MAAM,4BAA4B,GAAG,CAAO,WAAmB,EAAE,EAAE;IACxE,MAAM,aAAa,GAAG,MAAM,IAAA,oBAAY,EAAC,WAAW,EAAE,IAAI,CAAC,CAAC;IAC5D,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,aAAa,CAAC,CAAC;IAE7C,MAAM,SAAS,GAAW,MAAM,CAAC,oBAAoB,CAAC,CAAC,WAAW,CAAC;QACjE,CAAC,CAAC,MAAM,CAAC,oBAAoB,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC;QACjG,CAAC,CAAC,IAAI,CAAC;IAET,MAAM,UAAU,GAAG,MAAM,CAAC,oBAAoB,CAAC,CAAC,GAAG,CAAC,CAAC;IAErD,MAAM,EAAE,GAAW,UAAU,CAAC,EAAE,CAAC;IACjC,MAAM,YAAY,GAAW,UAAU,CAAC,YAAY,CAAC;IACrD,MAAM,MAAM,GAAW,UAAU,CAAC,2BAA2B,CAAC;IAC9D,MAAM,QAAQ,GAAW,MAAM,CAAC,oBAAoB,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC;IAExE,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;KACzD;IAED,IAAI,CAAC,MAAM,EAAE;QACX,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;KACvD;IAED,OAAO;QACL,EAAE;QACF,MAAM;QACN,QAAQ;QACR,SAAS;QACT,YAAY;KACb,CAAC;AACJ,CAAC,CAAA,CAAC;AA9BW,QAAA,4BAA4B,gCA8BvC;AAEF,sBAAsB;AACf,MAAM,iBAAiB,GAAG,CAAO,EACtC,MAAM,EACN,QAAQ,EACR,QAAQ,GAKT,EAAmB,EAAE;IACpB,QAAQ,GAAG,gBAAI,CAAC,wBAAwB,CAAC,QAAQ,CAAC,CAAC;IAEnD,MAAM,KAAK,GAAG,IAAI,IAAI,EAAE,CAAC;IACzB,MAAM,KAAK,GAAG;QACZ,qBAAqB,EAAE;YACrB,WAAW,EAAE,sCAAsC;YACnD,WAAW,EAAE,QAAQ;YACrB,aAAa,EAAE,IAAI,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,WAAW,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE;YAClF,qBAAqB,EAAE;gBACrB,0BAA0B,EAAE,KAAK;gBACjC,6BAA6B,EAAE,sCAAsC;gBACrE,kBAAkB,EAAE;oBAClB,MAAM,EAAE,SAAS;oBACjB,YAAY,EAAE;wBACZ,WAAW,EAAE,oCAAoC;wBACjD,aAAa,EAAE;4BACb,oBAAoB,EAAE;gCACpB,OAAO,EAAE,QAAQ;6BAClB;yBACF;qBACF;iBACF;gBACD,iBAAiB,EAAE;oBACjB,OAAO,EAAE,wDAAwD;iBAClE;gBACD,wBAAwB,EAAE;oBACxB;wBACE,UAAU,EAAE,oDAAoD;wBAChE,WAAW,EAAE,MAAM;qBACpB;oBACD;wBACE,UAAU,EAAE,gDAAgD;wBAC5D,WAAW,EAAE,MAAM;qBACpB;iBACF;aACF;SACF;KACF,CAAC;IAEF,OAAO,oBAAU,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;AAClG,CAAC,CAAA,CAAC;AAjDW,QAAA,iBAAiB,qBAiD5B;AAEF,2BAA2B;AACpB,MAAM,YAAY,GAAG,CAAO,MAAc,EAAE,UAAmB,EAAE,EAAE;IACxE,MAAM,eAAe,GAAG,IAAA,gBAAS,EAAC,iBAAU,CAAC,CAAC;IAE9C,OAAO,UAAU;QACf,CAAC,CAAC,CAAC,MAAM,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;QACnE,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC;AAC/C,CAAC,CAAA,CAAC;AANW,QAAA,YAAY,gBAMvB;AAEF,YAAY;AACZ,MAAM,QAAQ,GAAG,CAAO,GAAW,EAAmC,EAAE;IACtE,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,gBAAM,CAAC,WAAW,CAAC,GAAG,EAAE,CAAC,GAAiB,EAAE,MAAW,EAAE,EAAE;YACzD,IAAI,GAAG,EAAE;gBACP,MAAM,CAAC,GAAG,CAAC,CAAC;aACb;YAED,OAAO,CAAC,MAAM,CAAC,CAAC;QAClB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAA,CAAC;AAEF,MAAM,QAAQ,GAAG,GAAG,EAAE;IACpB,OAAO,GAAG,GAAG,gBAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACtD,CAAC,CAAC;AAEF,mCAAmC;AAC5B,MAAM,kBAAkB,GAAG,CAAO,EACvC,QAAQ,EACR,MAAM,EACN,MAAM,EACN,OAAO,EACP,SAAS,EACT,UAAU,EACV,SAAS,GASV,EAAmB,EAAE;IACpB,MAAM,QAAQ,GAAG,IAAI,IAAI,EAAE,CAAC;IAC5B,MAAM,aAAa,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IAE7C,QAAQ,CAAC,UAAU,CAAC,QAAQ,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC;IAC/C,MAAM,SAAS,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IAEzC,QAAQ,CAAC,UAAU,CAAC,QAAQ,CAAC,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;IAChD,MAAM,QAAQ,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IAExC,MAAM,KAAK,GAAG;QACZ,gBAAgB,EAAE;YAChB,cAAc,EAAE,sCAAsC;YACtD,UAAU,EAAE,KAAK;YACjB,KAAK,EAAE,QAAQ,EAAE;YACjB,cAAc,EAAE,MAAM;YACtB,eAAe,EAAE,SAAS;YAC1B,eAAe,EAAE,aAAa;YAC9B,aAAa,EAAE;gBACb,aAAa,EAAE,uCAAuC;gBACtD,SAAS,EAAE,uCAAuC;gBAClD,OAAO,EAAE,MAAM;aAChB;YACD,cAAc,EAAE;gBACd,kBAAkB,EAAE;oBAClB,QAAQ,EAAE,4CAA4C;iBACvD;aACF;YACD,gBAAgB,EAAE;gBAChB,aAAa,EAAE,uCAAuC;gBACtD,UAAU,EAAE,KAAK;gBACjB,KAAK,EAAE,QAAQ,EAAE;gBACjB,eAAe,EAAE,aAAa;gBAC9B,aAAa,EAAE;oBACb,OAAO,EAAE,MAAM;iBAChB;gBACD,cAAc,EAAE;oBACd,aAAa,EAAE,uCAAuC;oBACtD,aAAa,EAAE;wBACb,SAAS,EAAE,wDAAwD;wBACnE,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC,KAAK;qBAC9B;oBACD,0BAA0B,EAAE;wBAC1B,SAAS,EAAE,uCAAuC;wBAClD,8BAA8B,EAAE;4BAC9B,YAAY,EAAE,MAAM;4BACpB,eAAe,EAAE,QAAQ;4BACzB,eAAe,EAAE,SAAS;yBAC3B;qBACF;iBACF;gBACD,iBAAiB,EAAE;oBACjB,YAAY,EAAE,SAAS;oBACvB,eAAe,EAAE,QAAQ;oBACzB,0BAA0B,EAAE;wBAC1B,eAAe,EAAE;4BACf,OAAO,EAAE,QAAQ;yBAClB;qBACF;iBACF;gBACD,qBAAqB,EAAE;oBACrB,eAAe,EAAE,aAAa;oBAC9B,eAAe,EAAE,mCAAmC;oBACpD,mBAAmB,EAAE;wBACnB,2BAA2B,EAAE;4BAC3B,OAAO,EAAE,oDAAoD;yBAC9D;qBACF;iBACF;gBACD,yBAAyB,EAAE;oBACzB,WAAW,EAAE,kCAAkC;oBAC/C,YAAY,EAAE,2CAA2C;oBACzD,gBAAgB,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,aAAa,EAAE,EAAE;wBACtE,OAAO;4BACL,OAAO,EAAE,aAAa;4BACtB,aAAa,EAAE,mDAAmD;4BAClE,qBAAqB,EAAE;gCACrB,WAAW,EAAE,kCAAkC;gCAC/C,YAAY,EAAE,2CAA2C;gCACzD,WAAW,EAAE,WAAW;gCACxB,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC;6BAC3C;yBACF,CAAC;oBACJ,CAAC,CAAC;iBACH;aACF;SACF;KACF,CAAC;IAEF,MAAM,GAAG,GAAG,oBAAU,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC;IAElE,OAAO,MAAM,gBAAI,CAAC,IAAI,CACpB,GAAG,EACH,UAAU,EACV,SAAS,EACT,0FAA0F,CAC3F,CAAC;AACJ,CAAC,CAAA,CAAC;AAjHW,QAAA,kBAAkB,sBAiH7B"}
package/dist/typings.d.ts CHANGED
@@ -1,4 +1,5 @@
1
1
  import { type JWK } from 'jose';
2
+ export * from '../src/ee/federated-saml/types';
2
3
  interface SSOConnection {
3
4
  defaultRedirectUrl: string;
4
5
  redirectUrl: string[] | string;
@@ -68,7 +69,9 @@ type TenantProduct = {
68
69
  tenant: string;
69
70
  product: string;
70
71
  };
71
- export type GetConnectionsQuery = ClientIDQuery | TenantQuery;
72
+ export type GetConnectionsQuery = ClientIDQuery | TenantQuery | {
73
+ entityId: string;
74
+ };
72
75
  export type GetIDPEntityIDBody = TenantProduct;
73
76
  export type DelConnectionsQuery = (ClientIDQuery & {
74
77
  clientSecret: string;
@@ -119,6 +122,7 @@ export interface IOAuthController {
119
122
  samlResponse(body: SAMLResponsePayload): Promise<{
120
123
  redirect_url?: string;
121
124
  app_select_form?: string;
125
+ responseForm?: string;
122
126
  }>;
123
127
  oidcAuthzResponse(body: OIDCAuthzResponsePayload): Promise<{
124
128
  redirect_url?: string;
@@ -248,14 +252,14 @@ export interface DatabaseDriver {
248
252
  get(namespace: string, key: string): Promise<any>;
249
253
  put(namespace: string, key: string, val: any, ttl: number, ...indexes: Index[]): Promise<any>;
250
254
  delete(namespace: string, key: string): Promise<any>;
251
- getByIndex(namespace: string, idx: Index): Promise<any>;
255
+ getByIndex(namespace: string, idx: Index, pageOffset?: number, pageLimit?: number): Promise<any>;
252
256
  }
253
257
  export interface Storable {
254
258
  getAll(pageOffset?: number, pageLimit?: number): Promise<any[]>;
255
259
  get(key: string): Promise<any>;
256
260
  put(key: string, val: any, ...indexes: Index[]): Promise<any>;
257
261
  delete(key: string): Promise<any>;
258
- getByIndex(idx: Index): Promise<any>;
262
+ getByIndex(idx: Index, pageOffset?: number, pageLimit?: number): Promise<any>;
259
263
  }
260
264
  export interface DatabaseStore {
261
265
  store(namespace: string): Storable;
@@ -301,6 +305,12 @@ export interface JacksonOption {
301
305
  publicKey: string;
302
306
  privateKey: string;
303
307
  };
308
+ boxyhqLicenseKey?: string;
309
+ retraced?: {
310
+ host?: string;
311
+ adminToken?: string;
312
+ };
313
+ noAnalytics?: boolean;
304
314
  }
305
315
  export interface SLORequestParams {
306
316
  nameId: string;
@@ -546,7 +556,10 @@ export interface IDirectoryGroups {
546
556
  }
547
557
  export interface IWebhookEventsLogger extends Base {
548
558
  log(directory: Directory, event: DirectorySyncEvent): Promise<WebhookEventLog>;
549
- getAll(): Promise<WebhookEventLog[]>;
559
+ getAll({ pageOffset, pageLimit }: {
560
+ pageOffset?: number;
561
+ pageLimit?: number;
562
+ }): Promise<WebhookEventLog[]>;
550
563
  get(id: string): Promise<WebhookEventLog>;
551
564
  clear(): Promise<void>;
552
565
  delete(id: string): Promise<void>;
@@ -614,29 +627,23 @@ export interface WebhookEventLog extends DirectorySyncEvent {
614
627
  export type SetupLinkCreatePayload = {
615
628
  tenant: string;
616
629
  product: string;
617
- service: 'sso' | 'dsync';
630
+ name?: string;
631
+ description?: string;
632
+ defaultRedirectUrl?: string;
633
+ redirectUrl?: string;
634
+ service: SetupLinkService;
618
635
  regenerate?: boolean;
619
636
  };
620
- export type SetupLinkRegeneratePayload = {
621
- reference: string;
622
- };
623
637
  export type SetupLink = {
624
638
  setupID: string;
625
639
  tenant: string;
640
+ name?: string;
641
+ description?: string;
642
+ defaultRedirectUrl?: string;
643
+ redirectUrl?: string;
626
644
  product: string;
627
645
  url: string;
628
- service: string;
646
+ service: SetupLinkService;
629
647
  validTill: number;
630
648
  };
631
- export type ApiResponse<T> = {
632
- data: T | null;
633
- error: ApiError | null;
634
- };
635
- export interface ISetupLinkController {
636
- create(body: SetupLinkCreatePayload): Promise<ApiResponse<SetupLink>>;
637
- getAll(): Promise<ApiResponse<SetupLink[]>>;
638
- getByService(service: any): Promise<ApiResponse<SetupLink[]>>;
639
- getByToken(token: any): Promise<ApiResponse<SetupLink>>;
640
- remove(key: string): Promise<ApiResponse<boolean>>;
641
- }
642
- export {};
649
+ export type SetupLinkService = 'sso' | 'dsync';
package/dist/typings.js CHANGED
@@ -1,6 +1,21 @@
1
1
  "use strict";
2
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
+ if (k2 === undefined) k2 = k;
4
+ var desc = Object.getOwnPropertyDescriptor(m, k);
5
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
+ desc = { enumerable: true, get: function() { return m[k]; } };
7
+ }
8
+ Object.defineProperty(o, k2, desc);
9
+ }) : (function(o, m, k, k2) {
10
+ if (k2 === undefined) k2 = k;
11
+ o[k2] = m[k];
12
+ }));
13
+ var __exportStar = (this && this.__exportStar) || function(m, exports) {
14
+ for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
15
+ };
2
16
  Object.defineProperty(exports, "__esModule", { value: true });
3
17
  exports.DirectorySyncProviders = void 0;
18
+ __exportStar(require("../src/ee/federated-saml/types"), exports);
4
19
  var DirectorySyncProviders;
5
20
  (function (DirectorySyncProviders) {
6
21
  DirectorySyncProviders["azure-scim-v2"] = "Azure SCIM v2.0";
package/dist/typings.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"typings.js","sourceRoot":"","sources":["../src/typings.ts"],"names":[],"mappings":";;;AAkfA,IAAY,sBAMX;AAND,WAAY,sBAAsB;IAChC,2DAAmC,CAAA;IACnC,iEAAyC,CAAA;IACzC,yDAAiC,CAAA;IACjC,8DAAsC,CAAA;IACtC,+DAAuC,CAAA;AACzC,CAAC,EANW,sBAAsB,GAAtB,8BAAsB,KAAtB,8BAAsB,QAMjC"}
1
+ {"version":3,"file":"typings.js","sourceRoot":"","sources":["../src/typings.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAEA,iEAA+C;AA0f/C,IAAY,sBAMX;AAND,WAAY,sBAAsB;IAChC,2DAAmC,CAAA;IACnC,iEAAyC,CAAA;IACzC,yDAAiC,CAAA;IACjC,8DAAsC,CAAA;IACtC,+DAAuC,CAAA;AACzC,CAAC,EANW,sBAAsB,GAAtB,8BAAsB,KAAtB,8BAAsB,QAMjC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@boxyhq/saml-jackson",
3
- "version": "1.4.0",
3
+ "version": "1.5.1",
4
4
  "description": "SAML Jackson library",
5
5
  "keywords": [
6
6
  "SAML 2.0"
@@ -29,7 +29,7 @@
29
29
  "db:migration:run:mariadb": "cross-env DB_TYPE=mariadb DB_URL=mariadb://root@localhost:3306/mysql ts-node --transpile-only ./node_modules/typeorm/cli.js migration:run -d typeorm.ts",
30
30
  "db:migration:run:mssql": "cross-env DB_TYPE=mssql DB_URL='sqlserver://localhost:1433;database=master;username=sa;password=123ABabc!' ts-node --transpile-only ./node_modules/typeorm/cli.js migration:run -d typeorm.ts",
31
31
  "prepublishOnly": "npm run build",
32
- "test": "tap --ts --timeout=100 --coverage-map=map.js test/**/*.test.ts",
32
+ "test": "cross-env BOXYHQ_NO_ANALYTICS=1 tap --ts --timeout=100 --coverage-map=map.js test/**/*.test.ts",
33
33
  "sort": "npx sort-package-json"
34
34
  },
35
35
  "tap": {
@@ -42,10 +42,11 @@
42
42
  "dependencies": {
43
43
  "@boxyhq/saml20": "1.1.0",
44
44
  "@opentelemetry/api": "1.3.0",
45
- "axios": "1.1.3",
46
- "jose": "4.11.1",
47
- "marked": "4.2.4",
48
- "mongodb": "4.12.1",
45
+ "axios": "1.2.2",
46
+ "jose": "4.11.2",
47
+ "marked": "4.2.5",
48
+ "mixpanel": "0.17.0",
49
+ "mongodb": "4.13.0",
49
50
  "mssql": "9.0.1",
50
51
  "mysql2": "2.3.3",
51
52
  "node-forge": "1.3.1",
@@ -60,20 +61,15 @@
60
61
  },
61
62
  "devDependencies": {
62
63
  "@faker-js/faker": "7.6.0",
63
- "@types/node": "18.11.13",
64
+ "@types/node": "18.11.18",
64
65
  "@types/sinon": "10.0.13",
65
66
  "@types/tap": "15.0.7",
66
- "@typescript-eslint/eslint-plugin": "5.44.0",
67
- "@typescript-eslint/parser": "5.45.1",
68
67
  "cross-env": "7.0.3",
69
- "eslint": "8.28.0",
70
- "eslint-config-prettier": "8.5.0",
71
- "prettier": "2.8.0",
72
- "sinon": "14.0.2",
73
- "tap": "16.3.2",
68
+ "sinon": "15.0.1",
69
+ "tap": "16.3.3",
74
70
  "ts-node": "10.9.1",
75
- "tsconfig-paths": "4.1.1",
76
- "typescript": "4.9.3"
71
+ "tsconfig-paths": "4.1.2",
72
+ "typescript": "4.9.4"
77
73
  },
78
74
  "engines": {
79
75
  "node": ">=14.18.1 <=18.x"