@rockcarver/frodo-lib 0.17.2 → 0.17.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (94) hide show
  1. package/CHANGELOG.md +9 -1
  2. package/cjs/api/ApiTypes.js +16 -16
  3. package/cjs/api/ApiTypes.js.map +1 -1
  4. package/cjs/api/IdmConfigApi.js +28 -7
  5. package/cjs/api/IdmConfigApi.js.map +1 -1
  6. package/cjs/api/Saml2Api.js +36 -14
  7. package/cjs/api/Saml2Api.js.map +1 -1
  8. package/cjs/api/ScriptApi.js +23 -2
  9. package/cjs/api/ScriptApi.js.map +1 -1
  10. package/cjs/api/SocialIdentityProvidersApi.js +22 -0
  11. package/cjs/api/SocialIdentityProvidersApi.js.map +1 -1
  12. package/cjs/index.js +3 -1
  13. package/cjs/index.js.map +1 -1
  14. package/cjs/ops/AgentOps.test.js.map +1 -1
  15. package/cjs/ops/ConnectionProfileOps.test.js.map +1 -1
  16. package/cjs/ops/EmailTemplateOps.test.js.map +1 -1
  17. package/cjs/ops/IdmOps.test.js.map +1 -1
  18. package/cjs/ops/IdpOps.js +182 -275
  19. package/cjs/ops/IdpOps.js.map +1 -1
  20. package/cjs/ops/IdpOps.test.js.map +1 -1
  21. package/cjs/ops/JourneyOps.js +49 -35
  22. package/cjs/ops/JourneyOps.js.map +1 -1
  23. package/cjs/ops/JourneyOps.test.js.map +1 -1
  24. package/cjs/ops/OpsTypes.js.map +1 -1
  25. package/cjs/ops/Saml2Ops.js +104 -57
  26. package/cjs/ops/Saml2Ops.js.map +1 -1
  27. package/cjs/ops/Saml2Ops.test.js.map +1 -1
  28. package/cjs/ops/ScriptOps.js +193 -186
  29. package/cjs/ops/ScriptOps.js.map +1 -1
  30. package/cjs/ops/ScriptOps.test.js.map +1 -0
  31. package/cjs/test/mocks/ForgeRockApiMockEngine.js +6 -108
  32. package/cjs/test/mocks/ForgeRockApiMockEngine.js.map +1 -1
  33. package/cjs/test/mocks/JourneyOps/importJourney/FrodoTestJourney1.journey.json +148 -0
  34. package/cjs/test/mocks/JourneyOps/importJourney/FrodoTestJourney2.journey.json +76 -0
  35. package/cjs/test/mocks/JourneyOps/importJourney/FrodoTestJourney3.journey.json +873 -0
  36. package/cjs/test/mocks/JourneyOps/importJourney/FrodoTestJourney4.journey.json +930 -0
  37. package/cjs/test/mocks/JourneyOps/importJourney/FrodoTestJourney5.journey.json +873 -0
  38. package/cjs/test/mocks/JourneyOps/importJourney/FrodoTestJourney6.journey.json +148 -0
  39. package/cjs/test/mocks/JourneyOps/importJourney/FrodoTestJourney7.journey.json +148 -0
  40. package/cjs/test/mocks/JourneyOps/importJourney/FrodoTestJourney8.journey.json +148 -0
  41. package/cjs/test/mocks/JourneyOps/importJourney/FrodoTestJourney9.journey.json +148 -0
  42. package/esm/api/ApiTypes.mjs +16 -16
  43. package/esm/api/IdmConfigApi.mjs +19 -4
  44. package/esm/api/Saml2Api.mjs +17 -1
  45. package/esm/api/ScriptApi.mjs +17 -2
  46. package/esm/api/SocialIdentityProvidersApi.mjs +16 -0
  47. package/esm/index.mjs +1 -0
  48. package/esm/ops/AgentOps.test.mjs +1 -1
  49. package/esm/ops/ConnectionProfileOps.test.mjs +94 -54
  50. package/esm/ops/EmailTemplateOps.test.mjs +140 -28
  51. package/esm/ops/IdmOps.test.mjs +159 -62
  52. package/esm/ops/IdpOps.mjs +140 -211
  53. package/esm/ops/IdpOps.test.mjs +651 -52
  54. package/esm/ops/JourneyOps.mjs +30 -21
  55. package/esm/ops/JourneyOps.test.mjs +220 -246
  56. package/esm/ops/Saml2Ops.mjs +66 -31
  57. package/esm/ops/Saml2Ops.test.mjs +399 -333
  58. package/esm/ops/ScriptOps.mjs +148 -152
  59. package/esm/ops/ScriptOps.test.mjs +282 -0
  60. package/esm/test/mocks/ForgeRockApiMockEngine.mjs +5 -98
  61. package/esm/test/mocks/JourneyOps/importJourney/FrodoTestJourney1.journey.json +148 -0
  62. package/esm/test/mocks/JourneyOps/importJourney/FrodoTestJourney2.journey.json +76 -0
  63. package/esm/test/mocks/JourneyOps/importJourney/FrodoTestJourney3.journey.json +873 -0
  64. package/esm/test/mocks/JourneyOps/importJourney/FrodoTestJourney4.journey.json +930 -0
  65. package/esm/test/mocks/JourneyOps/importJourney/FrodoTestJourney5.journey.json +873 -0
  66. package/esm/test/mocks/JourneyOps/importJourney/FrodoTestJourney6.journey.json +148 -0
  67. package/esm/test/mocks/JourneyOps/importJourney/FrodoTestJourney7.journey.json +148 -0
  68. package/esm/test/mocks/JourneyOps/importJourney/FrodoTestJourney8.journey.json +148 -0
  69. package/esm/test/mocks/JourneyOps/importJourney/FrodoTestJourney9.journey.json +148 -0
  70. package/package.json +10 -2
  71. package/types/api/ApiTypes.d.ts +21 -21
  72. package/types/api/ApiTypes.d.ts.map +1 -1
  73. package/types/api/IdmConfigApi.d.ts +11 -5
  74. package/types/api/IdmConfigApi.d.ts.map +1 -1
  75. package/types/api/Saml2Api.d.ts +8 -1
  76. package/types/api/Saml2Api.d.ts.map +1 -1
  77. package/types/api/ScriptApi.d.ts +7 -1
  78. package/types/api/ScriptApi.d.ts.map +1 -1
  79. package/types/api/SocialIdentityProvidersApi.d.ts +7 -0
  80. package/types/api/SocialIdentityProvidersApi.d.ts.map +1 -1
  81. package/types/index.d.ts +1 -0
  82. package/types/index.d.ts.map +1 -1
  83. package/types/ops/IdpOps.d.ts +31 -24
  84. package/types/ops/IdpOps.d.ts.map +1 -1
  85. package/types/ops/JourneyOps.d.ts +17 -3
  86. package/types/ops/JourneyOps.d.ts.map +1 -1
  87. package/types/ops/OpsTypes.d.ts +1 -1
  88. package/types/ops/OpsTypes.d.ts.map +1 -1
  89. package/types/ops/Saml2Ops.d.ts +24 -12
  90. package/types/ops/Saml2Ops.d.ts.map +1 -1
  91. package/types/ops/ScriptOps.d.ts +56 -20
  92. package/types/ops/ScriptOps.d.ts.map +1 -1
  93. package/types/test/mocks/ForgeRockApiMockEngine.d.ts +2 -11
  94. package/types/test/mocks/ForgeRockApiMockEngine.d.ts.map +1 -1
package/esm/test/mocks/JourneyOps/importJourney/FrodoTestJourney3.journey.json ADDED
@@ -0,0 +1,873 @@
1
+ {
2
+ "meta": {
3
+ "origin": "https://openam-volker-dev.forgeblocks.com/am",
4
+ "originAmVersion": "7.3.0",
5
+ "exportedBy": "volker.scheuber@forgerock.com",
6
+ "exportDate": "2023-01-04T19:11:08.648Z",
7
+ "exportTool": "frodo",
8
+ "exportToolVersion": "v0.17.3 [v18.7.0]"
9
+ },
10
+ "innerNodes": {
11
+ "78164e4b-ac34-46fb-b271-2ae0b1c4dda3": {
12
+ "_id": "78164e4b-ac34-46fb-b271-2ae0b1c4dda3",
13
+ "_rev": "1320178888",
14
+ "passwordAttribute": "password",
15
+ "validateInput": false,
16
+ "_type": {
17
+ "_id": "ValidatedPasswordNode",
18
+ "name": "Platform Password",
19
+ "collection": true
20
+ },
21
+ "_outcomes": [
22
+ {
23
+ "id": "outcome",
24
+ "displayName": "Outcome"
25
+ }
26
+ ]
27
+ },
28
+ "eb302165-5014-4538-8baf-8cdce05a50e6": {
29
+ "_id": "eb302165-5014-4538-8baf-8cdce05a50e6",
30
+ "_rev": "1791446947",
31
+ "includeLocalAuthentication": true,
32
+ "filteredProviders": [
33
+ "adfs",
34
+ "github"
35
+ ],
36
+ "identityAttribute": "mail",
37
+ "passwordAttribute": "password",
38
+ "offerOnlyExisting": false,
39
+ "_type": {
40
+ "_id": "SelectIdPNode",
41
+ "name": "Select Identity Provider",
42
+ "collection": true
43
+ },
44
+ "_outcomes": [
45
+ {
46
+ "id": "socialAuthentication",
47
+ "displayName": "Social Authentication"
48
+ },
49
+ {
50
+ "id": "localAuthentication",
51
+ "displayName": "Local Authentication"
52
+ }
53
+ ]
54
+ },
55
+ "99f2d026-8d93-492d-b97f-c7331dc31c6d": {
56
+ "_id": "99f2d026-8d93-492d-b97f-c7331dc31c6d",
57
+ "_rev": "-2073692024",
58
+ "usernameAttribute": "userName",
59
+ "validateInput": false,
60
+ "_type": {
61
+ "_id": "ValidatedUsernameNode",
62
+ "name": "Platform Username",
63
+ "collection": true
64
+ },
65
+ "_outcomes": [
66
+ {
67
+ "id": "outcome",
68
+ "displayName": "Outcome"
69
+ }
70
+ ]
71
+ },
72
+ "60ff8a50-6be3-4eb6-a031-387897e7ca9a": {
73
+ "_id": "60ff8a50-6be3-4eb6-a031-387897e7ca9a",
74
+ "_rev": "969732594",
75
+ "passwordAttribute": "password",
76
+ "validateInput": false,
77
+ "_type": {
78
+ "_id": "ValidatedPasswordNode",
79
+ "name": "Platform Password",
80
+ "collection": true
81
+ },
82
+ "_outcomes": [
83
+ {
84
+ "id": "outcome",
85
+ "displayName": "Outcome"
86
+ }
87
+ ]
88
+ },
89
+ "e165f3c7-babc-43be-8b3c-e99f1e735908": {
90
+ "_id": "e165f3c7-babc-43be-8b3c-e99f1e735908",
91
+ "_rev": "280483221",
92
+ "includeLocalAuthentication": true,
93
+ "filteredProviders": [
94
+ "google",
95
+ "facebook",
96
+ "azure"
97
+ ],
98
+ "identityAttribute": "mail",
99
+ "passwordAttribute": "password",
100
+ "offerOnlyExisting": false,
101
+ "_type": {
102
+ "_id": "SelectIdPNode",
103
+ "name": "Select Identity Provider",
104
+ "collection": true
105
+ },
106
+ "_outcomes": [
107
+ {
108
+ "id": "socialAuthentication",
109
+ "displayName": "Social Authentication"
110
+ },
111
+ {
112
+ "id": "localAuthentication",
113
+ "displayName": "Local Authentication"
114
+ }
115
+ ]
116
+ }
117
+ },
118
+ "nodes": {
119
+ "9381fc70-1a31-40de-85de-23faf97e7b28": {
120
+ "_id": "9381fc70-1a31-40de-85de-23faf97e7b28",
121
+ "_rev": "1072614526",
122
+ "nodes": [
123
+ {
124
+ "_id": "78164e4b-ac34-46fb-b271-2ae0b1c4dda3",
125
+ "nodeType": "ValidatedPasswordNode",
126
+ "displayName": "Password"
127
+ },
128
+ {
129
+ "_id": "eb302165-5014-4538-8baf-8cdce05a50e6",
130
+ "nodeType": "SelectIdPNode",
131
+ "displayName": "Select IDP"
132
+ }
133
+ ],
134
+ "pageDescription": {},
135
+ "pageHeader": {},
136
+ "_type": {
137
+ "_id": "PageNode",
138
+ "name": "Page Node",
139
+ "collection": true
140
+ },
141
+ "_outcomes": [
142
+ {
143
+ "id": "socialAuthentication",
144
+ "displayName": "Social Authentication"
145
+ },
146
+ {
147
+ "id": "localAuthentication",
148
+ "displayName": "Local Authentication"
149
+ }
150
+ ]
151
+ },
152
+ "ab9f607b-0f87-4e46-972d-fa726cd1c8f0": {
153
+ "_id": "ab9f607b-0f87-4e46-972d-fa726cd1c8f0",
154
+ "_rev": "-1965514998",
155
+ "nodes": [
156
+ {
157
+ "_id": "99f2d026-8d93-492d-b97f-c7331dc31c6d",
158
+ "nodeType": "ValidatedUsernameNode",
159
+ "displayName": "Username"
160
+ },
161
+ {
162
+ "_id": "60ff8a50-6be3-4eb6-a031-387897e7ca9a",
163
+ "nodeType": "ValidatedPasswordNode",
164
+ "displayName": "Password"
165
+ },
166
+ {
167
+ "_id": "e165f3c7-babc-43be-8b3c-e99f1e735908",
168
+ "nodeType": "SelectIdPNode",
169
+ "displayName": "Select IDP"
170
+ }
171
+ ],
172
+ "pageDescription": {},
173
+ "pageHeader": {},
174
+ "_type": {
175
+ "_id": "PageNode",
176
+ "name": "Page Node",
177
+ "collection": true
178
+ },
179
+ "_outcomes": [
180
+ {
181
+ "id": "socialAuthentication",
182
+ "displayName": "Social Authentication"
183
+ },
184
+ {
185
+ "id": "localAuthentication",
186
+ "displayName": "Local Authentication"
187
+ }
188
+ ]
189
+ },
190
+ "4b5d893f-0ade-4385-88d6-a281754fe498": {
191
+ "_id": "4b5d893f-0ade-4385-88d6-a281754fe498",
192
+ "_rev": "-1901002889",
193
+ "clientType": "BROWSER",
194
+ "script": "58c824ae-84ed-4724-82cd-db128fc3f6c",
195
+ "usernameAttribute": "userName",
196
+ "_type": {
197
+ "_id": "SocialProviderHandlerNode",
198
+ "name": "Social Provider Handler Node",
199
+ "collection": true
200
+ },
201
+ "_outcomes": [
202
+ {
203
+ "id": "ACCOUNT_EXISTS",
204
+ "displayName": "Account exists"
205
+ },
206
+ {
207
+ "id": "NO_ACCOUNT",
208
+ "displayName": "No account exists"
209
+ }
210
+ ]
211
+ },
212
+ "46643303-aeb2-4873-9df1-59db4958cc34": {
213
+ "_id": "46643303-aeb2-4873-9df1-59db4958cc34",
214
+ "_rev": "-99193033",
215
+ "script": "739bdc48-fd24-4c52-b353-88706d75558a",
216
+ "outcomes": [
217
+ "known",
218
+ "unknown"
219
+ ],
220
+ "outputs": [
221
+ "*"
222
+ ],
223
+ "inputs": [
224
+ "*"
225
+ ],
226
+ "_type": {
227
+ "_id": "ScriptedDecisionNode",
228
+ "name": "Scripted Decision",
229
+ "collection": true
230
+ },
231
+ "_outcomes": [
232
+ {
233
+ "id": "known",
234
+ "displayName": "known"
235
+ },
236
+ {
237
+ "id": "unknown",
238
+ "displayName": "unknown"
239
+ }
240
+ ]
241
+ },
242
+ "a681751d-ab8c-4cb8-8be9-92b4cc688b69": {
243
+ "_id": "a681751d-ab8c-4cb8-8be9-92b4cc688b69",
244
+ "_rev": "1132424611",
245
+ "useUniversalIdForUsername": true,
246
+ "minimumPasswordLength": 8,
247
+ "_type": {
248
+ "_id": "IdentityStoreDecisionNode",
249
+ "name": "Identity Store Decision",
250
+ "collection": true
251
+ },
252
+ "_outcomes": [
253
+ {
254
+ "id": "TRUE",
255
+ "displayName": "True"
256
+ },
257
+ {
258
+ "id": "FALSE",
259
+ "displayName": "False"
260
+ },
261
+ {
262
+ "id": "LOCKED",
263
+ "displayName": "Locked"
264
+ },
265
+ {
266
+ "id": "CANCELLED",
267
+ "displayName": "Cancelled"
268
+ },
269
+ {
270
+ "id": "EXPIRED",
271
+ "displayName": "Expired"
272
+ }
273
+ ]
274
+ },
275
+ "dd0d8532-e7a2-40af-b05f-2913432fc97e": {
276
+ "_id": "dd0d8532-e7a2-40af-b05f-2913432fc97e",
277
+ "_rev": "1765887235",
278
+ "metaAlias": "/alpha/iSPAzure",
279
+ "allowCreate": true,
280
+ "authnContextClassRef": [],
281
+ "authnContextDeclRef": [],
282
+ "authComparison": "MINIMUM",
283
+ "nameIdFormat": "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
284
+ "requestBinding": "HTTP_REDIRECT",
285
+ "binding": "HTTP_ARTIFACT",
286
+ "forceAuthn": false,
287
+ "idpEntityId": "urn:federation:MicrosoftOnline",
288
+ "isPassive": false,
289
+ "_type": {
290
+ "_id": "product-Saml2Node",
291
+ "name": "SAML2 Authentication",
292
+ "collection": true
293
+ },
294
+ "_outcomes": [
295
+ {
296
+ "id": "ACCOUNT_EXISTS",
297
+ "displayName": "Account exists"
298
+ },
299
+ {
300
+ "id": "NO_ACCOUNT",
301
+ "displayName": "No account exists"
302
+ }
303
+ ]
304
+ },
305
+ "c3167e4f-4756-4ad2-bbbd-1278fc1dbf59": {
306
+ "_id": "c3167e4f-4756-4ad2-bbbd-1278fc1dbf59",
307
+ "_rev": "-846450844",
308
+ "emailTemplateName": "welcome",
309
+ "identityAttribute": "userName",
310
+ "emailAttribute": "mail",
311
+ "_type": {
312
+ "_id": "EmailTemplateNode",
313
+ "name": "Email Template Node",
314
+ "collection": true
315
+ },
316
+ "_outcomes": [
317
+ {
318
+ "id": "EMAIL_SENT",
319
+ "displayName": "Email Sent"
320
+ },
321
+ {
322
+ "id": "EMAIL_NOT_SENT",
323
+ "displayName": "Email Not Sent"
324
+ }
325
+ ]
326
+ },
327
+ "e60801b1-9b6f-4017-83d4-1695ca982022": {
328
+ "_id": "e60801b1-9b6f-4017-83d4-1695ca982022",
329
+ "_rev": "1857773376",
330
+ "tree": "FrodoTestJourney2",
331
+ "_type": {
332
+ "_id": "InnerTreeEvaluatorNode",
333
+ "name": "Inner Tree Evaluator",
334
+ "collection": true
335
+ },
336
+ "_outcomes": [
337
+ {
338
+ "id": "true",
339
+ "displayName": "True"
340
+ },
341
+ {
342
+ "id": "false",
343
+ "displayName": "False"
344
+ }
345
+ ]
346
+ }
347
+ },
348
+ "scripts": {
349
+ "58c824ae-84ed-4724-82cd-db128fc3f6c": {
350
+ "_id": "58c824ae-84ed-4724-82cd-db128fc3f6c",
351
+ "name": "Normalized Profile to Managed User",
352
+ "description": "Converts a normalized social profile into a managed user",
353
+ "script": "\"/*\\n * Copyright 2020 ForgeRock AS. All Rights Reserved\\n *\\n * Use of this code requires a commercial software license with ForgeRock AS.\\n * or with one of its affiliates. All use shall be exclusively subject\\n * to such license between the licensee and ForgeRock AS.\\n */\\n\\nimport static org.forgerock.json.JsonValue.field\\nimport static org.forgerock.json.JsonValue.json\\nimport static org.forgerock.json.JsonValue.object\\n\\nimport org.forgerock.json.JsonValue\\n\\nJsonValue managedUser = json(object(\\n field(\\\"givenName\\\", normalizedProfile.givenName),\\n field(\\\"sn\\\", normalizedProfile.familyName),\\n field(\\\"mail\\\", normalizedProfile.email),\\n field(\\\"userName\\\", normalizedProfile.username)))\\n\\nif (normalizedProfile.postalAddress.isNotNull()) managedUser.put(\\\"postalAddress\\\", normalizedProfile.postalAddress)\\nif (normalizedProfile.addressLocality.isNotNull()) managedUser.put(\\\"city\\\", normalizedProfile.addressLocality)\\nif (normalizedProfile.addressRegion.isNotNull()) managedUser.put(\\\"stateProvince\\\", normalizedProfile.addressRegion)\\nif (normalizedProfile.postalCode.isNotNull()) managedUser.put(\\\"postalCode\\\", normalizedProfile.postalCode)\\nif (normalizedProfile.country.isNotNull()) managedUser.put(\\\"country\\\", normalizedProfile.country)\\nif (normalizedProfile.phone.isNotNull()) managedUser.put(\\\"telephoneNumber\\\", normalizedProfile.phone)\\n\\n// if the givenName and familyName is null or empty\\n// then add a boolean flag to the shared state to indicate names are not present\\n// this could be used elsewhere\\n// for eg. this could be used in a scripted decision node to by-pass patching\\n// the user object with blank values when givenName and familyName is not present\\nboolean noGivenName = normalizedProfile.givenName.isNull() || (!normalizedProfile.givenName.asString()?.trim())\\nboolean noFamilyName = normalizedProfile.familyName.isNull() || (!normalizedProfile.familyName.asString()?.trim())\\nsharedState.put(\\\"nameEmptyOrNull\\\", noGivenName && noFamilyName)\\n\\nreturn managedUser\\n\"",
354
+ "default": true,
355
+ "language": "GROOVY",
356
+ "context": "SOCIAL_IDP_PROFILE_TRANSFORMATION",
357
+ "createdBy": "null",
358
+ "creationDate": 0,
359
+ "lastModifiedBy": "null",
360
+ "lastModifiedDate": 0
361
+ },
362
+ "739bdc48-fd24-4c52-b353-88706d75558a": {
363
+ "_id": "739bdc48-fd24-4c52-b353-88706d75558a",
364
+ "name": "Check Username",
365
+ "description": "Check if username has already been collected.",
366
+ "script": "\"/* Check Username\\n *\\n * Author: volker.scheuber@forgerock.com\\n * \\n * Check if username has already been collected.\\n * Return \\\"known\\\" if yes, \\\"unknown\\\" otherwise.\\n * \\n * This script does not need to be parametrized. It will work properly as is.\\n * \\n * The Scripted Decision Node needs the following outcomes defined:\\n * - known\\n * - unknown\\n */\\n(function () {\\n if (null != sharedState.get(\\\"username\\\")) {\\n outcome = \\\"known\\\";\\n }\\n else {\\n outcome = \\\"unknown\\\";\\n }\\n}());\"",
367
+ "default": false,
368
+ "language": "JAVASCRIPT",
369
+ "context": "AUTHENTICATION_TREE_DECISION_NODE",
370
+ "createdBy": "null",
371
+ "creationDate": 0,
372
+ "lastModifiedBy": "null",
373
+ "lastModifiedDate": 0
374
+ },
375
+ "23143919-6b78-40c3-b25e-beca19b229e0": {
376
+ "_id": "23143919-6b78-40c3-b25e-beca19b229e0",
377
+ "name": "GitHub Profile Normalization (VS)",
378
+ "description": "Normalizes raw profile data from GitHub",
379
+ "script": "\"/*\\n * Copyright 2020 ForgeRock AS. All Rights Reserved\\n *\\n * Use of this code requires a commercial software license with ForgeRock AS.\\n * or with one of its affiliates. All use shall be exclusively subject\\n * to such license between the licensee and ForgeRock AS.\\n */\\n\\nimport static org.forgerock.json.JsonValue.field\\nimport static org.forgerock.json.JsonValue.json\\nimport static org.forgerock.json.JsonValue.object\\n\\nlogger.warning(\\\"GitHub rawProfile: \\\"+rawProfile)\\n\\nreturn json(object(\\n field(\\\"id\\\", rawProfile.id),\\n field(\\\"displayName\\\", rawProfile.name),\\n field(\\\"givenName\\\", rawProfile.first_name),\\n field(\\\"familyName\\\", rawProfile.last_name),\\n field(\\\"photoUrl\\\", rawProfile.picture.data.url),\\n field(\\\"email\\\", rawProfile.email),\\n field(\\\"username\\\", rawProfile.email)))\"",
380
+ "default": false,
381
+ "language": "GROOVY",
382
+ "context": "SOCIAL_IDP_PROFILE_TRANSFORMATION",
383
+ "createdBy": "null",
384
+ "creationDate": 0,
385
+ "lastModifiedBy": "null",
386
+ "lastModifiedDate": 0
387
+ },
388
+ "dbe0bf9a-72aa-49d5-8483-9db147985a47": {
389
+ "_id": "dbe0bf9a-72aa-49d5-8483-9db147985a47",
390
+ "name": "ADFS Profile Normalization (JS)",
391
+ "description": "Normalizes raw profile data from ADFS",
392
+ "script": "\"/*\\n * Copyright 2022 ForgeRock AS. All Rights Reserved\\n *\\n * Use of this code requires a commercial software license with ForgeRock AS\\n * or with one of its affiliates. All use shall be exclusively subject\\n * to such license between the licensee and ForgeRock AS.\\n */\\n\\n/*\\n * This script returns the social identity profile information for the authenticating user\\n * in a standard form expected by the Social Provider Handler Node.\\n *\\n * Defined variables:\\n * rawProfile - The social identity provider profile information for the authenticating user.\\n * JsonValue (1).\\n * logger - The debug logger instance:\\n * https://backstage.forgerock.com/docs/am/7/scripting-guide/scripting-api-global-logger.html#scripting-api-global-logger.\\n * realm - String (primitive).\\n * The name of the realm the user is authenticating to.\\n * requestHeaders - TreeMap (2).\\n * The object that provides methods for accessing headers in the login request:\\n * https://backstage.forgerock.com/docs/am/7/authentication-guide/scripting-api-node.html#scripting-api-node-requestHeaders.\\n * requestParameters - TreeMap (2).\\n * The object that contains the authentication request parameters.\\n * selectedIdp - String (primitive).\\n * The social identity provider name. For example: google.\\n * sharedState - LinkedHashMap (3).\\n * The object that holds the state of the authentication tree and allows data exchange between the stateless nodes:\\n * https://backstage.forgerock.com/docs/am/7/auth-nodes/core-action.html#accessing-tree-state.\\n * transientState - LinkedHashMap (3).\\n * The object for storing sensitive information that must not leave the server unencrypted,\\n * and that may not need to persist between authentication requests during the authentication session:\\n * https://backstage.forgerock.com/docs/am/7/auth-nodes/core-action.html#accessing-tree-state.\\n *\\n * Return - a JsonValue (1).\\n * The result of the last statement in the script is returned to the server.\\n * Currently, the Immediately Invoked Function Expression (also known as Self-Executing Anonymous Function)\\n * is the last (and only) statement in this script, and its return value will become the script result.\\n * Do not use \\\"return variable\\\" statement outside of a function definition.\\n *\\n * This script's last statement should result in a JsonValue (1) with the following keys:\\n * {\\n * {\\\"displayName\\\": \\\"corresponding-social-identity-provider-value\\\"},\\n * {\\\"email\\\": \\\"corresponding-social-identity-provider-value\\\"},\\n * {\\\"familyName\\\": \\\"corresponding-social-identity-provider-value\\\"},\\n * {\\\"givenName\\\": \\\"corresponding-social-identity-provider-value\\\"},\\n * {\\\"id\\\": \\\"corresponding-social-identity-provider-value\\\"},\\n * {\\\"locale\\\": \\\"corresponding-social-identity-provider-value\\\"},\\n * {\\\"photoUrl\\\": \\\"corresponding-social-identity-provider-value\\\"},\\n * {\\\"username\\\": \\\"corresponding-social-identity-provider-value\\\"}\\n * }\\n *\\n * The consumer of this data defines which keys are required and which are optional.\\n * For example, the script associated with the Social Provider Handler Node and,\\n * ultimately, the managed object created/updated with this data\\n * will expect certain keys to be populated.\\n * In some common default configurations, the following keys are required to be not empty:\\n * username, givenName, familyName, email.\\n *\\n * From RFC4517: A value of the Directory String syntax is a string of one or more\\n * arbitrary characters from the Universal Character Set (UCS).\\n * A zero-length character string is not permitted.\\n *\\n * (1) JsonValue - https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/json/JsonValue.html.\\n * (2) TreeMap - https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/TreeMap.html.\\n * (3) LinkedHashMap - https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/LinkedHashMap.html.\\n */\\n\\n(function () {\\n var frJava = JavaImporter(\\n org.forgerock.json.JsonValue\\n );\\n\\n var normalizedProfileData = frJava.JsonValue.json(frJava.JsonValue.object());\\n \\n \\t//logger.message('Seguin rawProfile: '+rawProfile);\\n\\n normalizedProfileData.put('id', rawProfile.get('sub').asString());\\n normalizedProfileData.put('displayName', rawProfile.get('givenName').asString() + ' ' + rawProfile.get('sn').asString());\\n normalizedProfileData.put('email', rawProfile.get('mail').asString());\\n normalizedProfileData.put('givenName', rawProfile.get('givenName').asString());\\n normalizedProfileData.put('familyName', rawProfile.get('sn').asString());\\n normalizedProfileData.put('username', rawProfile.get('upn').asString());\\n normalizedProfileData.put('roles', rawProfile.get('roles').asString());\\n \\n \\t//logger.message('Seguin normalizedProfileData: '+normalizedProfileData);\\n\\n return normalizedProfileData;\\n}());\"",
393
+ "default": false,
394
+ "language": "JAVASCRIPT",
395
+ "context": "SOCIAL_IDP_PROFILE_TRANSFORMATION",
396
+ "createdBy": "null",
397
+ "creationDate": 0,
398
+ "lastModifiedBy": "null",
399
+ "lastModifiedDate": 0
400
+ }
401
+ },
402
+ "emailTemplates": {
403
+ "welcome": {
404
+ "_id": "emailTemplate/welcome",
405
+ "defaultLocale": "en",
406
+ "displayName": "Welcome",
407
+ "enabled": true,
408
+ "from": "saas@forgerock.com",
409
+ "html": {
410
+ "en": "<div class=\"content\"><p>Welcome. Your username is '{{object.userName}}'.</p></div>"
411
+ },
412
+ "message": {
413
+ "en": "<html><head></head><body style=\"background-color: #324054; color: #5e6d82; padding: 60px; text-align: center;\"><div class=\"content\" style=\"background-color: #fff; border-radius: 4px; margin: 0 auto; padding: 48px; width: 235px;\"><p>Welcome. Your username is '{{object.userName}}'.</p></div></body></html>"
414
+ },
415
+ "mimeType": "text/html",
416
+ "styles": "body{\n background-color:#324054;\n color:#5e6d82;\n padding:60px;\n text-align:center\n}\na{\n text-decoration:none;\n color:#109cf1\n}\n.content{\n background-color:#fff;\n border-radius:4px;\n margin:0 auto;\n padding:48px;\n width:235px\n}\n",
417
+ "subject": {
418
+ "en": "Your account has been created"
419
+ }
420
+ }
421
+ },
422
+ "socialIdentityProviders": {
423
+ "github": {
424
+ "clientId": "bdae6d141d4dcf95a630",
425
+ "pkceMethod": "S256",
426
+ "jwtEncryptionMethod": "NONE",
427
+ "authorizationEndpoint": "https://github.com/login/oauth/authorize",
428
+ "jwtEncryptionAlgorithm": "NONE",
429
+ "issuerComparisonCheckType": "EXACT",
430
+ "clientSecret": null,
431
+ "scopeDelimiter": " ",
432
+ "scopes": [
433
+ "user"
434
+ ],
435
+ "enabled": true,
436
+ "authenticationIdKey": "id",
437
+ "uiConfig": {
438
+ "buttonCustomStyle": "background-color: #fff; color: #757575; border-color: #ddd;",
439
+ "buttonCustomStyleHover": "color: #6d6d6d; background-color: #eee; border-color: #ccc;",
440
+ "buttonDisplayName": "GitHub",
441
+ "buttonImage": "https://cdn-icons-png.flaticon.com/512/25/25231.png",
442
+ "iconBackground": "#4184f3",
443
+ "iconFontColor": "white"
444
+ },
445
+ "privateKeyJwtExpTime": 600,
446
+ "revocationCheckOptions": [],
447
+ "transform": "23143919-6b78-40c3-b25e-beca19b229e0",
448
+ "userInfoEndpoint": "https://ig.mytestrun.com/user",
449
+ "jwtSigningAlgorithm": "NONE",
450
+ "redirectURI": "https://idc.scheuber.io/login",
451
+ "clientAuthenticationMethod": "CLIENT_SECRET_POST",
452
+ "responseMode": "DEFAULT",
453
+ "useCustomTrustStore": false,
454
+ "tokenEndpoint": "https://ig.mytestrun.com/login/oauth/access_token",
455
+ "_id": "github",
456
+ "_type": {
457
+ "_id": "oauth2Config",
458
+ "name": "Client configuration for providers that implement the OAuth2 specification.",
459
+ "collection": true
460
+ }
461
+ },
462
+ "adfs": {
463
+ "clientId": "aa9a179e-cdba-4db8-8477-3d1069d5ec04",
464
+ "pkceMethod": "S256",
465
+ "wellKnownEndpoint": "https://adfs.mytestrun.com/adfs/.well-known/openid-configuration",
466
+ "jwtEncryptionMethod": "NONE",
467
+ "authorizationEndpoint": "https://adfs.mytestrun.com/adfs/oauth2/authorize",
468
+ "jwtEncryptionAlgorithm": "NONE",
469
+ "issuerComparisonCheckType": "EXACT",
470
+ "clientSecret": null,
471
+ "encryptJwtRequestParameter": false,
472
+ "scopeDelimiter": " ",
473
+ "scopes": [
474
+ "openid",
475
+ "profile",
476
+ "email"
477
+ ],
478
+ "issuer": "https://adfs.mytestrun.com/adfs",
479
+ "userInfoResponseType": "JSON",
480
+ "acrValues": [],
481
+ "jwksUriEndpoint": "https://adfs.mytestrun.com/adfs/discovery/keys",
482
+ "encryptedIdTokens": false,
483
+ "enabled": true,
484
+ "jwtRequestParameterOption": "NONE",
485
+ "authenticationIdKey": "sub",
486
+ "uiConfig": {
487
+ "buttonClass": "",
488
+ "buttonCustomStyle": "background-color: #fff; border-color: #8b8b8b; color: #8b8b8b;",
489
+ "buttonCustomStyleHover": "background-color: #fff; border-color: #8b8b8b; color: #8b8b8b;",
490
+ "buttonDisplayName": "Microsoft ADFS",
491
+ "buttonImage": "/login/images/microsoft-logo.png",
492
+ "iconBackground": "#0078d7",
493
+ "iconClass": "fa-windows",
494
+ "iconFontColor": "white"
495
+ },
496
+ "privateKeyJwtExpTime": 600,
497
+ "revocationCheckOptions": [],
498
+ "enableNativeNonce": true,
499
+ "transform": "dbe0bf9a-72aa-49d5-8483-9db147985a47",
500
+ "jwtSigningAlgorithm": "RS256",
501
+ "redirectURI": "https://idc.scheuber.io/login",
502
+ "clientAuthenticationMethod": "CLIENT_SECRET_POST",
503
+ "responseMode": "DEFAULT",
504
+ "useCustomTrustStore": false,
505
+ "tokenEndpoint": "https://adfs.mytestrun.com/adfs/oauth2/token",
506
+ "_id": "adfs",
507
+ "_type": {
508
+ "_id": "oidcConfig",
509
+ "name": "Client configuration for providers that implement the OpenID Connect specification.",
510
+ "collection": true
511
+ }
512
+ }
513
+ },
514
+ "themes": [],
515
+ "saml2Entities": {
516
+ "aVNQQXp1cmU": {
517
+ "_id": "aVNQQXp1cmU",
518
+ "_rev": "1379466460",
519
+ "entityId": "iSPAzure",
520
+ "serviceProvider": {
521
+ "assertionContent": {
522
+ "signingAndEncryption": {
523
+ "requestResponseSigning": {},
524
+ "encryption": {},
525
+ "secretIdAndAlgorithms": {}
526
+ },
527
+ "nameIdFormat": {
528
+ "nameIdFormatList": [
529
+ "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
530
+ "urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
531
+ "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
532
+ "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
533
+ "urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName",
534
+ "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos",
535
+ "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName"
536
+ ]
537
+ },
538
+ "authenticationContext": {
539
+ "authenticationContextMapper": "com.sun.identity.saml2.plugins.DefaultSPAuthnContextMapper",
540
+ "authContextItems": [
541
+ {
542
+ "contextReference": "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport",
543
+ "level": 0,
544
+ "defaultItem": true
545
+ }
546
+ ],
547
+ "authenticationComparisonType": "Exact",
548
+ "includeRequestedAuthenticationContext": true
549
+ },
550
+ "assertionTimeSkew": 300,
551
+ "basicAuthentication": {}
552
+ },
553
+ "assertionProcessing": {
554
+ "attributeMapper": {
555
+ "attributeMapper": "com.sun.identity.saml2.plugins.DefaultSPAttributeMapper",
556
+ "attributeMap": [
557
+ {
558
+ "key": "http://schemas.microsoft.com/identity/claims/displayname",
559
+ "value": "cn"
560
+ },
561
+ {
562
+ "key": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname",
563
+ "value": "givenName"
564
+ },
565
+ {
566
+ "key": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname",
567
+ "value": "sn"
568
+ },
569
+ {
570
+ "key": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
571
+ "value": "mail"
572
+ },
573
+ {
574
+ "key": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
575
+ "value": "uid"
576
+ }
577
+ ]
578
+ },
579
+ "autoFederation": {
580
+ "autoFedEnabled": false
581
+ },
582
+ "accountMapping": {
583
+ "spAccountMapper": "com.sun.identity.saml2.plugins.DefaultSPAccountMapper",
584
+ "useNameIDAsSPUserID": true
585
+ },
586
+ "responseArtifactMessageEncoding": {
587
+ "encoding": "URI"
588
+ },
589
+ "url": {},
590
+ "adapter": {}
591
+ },
592
+ "services": {
593
+ "metaAlias": "/alpha/iSPAzure",
594
+ "serviceAttributes": {
595
+ "singleLogoutService": [
596
+ {
597
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
598
+ "location": "https://idc.scheuber.io/am/SPSloRedirect/metaAlias/alpha/iSPAzure",
599
+ "responseLocation": "https://idc.scheuber.io/am/SPSloRedirect/metaAlias/alpha/iSPAzure"
600
+ },
601
+ {
602
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
603
+ "location": "https://idc.scheuber.io/am/SPSloPOST/metaAlias/alpha/iSPAzure",
604
+ "responseLocation": "https://idc.scheuber.io/am/SPSloPOST/metaAlias/alpha/iSPAzure"
605
+ },
606
+ {
607
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP",
608
+ "location": "https://idc.scheuber.io/am/SPSloSoap/metaAlias/alpha/iSPAzure"
609
+ }
610
+ ],
611
+ "nameIdService": [
612
+ {
613
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
614
+ "location": "https://idc.scheuber.io/am/SPMniRedirect/metaAlias/alpha/iSPAzure",
615
+ "responseLocation": "https://idc.scheuber.io/am/SPMniRedirect/metaAlias/alpha/iSPAzure"
616
+ },
617
+ {
618
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
619
+ "location": "https://idc.scheuber.io/am/SPMniPOST/metaAlias/alpha/iSPAzure",
620
+ "responseLocation": "https://idc.scheuber.io/am/SPMniPOST/metaAlias/alpha/iSPAzure"
621
+ },
622
+ {
623
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP",
624
+ "location": "https://idc.scheuber.io/am/SPMniSoap/metaAlias/alpha/iSPAzure",
625
+ "responseLocation": "https://idc.scheuber.io/am/SPMniSoap/metaAlias/alpha/iSPAzure"
626
+ }
627
+ ],
628
+ "assertionConsumerService": [
629
+ {
630
+ "isDefault": true,
631
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact",
632
+ "location": "https://idc.scheuber.io/am/AuthConsumer/metaAlias/alpha/iSPAzure",
633
+ "index": 0
634
+ },
635
+ {
636
+ "isDefault": false,
637
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
638
+ "location": "https://idc.scheuber.io/am/AuthConsumer/metaAlias/alpha/iSPAzure",
639
+ "index": 1
640
+ },
641
+ {
642
+ "isDefault": false,
643
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:PAOS",
644
+ "location": "https://idc.scheuber.io/am/Consumer/ECP/metaAlias/alpha/iSPAzure",
645
+ "index": 2
646
+ }
647
+ ]
648
+ }
649
+ },
650
+ "advanced": {
651
+ "saeConfiguration": {
652
+ "spUrl": "https://idc.scheuber.io/am/spsaehandler/metaAlias/alpha/iSPAzure"
653
+ },
654
+ "ecpConfiguration": {
655
+ "ecpRequestIdpListFinderImpl": "com.sun.identity.saml2.plugins.ECPIDPFinder"
656
+ },
657
+ "idpProxy": {},
658
+ "relayStateUrlList": {}
659
+ }
660
+ },
661
+ "entityLocation": "hosted"
662
+ },
663
+ "dXJuOmZlZGVyYXRpb246TWljcm9zb2Z0T25saW5l": {
664
+ "_id": "dXJuOmZlZGVyYXRpb246TWljcm9zb2Z0T25saW5l",
665
+ "_rev": "1971501705",
666
+ "entityId": "urn:federation:MicrosoftOnline",
667
+ "serviceProvider": {
668
+ "assertionContent": {
669
+ "signingAndEncryption": {
670
+ "requestResponseSigning": {
671
+ "assertion": true
672
+ },
673
+ "encryption": {}
674
+ },
675
+ "nameIdFormat": {
676
+ "nameIdFormatList": [
677
+ "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
678
+ "urn:mace:shibboleth:1.0:nameIdentifier",
679
+ "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
680
+ "urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
681
+ "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
682
+ ]
683
+ },
684
+ "basicAuthentication": {}
685
+ },
686
+ "assertionProcessing": {
687
+ "attributeMapper": {
688
+ "attributeMap": [
689
+ {
690
+ "samlAttribute": "IDPEmail",
691
+ "localAttribute": "mail",
692
+ "binary": false
693
+ },
694
+ {
695
+ "samlAttribute": "UOPClassID",
696
+ "localAttribute": "UOPClassID",
697
+ "binary": false
698
+ }
699
+ ]
700
+ },
701
+ "responseArtifactMessageEncoding": {
702
+ "encoding": "URI"
703
+ }
704
+ },
705
+ "services": {
706
+ "serviceAttributes": {
707
+ "singleLogoutService": [
708
+ {
709
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
710
+ "location": "https://login.microsoftonline.com/login.srf"
711
+ }
712
+ ],
713
+ "assertionConsumerService": [
714
+ {
715
+ "isDefault": true,
716
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
717
+ "location": "https://login.microsoftonline.com/login.srf",
718
+ "index": 0
719
+ },
720
+ {
721
+ "isDefault": false,
722
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign",
723
+ "location": "https://login.microsoftonline.com/login.srf",
724
+ "index": 1
725
+ },
726
+ {
727
+ "isDefault": false,
728
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:PAOS",
729
+ "location": "https://login.microsoftonline.com/login.srf",
730
+ "index": 2
731
+ }
732
+ ]
733
+ }
734
+ },
735
+ "advanced": {
736
+ "saeConfiguration": {},
737
+ "idpProxy": {}
738
+ }
739
+ },
740
+ "entityLocation": "remote",
741
+ "base64EntityXML": "PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9InllcyI_Pgo8RW50aXR5RGVzY3JpcHRvciBlbnRpdHlJRD0idXJuOmZlZGVyYXRpb246TWljcm9zb2Z0T25saW5lIiBJRD0iX2U0NmExMTkzLWU4YTctNDhlZC04MDRmLTE1MTY3MjllY2I1ZiIgeG1sbnM9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDptZXRhZGF0YSIgeG1sbnM6cXVlcnk9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOm1ldGFkYXRhOmV4dDpxdWVyeSIgeG1sbnM6bWRhdHRyPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDptZXRhZGF0YTphdHRyaWJ1dGUiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIHhtbG5zOnhlbmM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jIyIgeG1sbnM6eGVuYzExPSJodHRwOi8vd3d3LnczLm9yZy8yMDA5L3htbGVuYzExIyIgeG1sbnM6YWxnPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDptZXRhZGF0YTphbGdzdXBwb3J0IiB4bWxuczp4NTA5cXJ5PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDptZXRhZGF0YTpYNTA5OnF1ZXJ5IiB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI-CiAgICA8RXh0ZW5zaW9ucz4KICAgICAgICA8YWxnOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8-CiAgICAgICAgPGFsZzpTaWduaW5nTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8-CiAgICA8L0V4dGVuc2lvbnM-CiAgICA8U1BTU09EZXNjcmlwdG9yIFdhbnRBc3NlcnRpb25zU2lnbmVkPSJ0cnVlIiBwcm90b2NvbFN1cHBvcnRFbnVtZXJhdGlvbj0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIj4KICAgICAgICA8S2V5RGVzY3JpcHRvciB1c2U9InNpZ25pbmciPgogICAgICAgICAgICA8ZHM6S2V5SW5mbz4KICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICA8ZHM6WDUwOURhdGE-CiAgICAgICAgICAgICAgICAgICAgPGRzOlg1MDlDZXJ0aWZpY2F0ZT4KTUlJQy9UQ0NBZVdnQXdJQkFnSVFiZ0RIZmkzdDFKTkdWcXdENS83bG1qQU5CZ2txaGtpRzl3MEJBUXNGQURBcE1TY3dKUVlEVlFRRApFeDVNYVhabElFbEVJRk5VVXlCVGFXZHVhVzVuSUZCMVlteHBZeUJMWlhrd0hoY05NakF4TWpJeE1EQXdNREF3V2hjTk1qVXhNakl4Ck1EQXdNREF3V2pBcE1TY3dKUVlEVlFRREV4NU1hWFpsSUVsRUlGTlVVeUJUYVdkdWFXNW5JRkIxWW14cFl5QkxaWGt3Z2dFaU1BMEcKQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUURGVDAvMC8ycVF1cm5ZYTBMYkpIRjlZWW96aEVINnI5bUN4VkRCWWJldwpTRzR0R2dyV3BzZXdRLzk2cGNjekdNUWN0TXZVK2gyZVgzOEh4L2Y5SkFJRGJ1UlF6UWxzUGhRUzdERFo2V2xUWFUrdDhkL2cyQzdmCnBTb0xzNEtWZEppaDR4eWpMVVdqK0JLL2lqc1JqQnQ0Uml3OVZiSkgvRGRXS3lvU01iRUNFaUUrczFSdExQL2VZb01tTmZ4eVFHcVcKaXJDTnFWTkJUbHF6WVFwNGRnRjBmb1l5NGt0b3h3bVFPVm9UY0lNRllwMUk0cEZQSTdDeHVNTGtmSzBYN2FUYk03WUdwaHZNZkp4SgpranJRZHlJN0c1ZDF0NEROaTN6a0ViQlQ3RkdBcjZxUHQzS245cmFscHFKS0hkcEVCQTlOMHZOd1FvNVhUWUloVWJQUTE2SVJBZ01CCkFBR2pJVEFmTUIwR0ExVWREZ1FXQkJSczd0UG1ma2tzU3I2N0t0RWxIallaYmVhQ1RqQU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FRRUEKSnF3TVpTalFKMzZ4KzFzdHk2RWVMS1FMUWV3UXdQYUVDNDdadXQrOGJYZWQ2UThqTVowYmZhL01NN1hxdUVjYWJhTVpMUXVLTGZ0NAo0WVh3WFhRT2ZRckkycWpRcjNlVG9KRmxEVDloUjByZnA5d1FxdHREeGQ2QWE2Uld3RFRnbzVvS1VRQ1RLTEhoRXk4dVd6U2NLMGVHCnQyZDdUV1RhRFhqUlN3TnE2dE03ZlJoWnMwN3RLQlYzeGZpOUVReS9tbGF2QU1GUkJWbTg2TlNvN0FzT0cxSU9NcTAzVTNvb0NXQVgKaDlQZHZ2SE5mSGhIMTlmdXRBbkMvSGVPandSRjFRYzUyN2FCTXBoWUZRTGRpVGhmbWZtaUUvQWhRcUN3WjJvRTd1Q0poQnRSK0tiMQpaR2hqSTM1cEhmc1NxR2lGYTdLcis1YXZlODIyUERja2U4OU12Zz09CiAgICAgICAgICAgICAgICAgICAgPC9kczpYNTA5Q2VydGlmaWNhdGU-CiAgICAgICAgICAgICAgICA8L2RzOlg1MDlEYXRhPgogICAgICAgICAgICA8L2RzOktleUluZm8-CiAgICAgICAgPC9LZXlEZXNjcmlwdG9yPgogICAgICAgIDxLZXlEZXNjcmlwdG9yIHVzZT0ic2lnbmluZyI-CiAgICAgICAgICAgIDxkczpLZXlJbmZvPgogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIDxkczpYNTA5RGF0YT4KICAgICAgICAgICAgICAgICAgICA8ZHM6WDUwOUNlcnRpZmljYXRlPgpNSUlDL1RDQ0FlV2dBd0lCQWdJUU4vR1BlZ25UOGJsUDJFY1NkTU1iQnpBTkJna3Foa2lHOXcwQkFRc0ZBREFwTVNjd0pRWURWUVFECkV4NU1hWFpsSUVsRUlGTlVVeUJUYVdkdWFXNW5JRkIxWW14cFl5QkxaWGt3SGhjTk1qRXdNakU0TURBd01EQXdXaGNOTWpZd01qRTQKTURBd01EQXdXakFwTVNjd0pRWURWUVFERXg1TWFYWmxJRWxFSUZOVVV5QlRhV2R1YVc1bklGQjFZbXhwWXlCTFpYa3dnZ0VpTUEwRwpDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRRFhkTEdVMkxsNVJQZERVbktRK2YvSFM1cWlUYXkyY0NoOVUyQVM2b0RNCjZTT3hWaFlHdG9lSjFWUGViY0xucGdMZmhQeHpyd1dvVnpYU0VGK1ZSUWJuWUlEMkpiNGtoamd5RWVvVGhrM1ZxclRod2hhaHBTYkIKZzJ2bzA2dklPcDFUUzJSMUJpd0hLVExvQjFpMUlKbmFJRlNDM0JONnBZNGZsWFd5TFF0LzVBQlhFbHYyWFpMcVhNOUVlZmo2Smk0MApuTElzaVc0ZFd3M0JEYS95d1dXME1zaVc1b2pHcTR2b3ZjQWdFTmUvNE5VYmp1NzBnSFAvV1M1RDliVzVwK09JUWk3L3VucmxXZS9oCjNBNmp0QmJiUmxYWVhsTitaMjJ1VFR5eUNEL1c4emVYYUFDTHZIYWd3RU1yUWVQRFhCWnFjL2lYMmtJK29vWnIxc0MvSDM5UkFnTUIKQUFHaklUQWZNQjBHQTFVZERnUVdCQlNyWDJkbTNMd1Q5amIvcCtiQUFkWVFwRSsvTmpBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQQplcUpmWUhuc0E5cWhHdHRYRmZGcFBXNERRTGg1dzZKQ2NlN3ZHdldJTnI1ZnIxRG5RZGNPcit3d2pRL3RxYmNrQUwydjZ6MUFxamhTCjc4a2JmZWduQVFEd2lvSloxb2xZWXZMT3hLb2E2SEYrYjEvcDBNbHViOFp1a2sybjFiMmxLUEJCT2liT2FzU1k3Z1FEd2xJWmk3dGwKOW5NVHhVZmRZSytFNUF4djdEVm5tVUN3Y25ucFY1LzFTRmROeVcya1dPNEM2OHJyak1PdkVDZndyS2tiZlZKTThmOWtyRVVCdW9CRgo4ZFREdjdEMlpNNFEyYnVDNzBOYmZhTldVWDB5RnZLSTBJdVRxazhSQmZHVFJRNGZaQWJoTVBheWtFcEJ1NmROalRpNVlPYTBsTnFGCkdTN0F4N2xlQ2g1eDlsVjhlbGNMa1hzOHlTbzhBT1FKazBoZ0l3PT0KICAgICAgICAgICAgICAgICAgICA8L2RzOlg1MDlDZXJ0aWZpY2F0ZT4KICAgICAgICAgICAgICAgIDwvZHM6WDUwOURhdGE-CiAgICAgICAgICAgIDwvZHM6S2V5SW5mbz4KICAgICAgICA8L0tleURlc2NyaXB0b3I-CiAgICAgICAgPEtleURlc2NyaXB0b3IgdXNlPSJzaWduaW5nIj4KICAgICAgICAgICAgPGRzOktleUluZm8-CiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgPGRzOlg1MDlEYXRhPgogICAgICAgICAgICAgICAgICAgIDxkczpYNTA5Q2VydGlmaWNhdGU-Ck1JSUMvVENDQWVXZ0F3SUJBZ0lRTi9HUGVnblQ4YmxQMkVjU2RNTWJCekFOQmdrcWhraUc5dzBCQVFzRkFEQXBNU2N3SlFZRFZRUUQKRXg1TWFYWmxJRWxFSUZOVVV5QlRhV2R1YVc1bklGQjFZbXhwWXlCTFpYa3dIaGNOTWpFd01qRTRNREF3TURBd1doY05Nall3TWpFNApNREF3TURBd1dqQXBNU2N3SlFZRFZRUURFeDVNYVhabElFbEVJRk5VVXlCVGFXZHVhVzVuSUZCMVlteHBZeUJMWlhrd2dnRWlNQTBHCkNTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFEWGRMR1UyTGw1UlBkRFVuS1ErZi9IUzVxaVRheTJjQ2g5VTJBUzZvRE0KNlNPeFZoWUd0b2VKMVZQZWJjTG5wZ0xmaFB4enJ3V29WelhTRUYrVlJRYm5ZSUQySmI0a2hqZ3lFZW9UaGszVnFyVGh3aGFocFNiQgpnMnZvMDZ2SU9wMVRTMlIxQml3SEtUTG9CMWkxSUpuYUlGU0MzQk42cFk0ZmxYV3lMUXQvNUFCWEVsdjJYWkxxWE05RWVmajZKaTQwCm5MSXNpVzRkV3czQkRhL3l3V1cwTXNpVzVvakdxNHZvdmNBZ0VOZS80TlVianU3MGdIUC9XUzVEOWJXNXArT0lRaTcvdW5ybFdlL2gKM0E2anRCYmJSbFhZWGxOK1oyMnVUVHl5Q0QvVzh6ZVhhQUNMdkhhZ3dFTXJRZVBEWEJacWMvaVgya0krb29acjFzQy9IMzlSQWdNQgpBQUdqSVRBZk1CMEdBMVVkRGdRV0JCU3JYMmRtM0x3VDlqYi9wK2JBQWRZUXBFKy9OakFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBCmVxSmZZSG5zQTlxaEd0dFhGZkZwUFc0RFFMaDV3NkpDY2U3dkd2V0lOcjVmcjFEblFkY09yK3d3alEvdHFiY2tBTDJ2NnoxQXFqaFMKNzhrYmZlZ25BUUR3aW9KWjFvbFlZdkxPeEtvYTZIRitiMS9wME1sdWI4WnVrazJuMWIybEtQQkJPaWJPYXNTWTdnUUR3bElaaTd0bAo5bk1UeFVmZFlLK0U1QXh2N0RWbm1VQ3djbm5wVjUvMVNGZE55VzJrV080QzY4cnJqTU92RUNmd3JLa2JmVkpNOGY5a3JFVUJ1b0JGCjhkVER2N0QyWk00UTJidUM3ME5iZmFOV1VYMHlGdktJMEl1VHFrOFJCZkdUUlE0ZlpBYmhNUGF5a0VwQnU2ZE5qVGk1WU9hMGxOcUYKR1M3QXg3bGVDaDV4OWxWOGVsY0xrWHM4eVNvOEFPUUprMGhnSXc9PQogICAgICAgICAgICAgICAgICAgIDwvZHM6WDUwOUNlcnRpZmljYXRlPgogICAgICAgICAgICAgICAgPC9kczpYNTA5RGF0YT4KICAgICAgICAgICAgPC9kczpLZXlJbmZvPgogICAgICAgIDwvS2V5RGVzY3JpcHRvcj4KICAgICAgICA8U2luZ2xlTG9nb3V0U2VydmljZSBCaW5kaW5nPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YmluZGluZ3M6SFRUUC1QT1NUIiBMb2NhdGlvbj0iaHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2xvZ2luLnNyZiIvPgogICAgICAgIDxOYW1lSURGb3JtYXQ-dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6ZW1haWxBZGRyZXNzPC9OYW1lSURGb3JtYXQ-CiAgICAgICAgPE5hbWVJREZvcm1hdD51cm46bWFjZTpzaGliYm9sZXRoOjEuMDpuYW1lSWRlbnRpZmllcjwvTmFtZUlERm9ybWF0PgogICAgICAgIDxOYW1lSURGb3JtYXQ-dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6dW5zcGVjaWZpZWQ8L05hbWVJREZvcm1hdD4KICAgICAgICA8TmFtZUlERm9ybWF0PnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OnRyYW5zaWVudDwvTmFtZUlERm9ybWF0PgogICAgICAgIDxOYW1lSURGb3JtYXQ-dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6cGVyc2lzdGVudDwvTmFtZUlERm9ybWF0PgogICAgICAgIDxBc3NlcnRpb25Db25zdW1lclNlcnZpY2UgaW5kZXg9IjAiIGlzRGVmYXVsdD0idHJ1ZSIgQmluZGluZz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmJpbmRpbmdzOkhUVFAtUE9TVCIgTG9jYXRpb249Imh0dHBzOi8vbG9naW4ubWljcm9zb2Z0b25saW5lLmNvbS9sb2dpbi5zcmYiLz4KICAgICAgICA8QXNzZXJ0aW9uQ29uc3VtZXJTZXJ2aWNlIGluZGV4PSIxIiBpc0RlZmF1bHQ9ImZhbHNlIiBCaW5kaW5nPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YmluZGluZ3M6SFRUUC1QT1NULVNpbXBsZVNpZ24iIExvY2F0aW9uPSJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vbG9naW4uc3JmIi8-CiAgICAgICAgPEFzc2VydGlvbkNvbnN1bWVyU2VydmljZSBpbmRleD0iMiIgaXNEZWZhdWx0PSJmYWxzZSIgQmluZGluZz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmJpbmRpbmdzOlBBT1MiIExvY2F0aW9uPSJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vbG9naW4uc3JmIi8-CiAgICA8L1NQU1NPRGVzY3JpcHRvcj4KPC9FbnRpdHlEZXNjcmlwdG9yPgoK"
742
+ }
743
+ },
744
+ "circlesOfTrust": {
745
+ "AzureCOT": {
746
+ "_id": "AzureCOT",
747
+ "_rev": "-954827061",
748
+ "trustedProviders": [
749
+ "iSPAzure|saml2",
750
+ "urn:federation:MicrosoftOnline|saml2",
751
+ "https://sts.windows.net/711ffa9c-5972-4713-ace3-688c9732614a/|saml2",
752
+ "SPAzure|saml2",
753
+ "https://idc.scheuber.io/am/saml2/IDPAzure|saml2"
754
+ ],
755
+ "status": "active",
756
+ "_type": {
757
+ "_id": "circlesoftrust",
758
+ "name": "Circle of Trust",
759
+ "collection": true
760
+ }
761
+ }
762
+ },
763
+ "tree": {
764
+ "_id": "FrodoTestJourney3",
765
+ "_rev": "1422551525",
766
+ "identityResource": "managed/alpha_user",
767
+ "uiConfig": {
768
+ "categories": "[\"Frodo\",\"Prototype\"]"
769
+ },
770
+ "entryNodeId": "46643303-aeb2-4873-9df1-59db4958cc34",
771
+ "nodes": {
772
+ "9381fc70-1a31-40de-85de-23faf97e7b28": {
773
+ "x": 440,
774
+ "y": 424,
775
+ "connections": {
776
+ "localAuthentication": "a681751d-ab8c-4cb8-8be9-92b4cc688b69",
777
+ "socialAuthentication": "4b5d893f-0ade-4385-88d6-a281754fe498"
778
+ },
779
+ "nodeType": "PageNode",
780
+ "displayName": "Login Page"
781
+ },
782
+ "ab9f607b-0f87-4e46-972d-fa726cd1c8f0": {
783
+ "x": 440,
784
+ "y": 80,
785
+ "connections": {
786
+ "localAuthentication": "a681751d-ab8c-4cb8-8be9-92b4cc688b69",
787
+ "socialAuthentication": "4b5d893f-0ade-4385-88d6-a281754fe498"
788
+ },
789
+ "nodeType": "PageNode",
790
+ "displayName": "Login Page"
791
+ },
792
+ "4b5d893f-0ade-4385-88d6-a281754fe498": {
793
+ "x": 685,
794
+ "y": 371.8333333333333,
795
+ "connections": {
796
+ "ACCOUNT_EXISTS": "70e691a5-1e33-4ac3-a356-e7b6d60d92e0",
797
+ "NO_ACCOUNT": "c3167e4f-4756-4ad2-bbbd-1278fc1dbf59"
798
+ },
799
+ "nodeType": "SocialProviderHandlerNode",
800
+ "displayName": "Social Login"
801
+ },
802
+ "46643303-aeb2-4873-9df1-59db4958cc34": {
803
+ "x": 210,
804
+ "y": 305.5,
805
+ "connections": {
806
+ "unknown": "ab9f607b-0f87-4e46-972d-fa726cd1c8f0",
807
+ "known": "9381fc70-1a31-40de-85de-23faf97e7b28"
808
+ },
809
+ "nodeType": "ScriptedDecisionNode",
810
+ "displayName": "Check Username"
811
+ },
812
+ "a681751d-ab8c-4cb8-8be9-92b4cc688b69": {
813
+ "x": 685,
814
+ "y": 143.66666666666666,
815
+ "connections": {
816
+ "CANCELLED": "e60801b1-9b6f-4017-83d4-1695ca982022",
817
+ "EXPIRED": "e60801b1-9b6f-4017-83d4-1695ca982022",
818
+ "FALSE": "e301438c-0bd0-429c-ab0c-66126501069a",
819
+ "LOCKED": "e301438c-0bd0-429c-ab0c-66126501069a",
820
+ "TRUE": "70e691a5-1e33-4ac3-a356-e7b6d60d92e0"
821
+ },
822
+ "nodeType": "IdentityStoreDecisionNode",
823
+ "displayName": "Validate Creds"
824
+ },
825
+ "dd0d8532-e7a2-40af-b05f-2913432fc97e": {
826
+ "x": 1163,
827
+ "y": 305.5,
828
+ "connections": {
829
+ "ACCOUNT_EXISTS": "70e691a5-1e33-4ac3-a356-e7b6d60d92e0",
830
+ "NO_ACCOUNT": "e301438c-0bd0-429c-ab0c-66126501069a"
831
+ },
832
+ "nodeType": "product-Saml2Node",
833
+ "displayName": "SAML2 Authentication"
834
+ },
835
+ "c3167e4f-4756-4ad2-bbbd-1278fc1dbf59": {
836
+ "x": 915,
837
+ "y": 309.3333333333333,
838
+ "connections": {
839
+ "EMAIL_NOT_SENT": "e301438c-0bd0-429c-ab0c-66126501069a",
840
+ "EMAIL_SENT": "dd0d8532-e7a2-40af-b05f-2913432fc97e"
841
+ },
842
+ "nodeType": "EmailTemplateNode",
843
+ "displayName": "Email Template Node"
844
+ },
845
+ "e60801b1-9b6f-4017-83d4-1695ca982022": {
846
+ "x": 915,
847
+ "y": 168.66666666666669,
848
+ "connections": {
849
+ "true": "70e691a5-1e33-4ac3-a356-e7b6d60d92e0",
850
+ "false": "e301438c-0bd0-429c-ab0c-66126501069a"
851
+ },
852
+ "nodeType": "InnerTreeEvaluatorNode",
853
+ "displayName": "Login"
854
+ }
855
+ },
856
+ "staticNodes": {
857
+ "startNode": {
858
+ "x": 70,
859
+ "y": 323
860
+ },
861
+ "70e691a5-1e33-4ac3-a356-e7b6d60d92e0": {
862
+ "x": 1417,
863
+ "y": 192
864
+ },
865
+ "e301438c-0bd0-429c-ab0c-66126501069a": {
866
+ "x": 1417,
867
+ "y": 286
868
+ }
869
+ },
870
+ "description": "Frodo test journey utilizing a variety of nodes and dependencies to test support for complex journeys.",
871
+ "enabled": true
872
+ }
873
+ }