@rockcarver/frodo-lib 0.17.3 → 0.17.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (63) hide show
  1. package/CHANGELOG.md +5 -1
  2. package/cjs/api/Saml2Api.js +36 -14
  3. package/cjs/api/Saml2Api.js.map +1 -1
  4. package/cjs/api/ScriptApi.js +23 -2
  5. package/cjs/api/ScriptApi.js.map +1 -1
  6. package/cjs/ops/IdpOps.js +3 -3
  7. package/cjs/ops/IdpOps.js.map +1 -1
  8. package/cjs/ops/JourneyOps.js +49 -35
  9. package/cjs/ops/JourneyOps.js.map +1 -1
  10. package/cjs/ops/JourneyOps.test.js.map +1 -1
  11. package/cjs/ops/OpsTypes.js.map +1 -1
  12. package/cjs/ops/Saml2Ops.js +104 -57
  13. package/cjs/ops/Saml2Ops.js.map +1 -1
  14. package/cjs/ops/Saml2Ops.test.js.map +1 -1
  15. package/cjs/ops/ScriptOps.js +193 -186
  16. package/cjs/ops/ScriptOps.js.map +1 -1
  17. package/cjs/ops/ScriptOps.test.js.map +1 -0
  18. package/cjs/test/mocks/ForgeRockApiMockEngine.js +5 -0
  19. package/cjs/test/mocks/ForgeRockApiMockEngine.js.map +1 -1
  20. package/cjs/test/mocks/JourneyOps/importJourney/FrodoTestJourney1.journey.json +148 -0
  21. package/cjs/test/mocks/JourneyOps/importJourney/FrodoTestJourney2.journey.json +76 -0
  22. package/cjs/test/mocks/JourneyOps/importJourney/FrodoTestJourney3.journey.json +873 -0
  23. package/cjs/test/mocks/JourneyOps/importJourney/FrodoTestJourney4.journey.json +930 -0
  24. package/cjs/test/mocks/JourneyOps/importJourney/FrodoTestJourney5.journey.json +873 -0
  25. package/cjs/test/mocks/JourneyOps/importJourney/FrodoTestJourney6.journey.json +148 -0
  26. package/cjs/test/mocks/JourneyOps/importJourney/FrodoTestJourney7.journey.json +148 -0
  27. package/cjs/test/mocks/JourneyOps/importJourney/FrodoTestJourney8.journey.json +148 -0
  28. package/cjs/test/mocks/JourneyOps/importJourney/FrodoTestJourney9.journey.json +148 -0
  29. package/esm/api/Saml2Api.mjs +17 -1
  30. package/esm/api/ScriptApi.mjs +17 -2
  31. package/esm/ops/IdpOps.mjs +4 -4
  32. package/esm/ops/JourneyOps.mjs +30 -21
  33. package/esm/ops/JourneyOps.test.mjs +220 -246
  34. package/esm/ops/Saml2Ops.mjs +66 -31
  35. package/esm/ops/Saml2Ops.test.mjs +399 -333
  36. package/esm/ops/ScriptOps.mjs +148 -152
  37. package/esm/ops/ScriptOps.test.mjs +282 -0
  38. package/esm/test/mocks/ForgeRockApiMockEngine.mjs +4 -0
  39. package/esm/test/mocks/JourneyOps/importJourney/FrodoTestJourney1.journey.json +148 -0
  40. package/esm/test/mocks/JourneyOps/importJourney/FrodoTestJourney2.journey.json +76 -0
  41. package/esm/test/mocks/JourneyOps/importJourney/FrodoTestJourney3.journey.json +873 -0
  42. package/esm/test/mocks/JourneyOps/importJourney/FrodoTestJourney4.journey.json +930 -0
  43. package/esm/test/mocks/JourneyOps/importJourney/FrodoTestJourney5.journey.json +873 -0
  44. package/esm/test/mocks/JourneyOps/importJourney/FrodoTestJourney6.journey.json +148 -0
  45. package/esm/test/mocks/JourneyOps/importJourney/FrodoTestJourney7.journey.json +148 -0
  46. package/esm/test/mocks/JourneyOps/importJourney/FrodoTestJourney8.journey.json +148 -0
  47. package/esm/test/mocks/JourneyOps/importJourney/FrodoTestJourney9.journey.json +148 -0
  48. package/package.json +10 -2
  49. package/types/api/Saml2Api.d.ts +8 -1
  50. package/types/api/Saml2Api.d.ts.map +1 -1
  51. package/types/api/ScriptApi.d.ts +7 -1
  52. package/types/api/ScriptApi.d.ts.map +1 -1
  53. package/types/ops/IdpOps.d.ts.map +1 -1
  54. package/types/ops/JourneyOps.d.ts +17 -3
  55. package/types/ops/JourneyOps.d.ts.map +1 -1
  56. package/types/ops/OpsTypes.d.ts +1 -1
  57. package/types/ops/OpsTypes.d.ts.map +1 -1
  58. package/types/ops/Saml2Ops.d.ts +24 -12
  59. package/types/ops/Saml2Ops.d.ts.map +1 -1
  60. package/types/ops/ScriptOps.d.ts +56 -20
  61. package/types/ops/ScriptOps.d.ts.map +1 -1
  62. package/types/test/mocks/ForgeRockApiMockEngine.d.ts +1 -0
  63. package/types/test/mocks/ForgeRockApiMockEngine.d.ts.map +1 -1
package/esm/test/mocks/JourneyOps/importJourney/FrodoTestJourney5.journey.json ADDED
@@ -0,0 +1,873 @@
1
+ {
2
+ "meta": {
3
+ "origin": "https://openam-volker-dev.forgeblocks.com/am",
4
+ "originAmVersion": "7.3.0",
5
+ "exportedBy": "volker.scheuber@forgerock.com",
6
+ "exportDate": "2023-01-04T19:11:23.770Z",
7
+ "exportTool": "frodo",
8
+ "exportToolVersion": "v0.17.3 [v18.7.0]"
9
+ },
10
+ "innerNodes": {
11
+ "6162401b-0b46-4080-a82c-088eaf910cfe": {
12
+ "_id": "6162401b-0b46-4080-a82c-088eaf910cfe",
13
+ "_rev": "-866877078",
14
+ "passwordAttribute": "password",
15
+ "validateInput": false,
16
+ "_type": {
17
+ "_id": "ValidatedPasswordNode",
18
+ "name": "Platform Password",
19
+ "collection": true
20
+ },
21
+ "_outcomes": [
22
+ {
23
+ "id": "outcome",
24
+ "displayName": "Outcome"
25
+ }
26
+ ]
27
+ },
28
+ "b244706a-d58d-475a-b8c5-6bb8b8bc82cc": {
29
+ "_id": "b244706a-d58d-475a-b8c5-6bb8b8bc82cc",
30
+ "_rev": "-411766070",
31
+ "includeLocalAuthentication": true,
32
+ "filteredProviders": [
33
+ "adfs",
34
+ "github"
35
+ ],
36
+ "identityAttribute": "mail",
37
+ "passwordAttribute": "password",
38
+ "offerOnlyExisting": false,
39
+ "_type": {
40
+ "_id": "SelectIdPNode",
41
+ "name": "Select Identity Provider",
42
+ "collection": true
43
+ },
44
+ "_outcomes": [
45
+ {
46
+ "id": "socialAuthentication",
47
+ "displayName": "Social Authentication"
48
+ },
49
+ {
50
+ "id": "localAuthentication",
51
+ "displayName": "Local Authentication"
52
+ }
53
+ ]
54
+ },
55
+ "6c299051-5d81-4817-b599-5f502833a685": {
56
+ "_id": "6c299051-5d81-4817-b599-5f502833a685",
57
+ "_rev": "-1250521308",
58
+ "usernameAttribute": "userName",
59
+ "validateInput": false,
60
+ "_type": {
61
+ "_id": "ValidatedUsernameNode",
62
+ "name": "Platform Username",
63
+ "collection": true
64
+ },
65
+ "_outcomes": [
66
+ {
67
+ "id": "outcome",
68
+ "displayName": "Outcome"
69
+ }
70
+ ]
71
+ },
72
+ "3dc55c37-baca-44aa-ae00-e596ff97fbf2": {
73
+ "_id": "3dc55c37-baca-44aa-ae00-e596ff97fbf2",
74
+ "_rev": "-355864179",
75
+ "passwordAttribute": "password",
76
+ "validateInput": false,
77
+ "_type": {
78
+ "_id": "ValidatedPasswordNode",
79
+ "name": "Platform Password",
80
+ "collection": true
81
+ },
82
+ "_outcomes": [
83
+ {
84
+ "id": "outcome",
85
+ "displayName": "Outcome"
86
+ }
87
+ ]
88
+ },
89
+ "ff1ee52f-ac32-4f80-ac92-c3b28788708b": {
90
+ "_id": "ff1ee52f-ac32-4f80-ac92-c3b28788708b",
91
+ "_rev": "-48274884",
92
+ "includeLocalAuthentication": true,
93
+ "filteredProviders": [
94
+ "google",
95
+ "facebook",
96
+ "azure"
97
+ ],
98
+ "identityAttribute": "mail",
99
+ "passwordAttribute": "password",
100
+ "offerOnlyExisting": false,
101
+ "_type": {
102
+ "_id": "SelectIdPNode",
103
+ "name": "Select Identity Provider",
104
+ "collection": true
105
+ },
106
+ "_outcomes": [
107
+ {
108
+ "id": "socialAuthentication",
109
+ "displayName": "Social Authentication"
110
+ },
111
+ {
112
+ "id": "localAuthentication",
113
+ "displayName": "Local Authentication"
114
+ }
115
+ ]
116
+ }
117
+ },
118
+ "nodes": {
119
+ "ef8f26a5-a85f-4929-acf6-842e24d89493": {
120
+ "_id": "ef8f26a5-a85f-4929-acf6-842e24d89493",
121
+ "_rev": "-660190884",
122
+ "nodes": [
123
+ {
124
+ "_id": "6162401b-0b46-4080-a82c-088eaf910cfe",
125
+ "nodeType": "ValidatedPasswordNode",
126
+ "displayName": "Password"
127
+ },
128
+ {
129
+ "_id": "b244706a-d58d-475a-b8c5-6bb8b8bc82cc",
130
+ "nodeType": "SelectIdPNode",
131
+ "displayName": "Select IDP"
132
+ }
133
+ ],
134
+ "pageDescription": {},
135
+ "pageHeader": {},
136
+ "_type": {
137
+ "_id": "PageNode",
138
+ "name": "Page Node",
139
+ "collection": true
140
+ },
141
+ "_outcomes": [
142
+ {
143
+ "id": "socialAuthentication",
144
+ "displayName": "Social Authentication"
145
+ },
146
+ {
147
+ "id": "localAuthentication",
148
+ "displayName": "Local Authentication"
149
+ }
150
+ ]
151
+ },
152
+ "c89fb4c7-0122-42c0-817a-a0451b67bcdc": {
153
+ "_id": "c89fb4c7-0122-42c0-817a-a0451b67bcdc",
154
+ "_rev": "1375121105",
155
+ "emailTemplateName": "welcome",
156
+ "identityAttribute": "userName",
157
+ "emailAttribute": "mail",
158
+ "_type": {
159
+ "_id": "EmailTemplateNode",
160
+ "name": "Email Template Node",
161
+ "collection": true
162
+ },
163
+ "_outcomes": [
164
+ {
165
+ "id": "EMAIL_SENT",
166
+ "displayName": "Email Sent"
167
+ },
168
+ {
169
+ "id": "EMAIL_NOT_SENT",
170
+ "displayName": "Email Not Sent"
171
+ }
172
+ ]
173
+ },
174
+ "58f762af-8e19-4d96-aae0-73b48e8f95d4": {
175
+ "_id": "58f762af-8e19-4d96-aae0-73b48e8f95d4",
176
+ "_rev": "-1750921061",
177
+ "metaAlias": "/alpha/iSPAzure",
178
+ "allowCreate": true,
179
+ "authnContextClassRef": [],
180
+ "authnContextDeclRef": [],
181
+ "authComparison": "MINIMUM",
182
+ "nameIdFormat": "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
183
+ "requestBinding": "HTTP_REDIRECT",
184
+ "binding": "HTTP_ARTIFACT",
185
+ "forceAuthn": false,
186
+ "idpEntityId": "urn:federation:MicrosoftOnline",
187
+ "isPassive": false,
188
+ "_type": {
189
+ "_id": "product-Saml2Node",
190
+ "name": "SAML2 Authentication",
191
+ "collection": true
192
+ },
193
+ "_outcomes": [
194
+ {
195
+ "id": "ACCOUNT_EXISTS",
196
+ "displayName": "Account exists"
197
+ },
198
+ {
199
+ "id": "NO_ACCOUNT",
200
+ "displayName": "No account exists"
201
+ }
202
+ ]
203
+ },
204
+ "ff179a8f-b67b-46e8-bb8d-edc78c80341b": {
205
+ "_id": "ff179a8f-b67b-46e8-bb8d-edc78c80341b",
206
+ "_rev": "-1199744357",
207
+ "tree": "FrodoTestJourney2",
208
+ "_type": {
209
+ "_id": "InnerTreeEvaluatorNode",
210
+ "name": "Inner Tree Evaluator",
211
+ "collection": true
212
+ },
213
+ "_outcomes": [
214
+ {
215
+ "id": "true",
216
+ "displayName": "True"
217
+ },
218
+ {
219
+ "id": "false",
220
+ "displayName": "False"
221
+ }
222
+ ]
223
+ },
224
+ "94299dce-b606-409f-8be0-66d23061692f": {
225
+ "_id": "94299dce-b606-409f-8be0-66d23061692f",
226
+ "_rev": "-1503374379",
227
+ "script": "739bdc48-fd24-4c52-b353-88706d75558a",
228
+ "outcomes": [
229
+ "known",
230
+ "unknown"
231
+ ],
232
+ "outputs": [
233
+ "*"
234
+ ],
235
+ "inputs": [
236
+ "*"
237
+ ],
238
+ "_type": {
239
+ "_id": "ScriptedDecisionNode",
240
+ "name": "Scripted Decision",
241
+ "collection": true
242
+ },
243
+ "_outcomes": [
244
+ {
245
+ "id": "known",
246
+ "displayName": "known"
247
+ },
248
+ {
249
+ "id": "unknown",
250
+ "displayName": "unknown"
251
+ }
252
+ ]
253
+ },
254
+ "a036a5e1-cee2-4c23-b7ae-8f39a7087444": {
255
+ "_id": "a036a5e1-cee2-4c23-b7ae-8f39a7087444",
256
+ "_rev": "2011405832",
257
+ "useUniversalIdForUsername": true,
258
+ "minimumPasswordLength": 8,
259
+ "_type": {
260
+ "_id": "IdentityStoreDecisionNode",
261
+ "name": "Identity Store Decision",
262
+ "collection": true
263
+ },
264
+ "_outcomes": [
265
+ {
266
+ "id": "TRUE",
267
+ "displayName": "True"
268
+ },
269
+ {
270
+ "id": "FALSE",
271
+ "displayName": "False"
272
+ },
273
+ {
274
+ "id": "LOCKED",
275
+ "displayName": "Locked"
276
+ },
277
+ {
278
+ "id": "CANCELLED",
279
+ "displayName": "Cancelled"
280
+ },
281
+ {
282
+ "id": "EXPIRED",
283
+ "displayName": "Expired"
284
+ }
285
+ ]
286
+ },
287
+ "da49467f-a848-4e41-a175-5a0502c5d2af": {
288
+ "_id": "da49467f-a848-4e41-a175-5a0502c5d2af",
289
+ "_rev": "-211789038",
290
+ "nodes": [
291
+ {
292
+ "_id": "6c299051-5d81-4817-b599-5f502833a685",
293
+ "nodeType": "ValidatedUsernameNode",
294
+ "displayName": "Username"
295
+ },
296
+ {
297
+ "_id": "3dc55c37-baca-44aa-ae00-e596ff97fbf2",
298
+ "nodeType": "ValidatedPasswordNode",
299
+ "displayName": "Password"
300
+ },
301
+ {
302
+ "_id": "ff1ee52f-ac32-4f80-ac92-c3b28788708b",
303
+ "nodeType": "SelectIdPNode",
304
+ "displayName": "Select IDP"
305
+ }
306
+ ],
307
+ "pageDescription": {},
308
+ "pageHeader": {},
309
+ "_type": {
310
+ "_id": "PageNode",
311
+ "name": "Page Node",
312
+ "collection": true
313
+ },
314
+ "_outcomes": [
315
+ {
316
+ "id": "socialAuthentication",
317
+ "displayName": "Social Authentication"
318
+ },
319
+ {
320
+ "id": "localAuthentication",
321
+ "displayName": "Local Authentication"
322
+ }
323
+ ]
324
+ },
325
+ "f4e81b8b-8465-409f-b71c-b5c58ab688ef": {
326
+ "_id": "f4e81b8b-8465-409f-b71c-b5c58ab688ef",
327
+ "_rev": "1131356488",
328
+ "clientType": "BROWSER",
329
+ "script": "58c824ae-84ed-4724-82cd-db128fc3f6c",
330
+ "usernameAttribute": "userName",
331
+ "_type": {
332
+ "_id": "SocialProviderHandlerNode",
333
+ "name": "Social Provider Handler Node",
334
+ "collection": true
335
+ },
336
+ "_outcomes": [
337
+ {
338
+ "id": "ACCOUNT_EXISTS",
339
+ "displayName": "Account exists"
340
+ },
341
+ {
342
+ "id": "NO_ACCOUNT",
343
+ "displayName": "No account exists"
344
+ }
345
+ ]
346
+ }
347
+ },
348
+ "scripts": {
349
+ "739bdc48-fd24-4c52-b353-88706d75558a": {
350
+ "_id": "739bdc48-fd24-4c52-b353-88706d75558a",
351
+ "name": "Check Username",
352
+ "description": "Check if username has already been collected.",
353
+ "script": "\"/* Check Username\\n *\\n * Author: volker.scheuber@forgerock.com\\n * \\n * Check if username has already been collected.\\n * Return \\\"known\\\" if yes, \\\"unknown\\\" otherwise.\\n * \\n * This script does not need to be parametrized. It will work properly as is.\\n * \\n * The Scripted Decision Node needs the following outcomes defined:\\n * - known\\n * - unknown\\n */\\n(function () {\\n if (null != sharedState.get(\\\"username\\\")) {\\n outcome = \\\"known\\\";\\n }\\n else {\\n outcome = \\\"unknown\\\";\\n }\\n}());\"",
354
+ "default": false,
355
+ "language": "JAVASCRIPT",
356
+ "context": "AUTHENTICATION_TREE_DECISION_NODE",
357
+ "createdBy": "null",
358
+ "creationDate": 0,
359
+ "lastModifiedBy": "null",
360
+ "lastModifiedDate": 0
361
+ },
362
+ "58c824ae-84ed-4724-82cd-db128fc3f6c": {
363
+ "_id": "58c824ae-84ed-4724-82cd-db128fc3f6c",
364
+ "name": "Normalized Profile to Managed User",
365
+ "description": "Converts a normalized social profile into a managed user",
366
+ "script": "\"/*\\n * Copyright 2020 ForgeRock AS. All Rights Reserved\\n *\\n * Use of this code requires a commercial software license with ForgeRock AS.\\n * or with one of its affiliates. All use shall be exclusively subject\\n * to such license between the licensee and ForgeRock AS.\\n */\\n\\nimport static org.forgerock.json.JsonValue.field\\nimport static org.forgerock.json.JsonValue.json\\nimport static org.forgerock.json.JsonValue.object\\n\\nimport org.forgerock.json.JsonValue\\n\\nJsonValue managedUser = json(object(\\n field(\\\"givenName\\\", normalizedProfile.givenName),\\n field(\\\"sn\\\", normalizedProfile.familyName),\\n field(\\\"mail\\\", normalizedProfile.email),\\n field(\\\"userName\\\", normalizedProfile.username)))\\n\\nif (normalizedProfile.postalAddress.isNotNull()) managedUser.put(\\\"postalAddress\\\", normalizedProfile.postalAddress)\\nif (normalizedProfile.addressLocality.isNotNull()) managedUser.put(\\\"city\\\", normalizedProfile.addressLocality)\\nif (normalizedProfile.addressRegion.isNotNull()) managedUser.put(\\\"stateProvince\\\", normalizedProfile.addressRegion)\\nif (normalizedProfile.postalCode.isNotNull()) managedUser.put(\\\"postalCode\\\", normalizedProfile.postalCode)\\nif (normalizedProfile.country.isNotNull()) managedUser.put(\\\"country\\\", normalizedProfile.country)\\nif (normalizedProfile.phone.isNotNull()) managedUser.put(\\\"telephoneNumber\\\", normalizedProfile.phone)\\n\\n// if the givenName and familyName is null or empty\\n// then add a boolean flag to the shared state to indicate names are not present\\n// this could be used elsewhere\\n// for eg. this could be used in a scripted decision node to by-pass patching\\n// the user object with blank values when givenName and familyName is not present\\nboolean noGivenName = normalizedProfile.givenName.isNull() || (!normalizedProfile.givenName.asString()?.trim())\\nboolean noFamilyName = normalizedProfile.familyName.isNull() || (!normalizedProfile.familyName.asString()?.trim())\\nsharedState.put(\\\"nameEmptyOrNull\\\", noGivenName && noFamilyName)\\n\\nreturn managedUser\\n\"",
367
+ "default": true,
368
+ "language": "GROOVY",
369
+ "context": "SOCIAL_IDP_PROFILE_TRANSFORMATION",
370
+ "createdBy": "null",
371
+ "creationDate": 0,
372
+ "lastModifiedBy": "null",
373
+ "lastModifiedDate": 0
374
+ },
375
+ "23143919-6b78-40c3-b25e-beca19b229e0": {
376
+ "_id": "23143919-6b78-40c3-b25e-beca19b229e0",
377
+ "name": "GitHub Profile Normalization (VS)",
378
+ "description": "Normalizes raw profile data from GitHub",
379
+ "script": "\"/*\\n * Copyright 2020 ForgeRock AS. All Rights Reserved\\n *\\n * Use of this code requires a commercial software license with ForgeRock AS.\\n * or with one of its affiliates. All use shall be exclusively subject\\n * to such license between the licensee and ForgeRock AS.\\n */\\n\\nimport static org.forgerock.json.JsonValue.field\\nimport static org.forgerock.json.JsonValue.json\\nimport static org.forgerock.json.JsonValue.object\\n\\nlogger.warning(\\\"GitHub rawProfile: \\\"+rawProfile)\\n\\nreturn json(object(\\n field(\\\"id\\\", rawProfile.id),\\n field(\\\"displayName\\\", rawProfile.name),\\n field(\\\"givenName\\\", rawProfile.first_name),\\n field(\\\"familyName\\\", rawProfile.last_name),\\n field(\\\"photoUrl\\\", rawProfile.picture.data.url),\\n field(\\\"email\\\", rawProfile.email),\\n field(\\\"username\\\", rawProfile.email)))\"",
380
+ "default": false,
381
+ "language": "GROOVY",
382
+ "context": "SOCIAL_IDP_PROFILE_TRANSFORMATION",
383
+ "createdBy": "null",
384
+ "creationDate": 0,
385
+ "lastModifiedBy": "null",
386
+ "lastModifiedDate": 0
387
+ },
388
+ "dbe0bf9a-72aa-49d5-8483-9db147985a47": {
389
+ "_id": "dbe0bf9a-72aa-49d5-8483-9db147985a47",
390
+ "name": "ADFS Profile Normalization (JS)",
391
+ "description": "Normalizes raw profile data from ADFS",
392
+ "script": "\"/*\\n * Copyright 2022 ForgeRock AS. All Rights Reserved\\n *\\n * Use of this code requires a commercial software license with ForgeRock AS\\n * or with one of its affiliates. All use shall be exclusively subject\\n * to such license between the licensee and ForgeRock AS.\\n */\\n\\n/*\\n * This script returns the social identity profile information for the authenticating user\\n * in a standard form expected by the Social Provider Handler Node.\\n *\\n * Defined variables:\\n * rawProfile - The social identity provider profile information for the authenticating user.\\n * JsonValue (1).\\n * logger - The debug logger instance:\\n * https://backstage.forgerock.com/docs/am/7/scripting-guide/scripting-api-global-logger.html#scripting-api-global-logger.\\n * realm - String (primitive).\\n * The name of the realm the user is authenticating to.\\n * requestHeaders - TreeMap (2).\\n * The object that provides methods for accessing headers in the login request:\\n * https://backstage.forgerock.com/docs/am/7/authentication-guide/scripting-api-node.html#scripting-api-node-requestHeaders.\\n * requestParameters - TreeMap (2).\\n * The object that contains the authentication request parameters.\\n * selectedIdp - String (primitive).\\n * The social identity provider name. For example: google.\\n * sharedState - LinkedHashMap (3).\\n * The object that holds the state of the authentication tree and allows data exchange between the stateless nodes:\\n * https://backstage.forgerock.com/docs/am/7/auth-nodes/core-action.html#accessing-tree-state.\\n * transientState - LinkedHashMap (3).\\n * The object for storing sensitive information that must not leave the server unencrypted,\\n * and that may not need to persist between authentication requests during the authentication session:\\n * https://backstage.forgerock.com/docs/am/7/auth-nodes/core-action.html#accessing-tree-state.\\n *\\n * Return - a JsonValue (1).\\n * The result of the last statement in the script is returned to the server.\\n * Currently, the Immediately Invoked Function Expression (also known as Self-Executing Anonymous Function)\\n * is the last (and only) statement in this script, and its return value will become the script result.\\n * Do not use \\\"return variable\\\" statement outside of a function definition.\\n *\\n * This script's last statement should result in a JsonValue (1) with the following keys:\\n * {\\n * {\\\"displayName\\\": \\\"corresponding-social-identity-provider-value\\\"},\\n * {\\\"email\\\": \\\"corresponding-social-identity-provider-value\\\"},\\n * {\\\"familyName\\\": \\\"corresponding-social-identity-provider-value\\\"},\\n * {\\\"givenName\\\": \\\"corresponding-social-identity-provider-value\\\"},\\n * {\\\"id\\\": \\\"corresponding-social-identity-provider-value\\\"},\\n * {\\\"locale\\\": \\\"corresponding-social-identity-provider-value\\\"},\\n * {\\\"photoUrl\\\": \\\"corresponding-social-identity-provider-value\\\"},\\n * {\\\"username\\\": \\\"corresponding-social-identity-provider-value\\\"}\\n * }\\n *\\n * The consumer of this data defines which keys are required and which are optional.\\n * For example, the script associated with the Social Provider Handler Node and,\\n * ultimately, the managed object created/updated with this data\\n * will expect certain keys to be populated.\\n * In some common default configurations, the following keys are required to be not empty:\\n * username, givenName, familyName, email.\\n *\\n * From RFC4517: A value of the Directory String syntax is a string of one or more\\n * arbitrary characters from the Universal Character Set (UCS).\\n * A zero-length character string is not permitted.\\n *\\n * (1) JsonValue - https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/json/JsonValue.html.\\n * (2) TreeMap - https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/TreeMap.html.\\n * (3) LinkedHashMap - https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/LinkedHashMap.html.\\n */\\n\\n(function () {\\n var frJava = JavaImporter(\\n org.forgerock.json.JsonValue\\n );\\n\\n var normalizedProfileData = frJava.JsonValue.json(frJava.JsonValue.object());\\n \\n \\t//logger.message('Seguin rawProfile: '+rawProfile);\\n\\n normalizedProfileData.put('id', rawProfile.get('sub').asString());\\n normalizedProfileData.put('displayName', rawProfile.get('givenName').asString() + ' ' + rawProfile.get('sn').asString());\\n normalizedProfileData.put('email', rawProfile.get('mail').asString());\\n normalizedProfileData.put('givenName', rawProfile.get('givenName').asString());\\n normalizedProfileData.put('familyName', rawProfile.get('sn').asString());\\n normalizedProfileData.put('username', rawProfile.get('upn').asString());\\n normalizedProfileData.put('roles', rawProfile.get('roles').asString());\\n \\n \\t//logger.message('Seguin normalizedProfileData: '+normalizedProfileData);\\n\\n return normalizedProfileData;\\n}());\"",
393
+ "default": false,
394
+ "language": "JAVASCRIPT",
395
+ "context": "SOCIAL_IDP_PROFILE_TRANSFORMATION",
396
+ "createdBy": "null",
397
+ "creationDate": 0,
398
+ "lastModifiedBy": "null",
399
+ "lastModifiedDate": 0
400
+ }
401
+ },
402
+ "emailTemplates": {
403
+ "welcome": {
404
+ "_id": "emailTemplate/welcome",
405
+ "defaultLocale": "en",
406
+ "displayName": "Welcome",
407
+ "enabled": true,
408
+ "from": "saas@forgerock.com",
409
+ "html": {
410
+ "en": "<div class=\"content\"><p>Welcome. Your username is '{{object.userName}}'.</p></div>"
411
+ },
412
+ "message": {
413
+ "en": "<html><head></head><body style=\"background-color: #324054; color: #5e6d82; padding: 60px; text-align: center;\"><div class=\"content\" style=\"background-color: #fff; border-radius: 4px; margin: 0 auto; padding: 48px; width: 235px;\"><p>Welcome. Your username is '{{object.userName}}'.</p></div></body></html>"
414
+ },
415
+ "mimeType": "text/html",
416
+ "styles": "body{\n background-color:#324054;\n color:#5e6d82;\n padding:60px;\n text-align:center\n}\na{\n text-decoration:none;\n color:#109cf1\n}\n.content{\n background-color:#fff;\n border-radius:4px;\n margin:0 auto;\n padding:48px;\n width:235px\n}\n",
417
+ "subject": {
418
+ "en": "Your account has been created"
419
+ }
420
+ }
421
+ },
422
+ "socialIdentityProviders": {
423
+ "github": {
424
+ "clientId": "bdae6d141d4dcf95a630",
425
+ "pkceMethod": "S256",
426
+ "jwtEncryptionMethod": "NONE",
427
+ "authorizationEndpoint": "https://github.com/login/oauth/authorize",
428
+ "jwtEncryptionAlgorithm": "NONE",
429
+ "issuerComparisonCheckType": "EXACT",
430
+ "clientSecret": null,
431
+ "scopeDelimiter": " ",
432
+ "scopes": [
433
+ "user"
434
+ ],
435
+ "enabled": true,
436
+ "authenticationIdKey": "id",
437
+ "uiConfig": {
438
+ "buttonCustomStyle": "background-color: #fff; color: #757575; border-color: #ddd;",
439
+ "buttonCustomStyleHover": "color: #6d6d6d; background-color: #eee; border-color: #ccc;",
440
+ "buttonDisplayName": "GitHub",
441
+ "buttonImage": "https://cdn-icons-png.flaticon.com/512/25/25231.png",
442
+ "iconBackground": "#4184f3",
443
+ "iconFontColor": "white"
444
+ },
445
+ "privateKeyJwtExpTime": 600,
446
+ "revocationCheckOptions": [],
447
+ "transform": "23143919-6b78-40c3-b25e-beca19b229e0",
448
+ "userInfoEndpoint": "https://ig.mytestrun.com/user",
449
+ "jwtSigningAlgorithm": "NONE",
450
+ "redirectURI": "https://idc.scheuber.io/login",
451
+ "clientAuthenticationMethod": "CLIENT_SECRET_POST",
452
+ "responseMode": "DEFAULT",
453
+ "useCustomTrustStore": false,
454
+ "tokenEndpoint": "https://ig.mytestrun.com/login/oauth/access_token",
455
+ "_id": "github",
456
+ "_type": {
457
+ "_id": "oauth2Config",
458
+ "name": "Client configuration for providers that implement the OAuth2 specification.",
459
+ "collection": true
460
+ }
461
+ },
462
+ "adfs": {
463
+ "clientId": "aa9a179e-cdba-4db8-8477-3d1069d5ec04",
464
+ "pkceMethod": "S256",
465
+ "wellKnownEndpoint": "https://adfs.mytestrun.com/adfs/.well-known/openid-configuration",
466
+ "jwtEncryptionMethod": "NONE",
467
+ "authorizationEndpoint": "https://adfs.mytestrun.com/adfs/oauth2/authorize",
468
+ "jwtEncryptionAlgorithm": "NONE",
469
+ "issuerComparisonCheckType": "EXACT",
470
+ "clientSecret": null,
471
+ "encryptJwtRequestParameter": false,
472
+ "scopeDelimiter": " ",
473
+ "scopes": [
474
+ "openid",
475
+ "profile",
476
+ "email"
477
+ ],
478
+ "issuer": "https://adfs.mytestrun.com/adfs",
479
+ "userInfoResponseType": "JSON",
480
+ "acrValues": [],
481
+ "jwksUriEndpoint": "https://adfs.mytestrun.com/adfs/discovery/keys",
482
+ "encryptedIdTokens": false,
483
+ "enabled": true,
484
+ "jwtRequestParameterOption": "NONE",
485
+ "authenticationIdKey": "sub",
486
+ "uiConfig": {
487
+ "buttonClass": "",
488
+ "buttonCustomStyle": "background-color: #fff; border-color: #8b8b8b; color: #8b8b8b;",
489
+ "buttonCustomStyleHover": "background-color: #fff; border-color: #8b8b8b; color: #8b8b8b;",
490
+ "buttonDisplayName": "Microsoft ADFS",
491
+ "buttonImage": "/login/images/microsoft-logo.png",
492
+ "iconBackground": "#0078d7",
493
+ "iconClass": "fa-windows",
494
+ "iconFontColor": "white"
495
+ },
496
+ "privateKeyJwtExpTime": 600,
497
+ "revocationCheckOptions": [],
498
+ "enableNativeNonce": true,
499
+ "transform": "dbe0bf9a-72aa-49d5-8483-9db147985a47",
500
+ "jwtSigningAlgorithm": "RS256",
501
+ "redirectURI": "https://idc.scheuber.io/login",
502
+ "clientAuthenticationMethod": "CLIENT_SECRET_POST",
503
+ "responseMode": "DEFAULT",
504
+ "useCustomTrustStore": false,
505
+ "tokenEndpoint": "https://adfs.mytestrun.com/adfs/oauth2/token",
506
+ "_id": "adfs",
507
+ "_type": {
508
+ "_id": "oidcConfig",
509
+ "name": "Client configuration for providers that implement the OpenID Connect specification.",
510
+ "collection": true
511
+ }
512
+ }
513
+ },
514
+ "themes": [],
515
+ "saml2Entities": {
516
+ "aVNQQXp1cmU": {
517
+ "_id": "aVNQQXp1cmU",
518
+ "_rev": "1379466460",
519
+ "entityId": "iSPAzure",
520
+ "serviceProvider": {
521
+ "assertionContent": {
522
+ "signingAndEncryption": {
523
+ "requestResponseSigning": {},
524
+ "encryption": {},
525
+ "secretIdAndAlgorithms": {}
526
+ },
527
+ "nameIdFormat": {
528
+ "nameIdFormatList": [
529
+ "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
530
+ "urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
531
+ "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
532
+ "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
533
+ "urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName",
534
+ "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos",
535
+ "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName"
536
+ ]
537
+ },
538
+ "authenticationContext": {
539
+ "authenticationContextMapper": "com.sun.identity.saml2.plugins.DefaultSPAuthnContextMapper",
540
+ "authContextItems": [
541
+ {
542
+ "contextReference": "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport",
543
+ "level": 0,
544
+ "defaultItem": true
545
+ }
546
+ ],
547
+ "authenticationComparisonType": "Exact",
548
+ "includeRequestedAuthenticationContext": true
549
+ },
550
+ "assertionTimeSkew": 300,
551
+ "basicAuthentication": {}
552
+ },
553
+ "assertionProcessing": {
554
+ "attributeMapper": {
555
+ "attributeMapper": "com.sun.identity.saml2.plugins.DefaultSPAttributeMapper",
556
+ "attributeMap": [
557
+ {
558
+ "key": "http://schemas.microsoft.com/identity/claims/displayname",
559
+ "value": "cn"
560
+ },
561
+ {
562
+ "key": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname",
563
+ "value": "givenName"
564
+ },
565
+ {
566
+ "key": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname",
567
+ "value": "sn"
568
+ },
569
+ {
570
+ "key": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
571
+ "value": "mail"
572
+ },
573
+ {
574
+ "key": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
575
+ "value": "uid"
576
+ }
577
+ ]
578
+ },
579
+ "autoFederation": {
580
+ "autoFedEnabled": false
581
+ },
582
+ "accountMapping": {
583
+ "spAccountMapper": "com.sun.identity.saml2.plugins.DefaultSPAccountMapper",
584
+ "useNameIDAsSPUserID": true
585
+ },
586
+ "responseArtifactMessageEncoding": {
587
+ "encoding": "URI"
588
+ },
589
+ "url": {},
590
+ "adapter": {}
591
+ },
592
+ "services": {
593
+ "metaAlias": "/alpha/iSPAzure",
594
+ "serviceAttributes": {
595
+ "singleLogoutService": [
596
+ {
597
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
598
+ "location": "https://idc.scheuber.io/am/SPSloRedirect/metaAlias/alpha/iSPAzure",
599
+ "responseLocation": "https://idc.scheuber.io/am/SPSloRedirect/metaAlias/alpha/iSPAzure"
600
+ },
601
+ {
602
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
603
+ "location": "https://idc.scheuber.io/am/SPSloPOST/metaAlias/alpha/iSPAzure",
604
+ "responseLocation": "https://idc.scheuber.io/am/SPSloPOST/metaAlias/alpha/iSPAzure"
605
+ },
606
+ {
607
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP",
608
+ "location": "https://idc.scheuber.io/am/SPSloSoap/metaAlias/alpha/iSPAzure"
609
+ }
610
+ ],
611
+ "nameIdService": [
612
+ {
613
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
614
+ "location": "https://idc.scheuber.io/am/SPMniRedirect/metaAlias/alpha/iSPAzure",
615
+ "responseLocation": "https://idc.scheuber.io/am/SPMniRedirect/metaAlias/alpha/iSPAzure"
616
+ },
617
+ {
618
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
619
+ "location": "https://idc.scheuber.io/am/SPMniPOST/metaAlias/alpha/iSPAzure",
620
+ "responseLocation": "https://idc.scheuber.io/am/SPMniPOST/metaAlias/alpha/iSPAzure"
621
+ },
622
+ {
623
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP",
624
+ "location": "https://idc.scheuber.io/am/SPMniSoap/metaAlias/alpha/iSPAzure",
625
+ "responseLocation": "https://idc.scheuber.io/am/SPMniSoap/metaAlias/alpha/iSPAzure"
626
+ }
627
+ ],
628
+ "assertionConsumerService": [
629
+ {
630
+ "isDefault": true,
631
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact",
632
+ "location": "https://idc.scheuber.io/am/AuthConsumer/metaAlias/alpha/iSPAzure",
633
+ "index": 0
634
+ },
635
+ {
636
+ "isDefault": false,
637
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
638
+ "location": "https://idc.scheuber.io/am/AuthConsumer/metaAlias/alpha/iSPAzure",
639
+ "index": 1
640
+ },
641
+ {
642
+ "isDefault": false,
643
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:PAOS",
644
+ "location": "https://idc.scheuber.io/am/Consumer/ECP/metaAlias/alpha/iSPAzure",
645
+ "index": 2
646
+ }
647
+ ]
648
+ }
649
+ },
650
+ "advanced": {
651
+ "saeConfiguration": {
652
+ "spUrl": "https://idc.scheuber.io/am/spsaehandler/metaAlias/alpha/iSPAzure"
653
+ },
654
+ "ecpConfiguration": {
655
+ "ecpRequestIdpListFinderImpl": "com.sun.identity.saml2.plugins.ECPIDPFinder"
656
+ },
657
+ "idpProxy": {},
658
+ "relayStateUrlList": {}
659
+ }
660
+ },
661
+ "entityLocation": "hosted"
662
+ },
663
+ "dXJuOmZlZGVyYXRpb246TWljcm9zb2Z0T25saW5l": {
664
+ "_id": "dXJuOmZlZGVyYXRpb246TWljcm9zb2Z0T25saW5l",
665
+ "_rev": "1971501705",
666
+ "entityId": "urn:federation:MicrosoftOnline",
667
+ "serviceProvider": {
668
+ "assertionContent": {
669
+ "signingAndEncryption": {
670
+ "requestResponseSigning": {
671
+ "assertion": true
672
+ },
673
+ "encryption": {}
674
+ },
675
+ "nameIdFormat": {
676
+ "nameIdFormatList": [
677
+ "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
678
+ "urn:mace:shibboleth:1.0:nameIdentifier",
679
+ "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
680
+ "urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
681
+ "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
682
+ ]
683
+ },
684
+ "basicAuthentication": {}
685
+ },
686
+ "assertionProcessing": {
687
+ "attributeMapper": {
688
+ "attributeMap": [
689
+ {
690
+ "samlAttribute": "IDPEmail",
691
+ "localAttribute": "mail",
692
+ "binary": false
693
+ },
694
+ {
695
+ "samlAttribute": "UOPClassID",
696
+ "localAttribute": "UOPClassID",
697
+ "binary": false
698
+ }
699
+ ]
700
+ },
701
+ "responseArtifactMessageEncoding": {
702
+ "encoding": "URI"
703
+ }
704
+ },
705
+ "services": {
706
+ "serviceAttributes": {
707
+ "singleLogoutService": [
708
+ {
709
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
710
+ "location": "https://login.microsoftonline.com/login.srf"
711
+ }
712
+ ],
713
+ "assertionConsumerService": [
714
+ {
715
+ "isDefault": true,
716
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
717
+ "location": "https://login.microsoftonline.com/login.srf",
718
+ "index": 0
719
+ },
720
+ {
721
+ "isDefault": false,
722
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign",
723
+ "location": "https://login.microsoftonline.com/login.srf",
724
+ "index": 1
725
+ },
726
+ {
727
+ "isDefault": false,
728
+ "binding": "urn:oasis:names:tc:SAML:2.0:bindings:PAOS",
729
+ "location": "https://login.microsoftonline.com/login.srf",
730
+ "index": 2
731
+ }
732
+ ]
733
+ }
734
+ },
735
+ "advanced": {
736
+ "saeConfiguration": {},
737
+ "idpProxy": {}
738
+ }
739
+ },
740
+ "entityLocation": "remote",
741
+ "base64EntityXML": "PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9InllcyI_Pgo8RW50aXR5RGVzY3JpcHRvciBlbnRpdHlJRD0idXJuOmZlZGVyYXRpb246TWljcm9zb2Z0T25saW5lIiBJRD0iX2U0NmExMTkzLWU4YTctNDhlZC04MDRmLTE1MTY3MjllY2I1ZiIgeG1sbnM9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDptZXRhZGF0YSIgeG1sbnM6cXVlcnk9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOm1ldGFkYXRhOmV4dDpxdWVyeSIgeG1sbnM6bWRhdHRyPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDptZXRhZGF0YTphdHRyaWJ1dGUiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIHhtbG5zOnhlbmM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jIyIgeG1sbnM6eGVuYzExPSJodHRwOi8vd3d3LnczLm9yZy8yMDA5L3htbGVuYzExIyIgeG1sbnM6YWxnPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDptZXRhZGF0YTphbGdzdXBwb3J0IiB4bWxuczp4NTA5cXJ5PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDptZXRhZGF0YTpYNTA5OnF1ZXJ5IiB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI-CiAgICA8RXh0ZW5zaW9ucz4KICAgICAgICA8YWxnOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8-CiAgICAgICAgPGFsZzpTaWduaW5nTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8-CiAgICA8L0V4dGVuc2lvbnM-CiAgICA8U1BTU09EZXNjcmlwdG9yIFdhbnRBc3NlcnRpb25zU2lnbmVkPSJ0cnVlIiBwcm90b2NvbFN1cHBvcnRFbnVtZXJhdGlvbj0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIj4KICAgICAgICA8S2V5RGVzY3JpcHRvciB1c2U9InNpZ25pbmciPgogICAgICAgICAgICA8ZHM6S2V5SW5mbz4KICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICA8ZHM6WDUwOURhdGE-CiAgICAgICAgICAgICAgICAgICAgPGRzOlg1MDlDZXJ0aWZpY2F0ZT4KTUlJQy9UQ0NBZVdnQXdJQkFnSVFiZ0RIZmkzdDFKTkdWcXdENS83bG1qQU5CZ2txaGtpRzl3MEJBUXNGQURBcE1TY3dKUVlEVlFRRApFeDVNYVhabElFbEVJRk5VVXlCVGFXZHVhVzVuSUZCMVlteHBZeUJMWlhrd0hoY05NakF4TWpJeE1EQXdNREF3V2hjTk1qVXhNakl4Ck1EQXdNREF3V2pBcE1TY3dKUVlEVlFRREV4NU1hWFpsSUVsRUlGTlVVeUJUYVdkdWFXNW5JRkIxWW14cFl5QkxaWGt3Z2dFaU1BMEcKQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUURGVDAvMC8ycVF1cm5ZYTBMYkpIRjlZWW96aEVINnI5bUN4VkRCWWJldwpTRzR0R2dyV3BzZXdRLzk2cGNjekdNUWN0TXZVK2gyZVgzOEh4L2Y5SkFJRGJ1UlF6UWxzUGhRUzdERFo2V2xUWFUrdDhkL2cyQzdmCnBTb0xzNEtWZEppaDR4eWpMVVdqK0JLL2lqc1JqQnQ0Uml3OVZiSkgvRGRXS3lvU01iRUNFaUUrczFSdExQL2VZb01tTmZ4eVFHcVcKaXJDTnFWTkJUbHF6WVFwNGRnRjBmb1l5NGt0b3h3bVFPVm9UY0lNRllwMUk0cEZQSTdDeHVNTGtmSzBYN2FUYk03WUdwaHZNZkp4SgpranJRZHlJN0c1ZDF0NEROaTN6a0ViQlQ3RkdBcjZxUHQzS245cmFscHFKS0hkcEVCQTlOMHZOd1FvNVhUWUloVWJQUTE2SVJBZ01CCkFBR2pJVEFmTUIwR0ExVWREZ1FXQkJSczd0UG1ma2tzU3I2N0t0RWxIallaYmVhQ1RqQU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FRRUEKSnF3TVpTalFKMzZ4KzFzdHk2RWVMS1FMUWV3UXdQYUVDNDdadXQrOGJYZWQ2UThqTVowYmZhL01NN1hxdUVjYWJhTVpMUXVLTGZ0NAo0WVh3WFhRT2ZRckkycWpRcjNlVG9KRmxEVDloUjByZnA5d1FxdHREeGQ2QWE2Uld3RFRnbzVvS1VRQ1RLTEhoRXk4dVd6U2NLMGVHCnQyZDdUV1RhRFhqUlN3TnE2dE03ZlJoWnMwN3RLQlYzeGZpOUVReS9tbGF2QU1GUkJWbTg2TlNvN0FzT0cxSU9NcTAzVTNvb0NXQVgKaDlQZHZ2SE5mSGhIMTlmdXRBbkMvSGVPandSRjFRYzUyN2FCTXBoWUZRTGRpVGhmbWZtaUUvQWhRcUN3WjJvRTd1Q0poQnRSK0tiMQpaR2hqSTM1cEhmc1NxR2lGYTdLcis1YXZlODIyUERja2U4OU12Zz09CiAgICAgICAgICAgICAgICAgICAgPC9kczpYNTA5Q2VydGlmaWNhdGU-CiAgICAgICAgICAgICAgICA8L2RzOlg1MDlEYXRhPgogICAgICAgICAgICA8L2RzOktleUluZm8-CiAgICAgICAgPC9LZXlEZXNjcmlwdG9yPgogICAgICAgIDxLZXlEZXNjcmlwdG9yIHVzZT0ic2lnbmluZyI-CiAgICAgICAgICAgIDxkczpLZXlJbmZvPgogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIDxkczpYNTA5RGF0YT4KICAgICAgICAgICAgICAgICAgICA8ZHM6WDUwOUNlcnRpZmljYXRlPgpNSUlDL1RDQ0FlV2dBd0lCQWdJUU4vR1BlZ25UOGJsUDJFY1NkTU1iQnpBTkJna3Foa2lHOXcwQkFRc0ZBREFwTVNjd0pRWURWUVFECkV4NU1hWFpsSUVsRUlGTlVVeUJUYVdkdWFXNW5JRkIxWW14cFl5QkxaWGt3SGhjTk1qRXdNakU0TURBd01EQXdXaGNOTWpZd01qRTQKTURBd01EQXdXakFwTVNjd0pRWURWUVFERXg1TWFYWmxJRWxFSUZOVVV5QlRhV2R1YVc1bklGQjFZbXhwWXlCTFpYa3dnZ0VpTUEwRwpDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRRFhkTEdVMkxsNVJQZERVbktRK2YvSFM1cWlUYXkyY0NoOVUyQVM2b0RNCjZTT3hWaFlHdG9lSjFWUGViY0xucGdMZmhQeHpyd1dvVnpYU0VGK1ZSUWJuWUlEMkpiNGtoamd5RWVvVGhrM1ZxclRod2hhaHBTYkIKZzJ2bzA2dklPcDFUUzJSMUJpd0hLVExvQjFpMUlKbmFJRlNDM0JONnBZNGZsWFd5TFF0LzVBQlhFbHYyWFpMcVhNOUVlZmo2Smk0MApuTElzaVc0ZFd3M0JEYS95d1dXME1zaVc1b2pHcTR2b3ZjQWdFTmUvNE5VYmp1NzBnSFAvV1M1RDliVzVwK09JUWk3L3VucmxXZS9oCjNBNmp0QmJiUmxYWVhsTitaMjJ1VFR5eUNEL1c4emVYYUFDTHZIYWd3RU1yUWVQRFhCWnFjL2lYMmtJK29vWnIxc0MvSDM5UkFnTUIKQUFHaklUQWZNQjBHQTFVZERnUVdCQlNyWDJkbTNMd1Q5amIvcCtiQUFkWVFwRSsvTmpBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQQplcUpmWUhuc0E5cWhHdHRYRmZGcFBXNERRTGg1dzZKQ2NlN3ZHdldJTnI1ZnIxRG5RZGNPcit3d2pRL3RxYmNrQUwydjZ6MUFxamhTCjc4a2JmZWduQVFEd2lvSloxb2xZWXZMT3hLb2E2SEYrYjEvcDBNbHViOFp1a2sybjFiMmxLUEJCT2liT2FzU1k3Z1FEd2xJWmk3dGwKOW5NVHhVZmRZSytFNUF4djdEVm5tVUN3Y25ucFY1LzFTRmROeVcya1dPNEM2OHJyak1PdkVDZndyS2tiZlZKTThmOWtyRVVCdW9CRgo4ZFREdjdEMlpNNFEyYnVDNzBOYmZhTldVWDB5RnZLSTBJdVRxazhSQmZHVFJRNGZaQWJoTVBheWtFcEJ1NmROalRpNVlPYTBsTnFGCkdTN0F4N2xlQ2g1eDlsVjhlbGNMa1hzOHlTbzhBT1FKazBoZ0l3PT0KICAgICAgICAgICAgICAgICAgICA8L2RzOlg1MDlDZXJ0aWZpY2F0ZT4KICAgICAgICAgICAgICAgIDwvZHM6WDUwOURhdGE-CiAgICAgICAgICAgIDwvZHM6S2V5SW5mbz4KICAgICAgICA8L0tleURlc2NyaXB0b3I-CiAgICAgICAgPEtleURlc2NyaXB0b3IgdXNlPSJzaWduaW5nIj4KICAgICAgICAgICAgPGRzOktleUluZm8-CiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgPGRzOlg1MDlEYXRhPgogICAgICAgICAgICAgICAgICAgIDxkczpYNTA5Q2VydGlmaWNhdGU-Ck1JSUMvVENDQWVXZ0F3SUJBZ0lRTi9HUGVnblQ4YmxQMkVjU2RNTWJCekFOQmdrcWhraUc5dzBCQVFzRkFEQXBNU2N3SlFZRFZRUUQKRXg1TWFYWmxJRWxFSUZOVVV5QlRhV2R1YVc1bklGQjFZbXhwWXlCTFpYa3dIaGNOTWpFd01qRTRNREF3TURBd1doY05Nall3TWpFNApNREF3TURBd1dqQXBNU2N3SlFZRFZRUURFeDVNYVhabElFbEVJRk5VVXlCVGFXZHVhVzVuSUZCMVlteHBZeUJMWlhrd2dnRWlNQTBHCkNTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFEWGRMR1UyTGw1UlBkRFVuS1ErZi9IUzVxaVRheTJjQ2g5VTJBUzZvRE0KNlNPeFZoWUd0b2VKMVZQZWJjTG5wZ0xmaFB4enJ3V29WelhTRUYrVlJRYm5ZSUQySmI0a2hqZ3lFZW9UaGszVnFyVGh3aGFocFNiQgpnMnZvMDZ2SU9wMVRTMlIxQml3SEtUTG9CMWkxSUpuYUlGU0MzQk42cFk0ZmxYV3lMUXQvNUFCWEVsdjJYWkxxWE05RWVmajZKaTQwCm5MSXNpVzRkV3czQkRhL3l3V1cwTXNpVzVvakdxNHZvdmNBZ0VOZS80TlVianU3MGdIUC9XUzVEOWJXNXArT0lRaTcvdW5ybFdlL2gKM0E2anRCYmJSbFhZWGxOK1oyMnVUVHl5Q0QvVzh6ZVhhQUNMdkhhZ3dFTXJRZVBEWEJacWMvaVgya0krb29acjFzQy9IMzlSQWdNQgpBQUdqSVRBZk1CMEdBMVVkRGdRV0JCU3JYMmRtM0x3VDlqYi9wK2JBQWRZUXBFKy9OakFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBCmVxSmZZSG5zQTlxaEd0dFhGZkZwUFc0RFFMaDV3NkpDY2U3dkd2V0lOcjVmcjFEblFkY09yK3d3alEvdHFiY2tBTDJ2NnoxQXFqaFMKNzhrYmZlZ25BUUR3aW9KWjFvbFlZdkxPeEtvYTZIRitiMS9wME1sdWI4WnVrazJuMWIybEtQQkJPaWJPYXNTWTdnUUR3bElaaTd0bAo5bk1UeFVmZFlLK0U1QXh2N0RWbm1VQ3djbm5wVjUvMVNGZE55VzJrV080QzY4cnJqTU92RUNmd3JLa2JmVkpNOGY5a3JFVUJ1b0JGCjhkVER2N0QyWk00UTJidUM3ME5iZmFOV1VYMHlGdktJMEl1VHFrOFJCZkdUUlE0ZlpBYmhNUGF5a0VwQnU2ZE5qVGk1WU9hMGxOcUYKR1M3QXg3bGVDaDV4OWxWOGVsY0xrWHM4eVNvOEFPUUprMGhnSXc9PQogICAgICAgICAgICAgICAgICAgIDwvZHM6WDUwOUNlcnRpZmljYXRlPgogICAgICAgICAgICAgICAgPC9kczpYNTA5RGF0YT4KICAgICAgICAgICAgPC9kczpLZXlJbmZvPgogICAgICAgIDwvS2V5RGVzY3JpcHRvcj4KICAgICAgICA8U2luZ2xlTG9nb3V0U2VydmljZSBCaW5kaW5nPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YmluZGluZ3M6SFRUUC1QT1NUIiBMb2NhdGlvbj0iaHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2xvZ2luLnNyZiIvPgogICAgICAgIDxOYW1lSURGb3JtYXQ-dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6ZW1haWxBZGRyZXNzPC9OYW1lSURGb3JtYXQ-CiAgICAgICAgPE5hbWVJREZvcm1hdD51cm46bWFjZTpzaGliYm9sZXRoOjEuMDpuYW1lSWRlbnRpZmllcjwvTmFtZUlERm9ybWF0PgogICAgICAgIDxOYW1lSURGb3JtYXQ-dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6dW5zcGVjaWZpZWQ8L05hbWVJREZvcm1hdD4KICAgICAgICA8TmFtZUlERm9ybWF0PnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OnRyYW5zaWVudDwvTmFtZUlERm9ybWF0PgogICAgICAgIDxOYW1lSURGb3JtYXQ-dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6cGVyc2lzdGVudDwvTmFtZUlERm9ybWF0PgogICAgICAgIDxBc3NlcnRpb25Db25zdW1lclNlcnZpY2UgaW5kZXg9IjAiIGlzRGVmYXVsdD0idHJ1ZSIgQmluZGluZz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmJpbmRpbmdzOkhUVFAtUE9TVCIgTG9jYXRpb249Imh0dHBzOi8vbG9naW4ubWljcm9zb2Z0b25saW5lLmNvbS9sb2dpbi5zcmYiLz4KICAgICAgICA8QXNzZXJ0aW9uQ29uc3VtZXJTZXJ2aWNlIGluZGV4PSIxIiBpc0RlZmF1bHQ9ImZhbHNlIiBCaW5kaW5nPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YmluZGluZ3M6SFRUUC1QT1NULVNpbXBsZVNpZ24iIExvY2F0aW9uPSJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vbG9naW4uc3JmIi8-CiAgICAgICAgPEFzc2VydGlvbkNvbnN1bWVyU2VydmljZSBpbmRleD0iMiIgaXNEZWZhdWx0PSJmYWxzZSIgQmluZGluZz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmJpbmRpbmdzOlBBT1MiIExvY2F0aW9uPSJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vbG9naW4uc3JmIi8-CiAgICA8L1NQU1NPRGVzY3JpcHRvcj4KPC9FbnRpdHlEZXNjcmlwdG9yPgoK"
742
+ }
743
+ },
744
+ "circlesOfTrust": {
745
+ "AzureCOT": {
746
+ "_id": "AzureCOT",
747
+ "_rev": "-954827061",
748
+ "trustedProviders": [
749
+ "iSPAzure|saml2",
750
+ "urn:federation:MicrosoftOnline|saml2",
751
+ "https://sts.windows.net/711ffa9c-5972-4713-ace3-688c9732614a/|saml2",
752
+ "SPAzure|saml2",
753
+ "https://idc.scheuber.io/am/saml2/IDPAzure|saml2"
754
+ ],
755
+ "status": "active",
756
+ "_type": {
757
+ "_id": "circlesoftrust",
758
+ "name": "Circle of Trust",
759
+ "collection": true
760
+ }
761
+ }
762
+ },
763
+ "tree": {
764
+ "_id": "FrodoTestJourney5",
765
+ "_rev": "-1419109168",
766
+ "identityResource": "managed/alpha_user",
767
+ "uiConfig": {
768
+ "categories": "[\"Frodo\",\"Prototype\"]"
769
+ },
770
+ "entryNodeId": "94299dce-b606-409f-8be0-66d23061692f",
771
+ "nodes": {
772
+ "ef8f26a5-a85f-4929-acf6-842e24d89493": {
773
+ "x": 440,
774
+ "y": 424,
775
+ "connections": {
776
+ "localAuthentication": "a036a5e1-cee2-4c23-b7ae-8f39a7087444",
777
+ "socialAuthentication": "f4e81b8b-8465-409f-b71c-b5c58ab688ef"
778
+ },
779
+ "nodeType": "PageNode",
780
+ "displayName": "Login Page"
781
+ },
782
+ "c89fb4c7-0122-42c0-817a-a0451b67bcdc": {
783
+ "x": 915,
784
+ "y": 309.3333333333333,
785
+ "connections": {
786
+ "EMAIL_NOT_SENT": "e301438c-0bd0-429c-ab0c-66126501069a",
787
+ "EMAIL_SENT": "58f762af-8e19-4d96-aae0-73b48e8f95d4"
788
+ },
789
+ "nodeType": "EmailTemplateNode",
790
+ "displayName": "Email Template Node"
791
+ },
792
+ "58f762af-8e19-4d96-aae0-73b48e8f95d4": {
793
+ "x": 1163,
794
+ "y": 305.5,
795
+ "connections": {
796
+ "ACCOUNT_EXISTS": "70e691a5-1e33-4ac3-a356-e7b6d60d92e0",
797
+ "NO_ACCOUNT": "e301438c-0bd0-429c-ab0c-66126501069a"
798
+ },
799
+ "nodeType": "product-Saml2Node",
800
+ "displayName": "SAML2 Authentication"
801
+ },
802
+ "ff179a8f-b67b-46e8-bb8d-edc78c80341b": {
803
+ "x": 915,
804
+ "y": 168.66666666666669,
805
+ "connections": {
806
+ "false": "e301438c-0bd0-429c-ab0c-66126501069a",
807
+ "true": "70e691a5-1e33-4ac3-a356-e7b6d60d92e0"
808
+ },
809
+ "nodeType": "InnerTreeEvaluatorNode",
810
+ "displayName": "Login"
811
+ },
812
+ "94299dce-b606-409f-8be0-66d23061692f": {
813
+ "x": 210,
814
+ "y": 305.5,
815
+ "connections": {
816
+ "unknown": "da49467f-a848-4e41-a175-5a0502c5d2af",
817
+ "known": "ef8f26a5-a85f-4929-acf6-842e24d89493"
818
+ },
819
+ "nodeType": "ScriptedDecisionNode",
820
+ "displayName": "Check Username"
821
+ },
822
+ "a036a5e1-cee2-4c23-b7ae-8f39a7087444": {
823
+ "x": 685,
824
+ "y": 143.66666666666666,
825
+ "connections": {
826
+ "CANCELLED": "ff179a8f-b67b-46e8-bb8d-edc78c80341b",
827
+ "EXPIRED": "ff179a8f-b67b-46e8-bb8d-edc78c80341b",
828
+ "FALSE": "e301438c-0bd0-429c-ab0c-66126501069a",
829
+ "LOCKED": "e301438c-0bd0-429c-ab0c-66126501069a",
830
+ "TRUE": "70e691a5-1e33-4ac3-a356-e7b6d60d92e0"
831
+ },
832
+ "nodeType": "IdentityStoreDecisionNode",
833
+ "displayName": "Validate Creds"
834
+ },
835
+ "da49467f-a848-4e41-a175-5a0502c5d2af": {
836
+ "x": 440,
837
+ "y": 80,
838
+ "connections": {
839
+ "localAuthentication": "a036a5e1-cee2-4c23-b7ae-8f39a7087444",
840
+ "socialAuthentication": "f4e81b8b-8465-409f-b71c-b5c58ab688ef"
841
+ },
842
+ "nodeType": "PageNode",
843
+ "displayName": "Login Page"
844
+ },
845
+ "f4e81b8b-8465-409f-b71c-b5c58ab688ef": {
846
+ "x": 685,
847
+ "y": 371.8333333333333,
848
+ "connections": {
849
+ "ACCOUNT_EXISTS": "70e691a5-1e33-4ac3-a356-e7b6d60d92e0",
850
+ "NO_ACCOUNT": "c89fb4c7-0122-42c0-817a-a0451b67bcdc"
851
+ },
852
+ "nodeType": "SocialProviderHandlerNode",
853
+ "displayName": "Social Login"
854
+ }
855
+ },
856
+ "staticNodes": {
857
+ "startNode": {
858
+ "x": 70,
859
+ "y": 323
860
+ },
861
+ "70e691a5-1e33-4ac3-a356-e7b6d60d92e0": {
862
+ "x": 1417,
863
+ "y": 192
864
+ },
865
+ "e301438c-0bd0-429c-ab0c-66126501069a": {
866
+ "x": 1417,
867
+ "y": 286
868
+ }
869
+ },
870
+ "description": "Frodo test journey utilizing a variety of nodes and dependencies to test support for complex journeys.",
871
+ "enabled": true
872
+ }
873
+ }