richard
/
wiki
mirror of https://github.com/Requarks/wiki.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1170 Commits
3 Branches
120 Tags
81 MiB
Tree: ccc6a776fc
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ccc6a776fc'
${ noResults }
wiki/server/modules/authentication/saml/authentication.js

63 lines
1.9 KiB
Raw Normal View History

feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
feat: SAML auth module
5 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
feat: SAML auth module
5 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
  1. const _ = require('lodash')
  3. /* global WIKI */
  5. // ------------------------------------
  6. // SAML Account
  7. // ------------------------------------
  9. const SAMLStrategy = require('passport-saml').Strategy
  11. module.exports = {
  12. init (passport, conf) {
  13. let samlConfig = {
  14. callbackUrl: conf.callbackURL,
  15. entryPoint: conf.entryPoint,
  16. issuer: conf.issuer,
  17. signatureAlgorithm: conf.signatureAlgorithm,
  18. identifierFormat: conf.identifierFormat,
  19. acceptedClockSkewMs: _.toSafeInteger(conf.acceptedClockSkewMs),
  20. disableRequestedAuthnContext: conf.disableRequestedAuthnContext,
  21. authnContext: conf.authnContext,
  22. forceAuthn: conf.forceAuthn,
  23. providerName: conf.providerName,
  24. skipRequestCompression: conf.skipRequestCompression,
  25. authnRequestBinding: conf.authnRequestBinding
  26. }
  27. if (!_.isEmpty(conf.audience)) {
  28. samlConfig.audience = conf.audience
  29. }
  30. if (!_.isEmpty(conf.cert)) {
  31. samlConfig.cert = _.split(conf.cert, '|')
  32. }
  33. if (!_.isEmpty(conf.privateCert)) {
  34. samlConfig.privateCert = conf.privateCert
  35. }
  36. if (!_.isEmpty(conf.decryptionPvk)) {
  37. samlConfig.decryptionPvk = conf.decryptionPvk
  38. }
  39. passport.use('saml',
  40. new SAMLStrategy(samlConfig, async (profile, cb) => {
  41. try {
  42. const userId = _.get(profile, [conf.mappingUID], null) || _.get(profile, 'nameID', null)
  43. if (!userId) {
  44. throw new Error('Invalid or Missing Unique ID field!')
  45. }
  47. const user = await WIKI.models.users.processProfile({
  48. profile: {
  49. id: userId,
  50. email: _.get(profile, conf.mappingEmail, ''),
  51. displayName: _.get(profile, conf.mappingDisplayName, '???'),
  52. picture: _.get(profile, conf.mappingPicture, '')
  53. },
  54. providerKey: 'saml'
  55. })
  56. cb(null, user)
  57. } catch (err) {
  58. cb(err, null)
  59. }
  60. })
  61. )
  62. }
  63. }