Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
0325060
commit 7becf8b
Showing
4 changed files
with
238 additions
and
97 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
{ | ||
"idp1": { | ||
"entryPoint": "https://dev1.gluu.org/idp/profile/SAML2/POST/SSO", | ||
"issuer": "urn:test", | ||
"identifierFormat": "urn:oasis:names:tc:SAML:2.0:nameid-format:transient", | ||
"authnRequestBinding": "HTTP-POST", | ||
"additionalAuthorizeParams": "{ providerId: 'test' }", | ||
"skipRequestCompression": "true", | ||
"reverseMapping": { | ||
"email" : "email", | ||
"username": "urn:oid:0.9.2342.19200300.100.1.1", | ||
"displayName": "urn:oid:2.16.840.1.113730.3.1.241", | ||
"id": "urn:oid:0.9.2342.19200300.100.1.1", | ||
"name": "urn:oid:2.5.4.42", | ||
"givenName": "urn:oid:2.5.4.42", | ||
"familyName": "urn:oid:2.5.4.4", | ||
"provider" :"issuer" | ||
} | ||
}, | ||
"idp2": { | ||
"entryPoint": "https://", | ||
"issuer": "urn:test", | ||
"identifierFormat": "urn:oasis:names:tc:SAML:2.0:attrname-format:basic", | ||
"cert" : "QIEwJDTzEPMA0GA1UEBxMGRGVudmVyMRYwFAYDVQQKEw1QaW5nIElkZW50aXR5MSkwJwYDVQQDEyAxODIwNmM0NWRiN2Y0MjA2YWNkN2ViZWU5MjhjN2YzZDAeFw0xNzA4MTExMjEyMDZaFw0yMDA4MTAxMjEyMDZaMG4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDTzEPMA0GA1UEBxMGRGVudmVyMRYwFAYDVQQKEw1QaW5nIElkZW50aXR5MSkwJwYDVQQDEyAxODIwNmM0NWRiN2Y0MjA2YWNkN2ViZWU5MjhjN2YzZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKP+nrt+plM5Q+AKSYkwSaUq94KhwU/FiZE+gch+F7Wh74knITeXv4+GUgudJGwMHFfLF5Fqf+O5AOLnRTmvwGKqc/cXHApvVtkq4sAP/8oNCD73DBTRYgKDHaAp54IPZEVNBGF4T0gxZ917+YuaDnCxC5mZfmmndnZudon645BzZfIa0PFkvjer/r3w4+zha1Vc868GkQLQ2VsxUjbsQ0iR+ipXxSkeiQe/vc6KZBbLMnf1RhY0F31vSgg0N/TROAP5dDNn9a6tyGyr9QNxy8c4FwuHiUjlbPD7u6whvz7h70nhg0svxzfMZpzvzY6wsFmeR3DOnpC03o1LjyoxmSkCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAFbybi6dwyGA2+QOZdGynoa/oUF4Zb94dm90zavCMPum9PnlsbBTHVq11Ph7jj3CQD1fNu7WUKsPJXtoy2dpWO+B4+a8JLXkoDYZaAta3vyT6/8sRB97vQne82jQeICuqabqSEV2UKDvuYaffvkc0aZ5e0sGw64+f56pQCuzy5iATuNxdNEXptmNvgR6jFfW2JKB27kXmNkIZHh3VOLZ28PxoQydqxtFvx/0vuLfTBLtAd5C8/r3eEWRYFjeActg5Q7M5LnzMUZajYCC+BQbkgvmQ5zH/2cb26nkpqT7gKAXJd2Tl48CuAJDMoD2kJQ2Jw51aeXRCKq/biyEm2dehtw==", | ||
"reverseMapping": { | ||
"email" : "email", | ||
"username": "firstname", | ||
"displayName": "firstname", | ||
"id": "firstname", | ||
"name": "firstname", | ||
"givenName": "firstname", | ||
"familyName": "lastName", | ||
"provider" :"provider" | ||
} | ||
|
||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
var passport = require('passport'); | ||
var SamlStrategy = require('passport-saml').Strategy; | ||
var SAML = require('passport-saml').SAML; | ||
var fs = require('fs'); | ||
var logger = require("../utils/logger"); | ||
|
||
var setCredentials = function(credentials) { | ||
var entitiesJSON = JSON.parse(fs.readFileSync('/etc/gluu/conf/passport-saml-config.json', 'utf8')); | ||
for(key in entitiesJSON){ | ||
|
||
logger.info(key); | ||
var objectJSON = entitiesJSON[key]; | ||
var strategyConfigOptions = {}; | ||
strategyConfigOptions.callbackUrl = global.applicationHost.concat("/passport/auth/saml/"+key+"/callback"); | ||
if(objectJSON.hasOwnProperty('entryPoint')) { | ||
strategyConfigOptions.entryPoint = objectJSON['entryPoint']; | ||
} | ||
if(objectJSON.hasOwnProperty('issuer')) { | ||
strategyConfigOptions.issuer = objectJSON['issuer']; | ||
} | ||
if(objectJSON.hasOwnProperty('identifierFormat')) { | ||
strategyConfigOptions.identifierFormat = objectJSON['identifierFormat']; | ||
} | ||
if(objectJSON.hasOwnProperty('cert')) { | ||
strategyConfigOptions.cert = objectJSON['cert']; | ||
} | ||
if(objectJSON.hasOwnProperty('skipRequestCompression')) { | ||
strategyConfigOptions.skipRequestCompression = objectJSON['skipRequestCompression']; | ||
} | ||
if(objectJSON.hasOwnProperty('authnRequestBinding')) { | ||
strategyConfigOptions.authnRequestBinding = objectJSON['authnRequestBinding']; | ||
} | ||
if(objectJSON.hasOwnProperty('additionalAuthorizeParams')) { | ||
strategyConfigOptions.additionalAuthorizeParams = objectJSON['additionalAuthorizeParams']; | ||
} | ||
strategyConfigOptions.decryptionPvk = fs.readFileSync('/etc/certs/openldap.key', 'utf-8'); | ||
strategyConfigOptions.passReqToCallback = true; | ||
var strategy = new SamlStrategy(strategyConfigOptions, | ||
function(req, profile, done) { | ||
var mapping = objectJSON['reverseMapping']; | ||
logger.info(req.body.SAMLResponse); | ||
var userProfile = { | ||
id: profile[mapping["id"]]|| '', | ||
name: profile[mapping["name"]] ||'', | ||
username: profile[mapping["username"]] || '', | ||
email: profile[mapping["email"]], | ||
givenName: profile[mapping["givenName"]] || '', | ||
familyName: profile[mapping["familyName"]] || '', | ||
provider: profile[mapping["provider"]] || '', | ||
accessToken: "accesstoken" | ||
}; | ||
return done(null, userProfile); | ||
}); | ||
passport.use(key,strategy); | ||
logger.info(key); | ||
fs.truncate(__dirname + '/../idp-metadata/' + key +'.xml', 0, function() { | ||
}); | ||
var decryptionCert = fs.readFileSync('/etc/certs/openldap.crt', 'utf-8'); | ||
var metaData = strategy.generateServiceProviderMetadata(decryptionCert); | ||
fs.writeFile(__dirname + '/../idp-metadata/'+key +'.xml', metaData, function(err) { | ||
console.log("Data written successfully for "+key); | ||
}); | ||
} | ||
}; | ||
|
||
module.exports = { | ||
passport: passport, | ||
setCredentials: setCredentials | ||
}; |
Oops, something went wrong.