WIP: endpoints to receive SAMLResponse and setup config

2021-09-01 15:32:25 +01:00 · 2021-09-01 15:32:25 +01:00 · 987a377c37
parent a8c724c743
commit 987a377c37
6 changed files with 3424 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,2 @@
+.vscode
+node_modules/**
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -0,0 +1,18 @@
+{
+  "name": "jackson",
+  "version": "0.1.0",
+  "license": "Apache 2.0",
+  "scripts": {
+    "dev": "nodemon src/index.js"
+  },
+  "dependencies": {
+    "@boxyhq/saml20": "0.1.5",
+    "@prisma/client": "2.30.2",
+    "express": "4.17.1",
+    "xml2js": "0.4.23"
+  },
+  "devDependencies": {
+    "nodemon": "^2.0.12",
+    "prisma": "2.30.2"
+  }
+}
--- a/prettier.config.js
+++ b/prettier.config.js
@ -0,0 +1,4 @@
+module.exports = {
+  singleQuote: true,
+  trailingComma: 'es5',
+};
--- a/src/index.js
+++ b/src/index.js
@ -0,0 +1,47 @@
+const express = require('express');
+const saml = require('./saml.js');
+
+// const { PrismaClient } = require('@prisma/client');
+
+// const prisma = new PrismaClient();
+const app = express();
+
+const hostUrl = process.env.HOST_URL || 'localhost';
+const hostPort = (process.env.HOST_PORT || '5000') * 1;
+
+app.use(express.json());
+app.use(express.urlencoded({ extended: true }));
+
+app.post(`/auth/saml`, async (req, res) => {
+  const { SAMLResponse } = req.body;
+
+  console.log('headers.origin=', req.headers.origin);
+
+  //console.log('SAMLResponse=', SAMLResponse);
+
+  const profile = await saml.parse(Buffer.from(SAMLResponse, 'base64').toString());
+  
+  console.log('profile=', profile);
+
+  // if origin is not null check if it is allowed and then validate against config
+
+  // store details against a code
+
+  res.send('OK');
+});
+
+app.post(`/auth/saml/config`, async (req, res) => {
+  const { idpMetadata } = req.body;
+
+  //console.log('idpMetadata=', idpMetadata);
+
+  const idpMeta = await saml.parseMetadata(idpMetadata);
+  
+  console.log('idpMeta=', JSON.stringify(idpMeta, null, 2));
+
+  res.send('OK');
+});
+
+const server = app.listen(hostPort, () =>
+  console.log(`🚀 The path of the righteous server: http://${hostUrl}:${hostPort}`)
+);
--- a/src/saml.js
+++ b/src/saml.js
@ -0,0 +1,47 @@
+var saml = require('@boxyhq/saml20');
+var xml2js = require('xml2js');
+
+module.exports = {
+  parse: async function (rawAssertion) {
+    return new Promise(function (resolve, reject) {
+      saml.parse(rawAssertion, function onParseAsync(err, profile) {
+        if (err) {
+          reject(err);
+          return;
+        }
+
+        resolve(profile);
+      });
+    });
+  },
+
+  validate: async function (rawAssertion, options) {
+    return new Promise(function (resolve, reject) {
+      saml.validate(
+        rawAssertion,
+        options,
+        function onValidateAsync(err, profile) {
+          if (err) {
+            reject(err);
+            return;
+          }
+
+          resolve(profile);
+        }
+      );
+    });
+  },
+
+  parseMetadata: async function (idpMeta) {
+    return new Promise(function (resolve, reject) {
+      xml2js.parseString(idpMeta, { tagNameProcessors: [ xml2js.processors.stripPrefix ] }, function (err, res) {
+        if (err) {
+          reject(err);
+          return;
+        }
+
+        resolve(res);
+      });
+    });
+  },
+};