mirror of https://github.com/xwiki-labs/cryptpad
SSO SAML test
This commit is contained in:
yflory
parent
e8d719c438
commit
9b367a0468
|
|
@ -11,6 +11,7 @@ const MFA = require("./storage/mfa");
|
|||
const SSOUtils = require("./sso-utils");
|
||||
const Sessions = require("./storage/sessions");
|
||||
const cookieParser = require("cookie-parser");
|
||||
const bodyParser = require('body-parser');
|
||||
const BlobStore = require("./storage/blob");
|
||||
const BlockStore = require("./storage/block");
|
||||
|
||||
|
|
@ -161,6 +162,10 @@ var setHeaders = function (req, res) {
|
|||
|
||||
const Express = require("express");
|
||||
var app = Express();
|
||||
|
||||
app.use(bodyParser.urlencoded({
|
||||
extended: true
|
||||
}));
|
||||
app.use(cookieParser());
|
||||
|
||||
(function () {
|
||||
|
|
@ -198,6 +203,17 @@ const wsProxy = createProxyMiddleware({
|
|||
|
||||
app.use('/cryptpad_websocket', wsProxy);
|
||||
|
||||
app.use('/ssoauth', (req, res, next) => {
|
||||
console.log(req.body.SAMLResponse);
|
||||
req.method = 'GET';
|
||||
//res.sendFile(__dirname + '/../www' + req.url + '/index.html');
|
||||
// XXX XXX XXX
|
||||
// Here, redirect to /ssoauth with params?
|
||||
// Check how we can handle data in the client
|
||||
next();
|
||||
});
|
||||
|
||||
|
||||
app.use('/blob', function (req, res, next) {
|
||||
/* Head requests are used to check the size of a blob.
|
||||
Clients can configure a maximum size to download automatically,
|
||||
|
|
@ -262,6 +278,7 @@ app.use(function (req, res, next) {
|
|||
next();
|
||||
});
|
||||
|
||||
|
||||
// serve custom app content from the customize directory
|
||||
// useful for testing pages customized with opengraph data
|
||||
app.use(Express.static(Path.resolve('./customize/www')));
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ const SSOUtils = require('../../sso-utils');
|
|||
|
||||
const TYPE = 'oidc';
|
||||
|
||||
const opts = SSOUtils.getoptions();
|
||||
const opts = SSOUtils.getOptions();
|
||||
const getClient = (cfg, cb) => {
|
||||
OID.Issuer.discover(cfg.url).then((issuer) => { // XXX Only once for all users?
|
||||
let alg = cfg.jwt_alg || 'PS256';
|
||||
|
|
|
|||
|
|
@ -0,0 +1,49 @@
|
|||
const { SAML } = require('@node-saml/node-saml');
|
||||
const SSOUtils = require('../../sso-utils');
|
||||
|
||||
const TYPE = 'saml';
|
||||
|
||||
/*
|
||||
// XXX XXX XXX SAML TEST
|
||||
|
||||
* get metadata with "saml.generateServiceProviderMetadata()"
|
||||
* test site: https://samltest.id/upload.php
|
||||
* upload metadata there
|
||||
* redirected to cryptpad with a POST to /ssoauth handled in http-worker.js
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
*/
|
||||
|
||||
|
||||
|
||||
const opts = SSOUtils.getOptions();
|
||||
const getClient = (cfg, cb) => {
|
||||
console.log(SAML);
|
||||
const saml = new SAML({
|
||||
callbackUrl: opts.callbackURL,
|
||||
entryPoint: cfg.url,
|
||||
issuer: cfg.issuer,
|
||||
cert: cfg.cert,
|
||||
});
|
||||
cb(void 0, saml);
|
||||
};
|
||||
module.exports = {
|
||||
type: TYPE,
|
||||
checkConfig: (cfg) => {
|
||||
return cfg.url && cfg.issuer && cfg.cert;
|
||||
},
|
||||
auth: (Env, cfg, cb) => {
|
||||
getClient(cfg, (err, client) => {
|
||||
if (err) { return void cb ('E_OIDC_CONNECT'); }
|
||||
client.getAuthorizeUrlAsync().then((url) => {
|
||||
console.log(url); // XXX XXX XXX write_request not useful here?
|
||||
cb(void 0, { url: url/*, token: code_verifier*/ });
|
||||
});
|
||||
});
|
||||
},
|
||||
authCb: (Env, cfg, token, url, cb) => {
|
||||
},
|
||||
};
|
||||
|
|
@ -3,7 +3,7 @@ const Sessions = require("./storage/sessions");
|
|||
const Nacl = require("tweetnacl/nacl-fast");
|
||||
const JWT = require("jsonwebtoken");
|
||||
const Util = require("./common-util");
|
||||
const config = require("./lib/load-config");
|
||||
const config = require("./load-config");
|
||||
|
||||
const SSOUtils = module.exports;
|
||||
|
||||
|
|
|
|||
|
|
@ -12,6 +12,7 @@
|
|||
"@mcrowe/minibloom": "^0.2.0",
|
||||
"@node-saml/node-saml": "^4.0.5",
|
||||
"alertify.js": "1.0.11",
|
||||
"body-parser": "^1.20.2",
|
||||
"bootstrap": "^4.0.0",
|
||||
"bootstrap-tokenfield": "^0.12.0",
|
||||
"chainpad": "^5.2.6",
|
||||
|
|
@ -850,12 +851,12 @@
|
|||
}
|
||||
},
|
||||
"node_modules/body-parser": {
|
||||
"version": "1.20.1",
|
||||
"resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.1.tgz",
|
||||
"integrity": "sha512-jWi7abTbYwajOytWCQc37VulmWiRae5RyTpaCyDcS5/lMdtwSz5lOpDE67srw/HYe35f1z3fDQw+3txg7gNtWw==",
|
||||
"version": "1.20.2",
|
||||
"resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.2.tgz",
|
||||
"integrity": "sha512-ml9pReCu3M61kGlqoTm2umSXTlRTuGTx0bfYj+uIUKKYycG5NtSbeetV3faSU6R7ajOPw0g/J1PvK4qNy7s5bA==",
|
||||
"dependencies": {
|
||||
"bytes": "3.1.2",
|
||||
"content-type": "~1.0.4",
|
||||
"content-type": "~1.0.5",
|
||||
"debug": "2.6.9",
|
||||
"depd": "2.0.0",
|
||||
"destroy": "1.2.0",
|
||||
|
|
@ -863,7 +864,7 @@
|
|||
"iconv-lite": "0.4.24",
|
||||
"on-finished": "2.4.1",
|
||||
"qs": "6.11.0",
|
||||
"raw-body": "2.5.1",
|
||||
"raw-body": "2.5.2",
|
||||
"type-is": "~1.6.18",
|
||||
"unpipe": "1.0.0"
|
||||
},
|
||||
|
|
@ -1753,6 +1754,43 @@
|
|||
"node": ">= 0.10.0"
|
||||
}
|
||||
},
|
||||
"node_modules/express/node_modules/body-parser": {
|
||||
"version": "1.20.1",
|
||||
"resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.1.tgz",
|
||||
"integrity": "sha512-jWi7abTbYwajOytWCQc37VulmWiRae5RyTpaCyDcS5/lMdtwSz5lOpDE67srw/HYe35f1z3fDQw+3txg7gNtWw==",
|
||||
"dependencies": {
|
||||
"bytes": "3.1.2",
|
||||
"content-type": "~1.0.4",
|
||||
"debug": "2.6.9",
|
||||
"depd": "2.0.0",
|
||||
"destroy": "1.2.0",
|
||||
"http-errors": "2.0.0",
|
||||
"iconv-lite": "0.4.24",
|
||||
"on-finished": "2.4.1",
|
||||
"qs": "6.11.0",
|
||||
"raw-body": "2.5.1",
|
||||
"type-is": "~1.6.18",
|
||||
"unpipe": "1.0.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">= 0.8",
|
||||
"npm": "1.2.8000 || >= 1.4.16"
|
||||
}
|
||||
},
|
||||
"node_modules/express/node_modules/raw-body": {
|
||||
"version": "2.5.1",
|
||||
"resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.1.tgz",
|
||||
"integrity": "sha512-qqJBtEyVgS0ZmPGdCFPWJ3FreoqvG4MVQln/kCgF7Olq95IbOp0/BWyMwbdtn4VTvkM8Y7khCQ2Xgk/tcrCXig==",
|
||||
"dependencies": {
|
||||
"bytes": "3.1.2",
|
||||
"http-errors": "2.0.0",
|
||||
"iconv-lite": "0.4.24",
|
||||
"unpipe": "1.0.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">= 0.8"
|
||||
}
|
||||
},
|
||||
"node_modules/extend-shallow": {
|
||||
"version": "2.0.1",
|
||||
"resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz",
|
||||
|
|
@ -3876,9 +3914,9 @@
|
|||
}
|
||||
},
|
||||
"node_modules/raw-body": {
|
||||
"version": "2.5.1",
|
||||
"resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.1.tgz",
|
||||
"integrity": "sha512-qqJBtEyVgS0ZmPGdCFPWJ3FreoqvG4MVQln/kCgF7Olq95IbOp0/BWyMwbdtn4VTvkM8Y7khCQ2Xgk/tcrCXig==",
|
||||
"version": "2.5.2",
|
||||
"resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz",
|
||||
"integrity": "sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==",
|
||||
"dependencies": {
|
||||
"bytes": "3.1.2",
|
||||
"http-errors": "2.0.0",
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@
|
|||
"chainpad-crypto": "^0.2.5",
|
||||
"chainpad-server": "^5.1.0",
|
||||
"cookie-parser": "^1.4.6",
|
||||
"body-parser": "^1.20.2",
|
||||
"express": "~4.18.2",
|
||||
"fs-extra": "^7.0.0",
|
||||
"get-folder-size": "^2.0.1",
|
||||
|
|
|
|||
Loading…
Reference in New Issue