/
multiSamlStrategy.ts
93 lines (81 loc) · 2.9 KB
/
multiSamlStrategy.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
import { SAML } from "../node-saml";
import { AbstractStrategy } from "./strategy";
import type { Request } from "express";
import {
AuthenticateOptions,
MultiSamlConfig,
RequestWithUser,
SamlConfig,
VerifyWithoutRequest,
VerifyWithRequest,
} from "./types";
export class MultiSamlStrategy extends AbstractStrategy {
static readonly newSamlProviderOnConstruct = false;
_options: SamlConfig & MultiSamlConfig;
constructor(options: MultiSamlConfig, verify: VerifyWithRequest);
constructor(options: MultiSamlConfig, verify: VerifyWithoutRequest);
constructor(options: MultiSamlConfig, verify: never) {
if (!options || typeof options.getSamlOptions !== "function") {
throw new Error("Please provide a getSamlOptions function");
}
// Force the type on this since we've disabled `newOnConstruct`
// so the `SAML` constructor will not be called at this time
// and there are defaults for all `strategy`-required options.
const samlConfig = {
...options,
} as SamlConfig & MultiSamlConfig;
super(samlConfig, verify);
this._options = samlConfig;
}
authenticate(req: RequestWithUser, options: AuthenticateOptions): void {
this._options.getSamlOptions(req, (err, samlOptions) => {
if (err) {
return this.error(err);
}
const samlService = new SAML({ ...this._options, ...samlOptions });
const strategy = Object.assign({}, this, { _saml: samlService });
Object.setPrototypeOf(strategy, this);
super.authenticate.call(strategy, req, options);
});
}
logout(
req: RequestWithUser,
callback: (err: Error | null, url?: string | null | undefined) => void
) {
this._options.getSamlOptions(req, (err, samlOptions) => {
if (err) {
return callback(err);
}
const samlService = new SAML(Object.assign({}, this._options, samlOptions));
const strategy = Object.assign({}, this, { _saml: samlService });
Object.setPrototypeOf(strategy, this);
super.logout.call(strategy, req, callback);
});
}
generateServiceProviderMetadata(
req: Request,
decryptionCert: string | null,
signingCert: string | null,
callback: (err: Error | null, metadata?: string) => void
) {
if (typeof callback !== "function") {
throw new Error("Metadata can't be provided synchronously for MultiSamlStrategy.");
}
return this._options.getSamlOptions(req, (err, samlOptions) => {
if (err) {
return callback(err);
}
const samlService = new SAML(Object.assign({}, this._options, samlOptions));
const strategy = Object.assign({}, this, { _saml: samlService });
Object.setPrototypeOf(strategy, this);
return callback(
null,
this._generateServiceProviderMetadata.call(strategy, decryptionCert, signingCert)
);
});
}
// This is reduntant, but helps with testing
error(err: Error): void {
super.error(err);
}
}