mocksaml/utils/idp.ts

import xmlbuilder from 'xmlbuilder';
import { stripCertHeaderAndFooter } from './certificate';

const createIdPMetadataXML = async ({
  idpEntityId,
  idpSsoUrl,
  certificate,
}: {
  idpEntityId: string;
  idpSsoUrl: string;
  certificate: string;
}): Promise<string> => {
  certificate = stripCertHeaderAndFooter(certificate);

  const nodes = {
    EntityDescriptor: {
      '@xmlns:md': 'urn:oasis:names:tc:SAML:2.0:metadata',
      '@entityID': idpEntityId,
      '@validUntil': '2026-06-22T18:39:53.000Z',
      IDPSSODescriptor: {
        '@WantAuthnRequestsSigned': false,
        '@protocolSupportEnumeration': 'urn:oasis:names:tc:SAML:2.0:protocol',
        KeyDescriptor: {
          '@use': 'signing',
          KeyInfo: {
            '@xmlns:ds': 'http://www.w3.org/2000/09/xmldsig#',
            X509Data: {
              X509Certificate: {
                '#text': certificate,
              },
            },
          },
        },
        NameIDFormat: {
          '#text': 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
        },
        SingleSignOnService: [
          {
            '@Binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
            '@Location': idpSsoUrl,
          },
          {
            '@Binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
            '@Location': idpSsoUrl,
          },
        ],
      },
    },
  };

  return xmlbuilder.create(nodes, { encoding: 'UTF-8', standalone: false }).end({ pretty: true });
};

export { createIdPMetadataXML };
Build the metadata using the xmlbuilder (#3) 2022-02-28 17:39:52 +00:00			`import xmlbuilder from 'xmlbuilder';`
Add key pair 2022-02-21 16:23:43 +00:00			`import { stripCertHeaderAndFooter } from './certificate';`

			`const createIdPMetadataXML = async ({`
			`idpEntityId,`
			`idpSsoUrl,`
			`certificate,`
			`}: {`
			`idpEntityId: string;`
			`idpSsoUrl: string;`
			`certificate: string;`
			`}): Promise<string> => {`
Applied prettier 2022-02-22 06:14:12 +00:00			`certificate = stripCertHeaderAndFooter(certificate);`
Add key pair 2022-02-21 16:23:43 +00:00
Build the metadata using the xmlbuilder (#3) 2022-02-28 17:39:52 +00:00			`const nodes = {`
			`EntityDescriptor: {`
			`'@xmlns:md': 'urn:oasis:names:tc:SAML:2.0:metadata',`
			`'@entityID': idpEntityId,`
			`'@validUntil': '2026-06-22T18:39:53.000Z',`
			`IDPSSODescriptor: {`
			`'@WantAuthnRequestsSigned': false,`
			`'@protocolSupportEnumeration': 'urn:oasis:names:tc:SAML:2.0:protocol',`
			`KeyDescriptor: {`
			`'@use': 'signing',`
			`KeyInfo: {`
			`'@xmlns:ds': 'http://www.w3.org/2000/09/xmldsig#',`
			`X509Data: {`
			`X509Certificate: {`
			`'#text': certificate,`
			`},`
			`},`
			`},`
			`},`
			`NameIDFormat: {`
			`'#text': 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',`
			`},`
			`SingleSignOnService: [`
			`{`
			`'@Binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',`
			`'@Location': idpSsoUrl,`
			`},`
			`{`
			`'@Binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',`
			`'@Location': idpSsoUrl,`
			`},`
			`],`
			`},`
			`},`
			`};`

Validate AuthnRequest signature (#11) * Validate AuthnRequest signature skelton * Code refactor: Move the base64decode to common method * wip * Add signature validation * Read the keys from config * Lock dep version Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com> 2022-03-02 21:06:04 +00:00			`return xmlbuilder.create(nodes, { encoding: 'UTF-8', standalone: false }).end({ pretty: true });`
Add key pair 2022-02-21 16:23:43 +00:00			`};`

Applied prettier 2022-02-22 06:14:12 +00:00			`export { createIdPMetadataXML };`