gmgauthier/mocksaml
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

wip

Browse Source
This commit is contained in:
Kiran 2022-02-21 18:45:17 +05:30
parent 0f1fb9258d
commit 1f09de0c88
4 changed files with 42 additions and 97 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
data/x509cert.txt → data/idp-private-key.txt
View File

0
data/idp-public-key.txt Normal file
View File

58
data/saml-response.xml
View File

@ -1,58 +0,0 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://28a2-103-153-104-43.ngrok.io/sso/acs" ID="_41a01ff26e2669a4ffe974cd57079b3c" InResponseTo="_f5da12eb6e20fd04b654" IssueInstant="2022-01-14T18:39:01.757Z" Version="2.0">
<saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">idp_entity_id</saml2:Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#_41a01ff26e2669a4ffe974cd57079b3c">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>xPMc7SSHhFSWGljyk1L8mRE1M6otu0qlukR42E6QdiQ=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>VXlnv1pN3BsHvfbwkugYfsgcjoiXzsbm8OiWczkbNQcadaYTHgIOPf9mNLLJXq1vSfBVLyDY+1Xq</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509SubjectName>ST=California,C=US,OU=Google For Work,CN=Google,L=Mountain View,O=Google Inc.</ds:X509SubjectName>
<ds:X509Certificate>MIIDdDCCAlygAwIBAgIGAXo6K+u/MA0GCSqGSIb3DQEBCwUAMHsxFDASBgNVBAoTC0dvb2dsZSBJ</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml2p:Status>
<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
</saml2p:Status>
<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_28c7bb0ebe6359c70c1b2a9b7b1f280a" IssueInstant="2022-01-14T18:39:01.757Z" Version="2.0">
<saml2:Issuer>idp_entity_id</saml2:Issuer>
<saml2:Subject>
<saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">user_email</saml2:NameID>
<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml2:SubjectConfirmationData InResponseTo="_f5da12eb6e20fd04b654" NotOnOrAfter="2022-01-14T18:44:01.757Z" Recipient="sp_acs_url"/>
</saml2:SubjectConfirmation>
</saml2:Subject>
<saml2:Conditions NotBefore="2022-01-14T18:34:01.757Z" NotOnOrAfter="2022-01-14T18:44:01.757Z">
<saml2:AudienceRestriction>
<saml2:Audience>https://saml.boxyhq.com</saml2:Audience>
</saml2:AudienceRestriction>
</saml2:Conditions>
<saml2:AttributeStatement>
<saml2:Attribute Name="email">
<saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">user_email</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute Name="firstName">
<saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">user_firstName</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute Name="lastName">
<saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">user_lastName</saml2:AttributeValue>
</saml2:Attribute>
</saml2:AttributeStatement>
<saml2:AuthnStatement AuthnInstant="2022-01-14T15:01:16.000Z" SessionIndex="_28c7bb0ebe6359c70c1b2a9b7b1f280a">
<saml2:AuthnContext>
<saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml2:AuthnContextClassRef>
</saml2:AuthnContext>
</saml2:AuthnStatement>
</saml2:Assertion>
</saml2p:Response>

81
utils/index.ts
View File

@ -56,7 +56,7 @@ const createIdPMetadataXML = async ({
}; };
const createCertificate = async () => { const createCertificate = async () => {
const certificateFilePath = path.join('data', 'x509cert.txt'); const certificateFilePath = path.join('data', 'idp-public-key.txt');
return await fs.readFile(certificateFilePath, 'utf8'); return await fs.readFile(certificateFilePath, 'utf8');
}; };
@ -85,9 +85,44 @@ const createSAMLResponseXML = async (params: {
authDate.setMinutes(authDate.getMinutes() + 10); authDate.setMinutes(authDate.getMinutes() + 10);
const notAfter = authDate.toISOString(); const notAfter = authDate.toISOString();
const inResponseTo = '_dde944f3d9cb96238b0c' const inResponseTo = '_1234'
const responseId = crypto.randomBytes(10).toString('hex'); const responseId = crypto.randomBytes(10).toString('hex');
const attributeStatement = {
'@xmlns:xs': 'http://www.w3.org/2001/XMLSchema',
'@xmlns:xsi': 'http://www.w3.org/2001/XMLSchema-instance',
'saml:Attribute' : [
{
'@Name': 'id',
'@NameFormat': 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
'saml:AttributeValue': {
'#text': user.id,
}
},
{
'@Name': 'email',
'@NameFormat': 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
'saml:AttributeValue': {
'#text': user.email,
}
},
{
'@Name': 'firstName',
'@NameFormat': 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
'saml:AttributeValue': {
'#text': user.firstName,
}
},
{
'@Name': 'lastName',
'@NameFormat': 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
'saml:AttributeValue': {
'#text': user.lastName,
}
},
]
}
const nodes = { const nodes = {
'samlp:Response':{ 'samlp:Response':{
'@xmlns:samlp': 'urn:oasis:names:tc:SAML:2.0:protocol', '@xmlns:samlp': 'urn:oasis:names:tc:SAML:2.0:protocol',
@ -137,49 +172,17 @@ const createSAMLResponseXML = async (params: {
} }
} }
}, },
'saml:AttributeStatement': { 'saml:AttributeStatement': attributeStatement,
'@xmlns:xs': 'http://www.w3.org/2001/XMLSchema', },
'@xmlns:xsi': 'http://www.w3.org/2001/XMLSchema-instance',
'saml:Attribute': [
{
'@Name': 'id',
'@NameFormat': 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
'saml:AttributeValue': {
'#text': user.id,
}
},
{
'@Name': 'email',
'@NameFormat': 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
'saml:AttributeValue': {
'#text': user.email,
}
},
{
'@Name': 'firstName',
'@NameFormat': 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
'saml:AttributeValue': {
'#text': user.firstName,
}
},
{
'@Name': 'lastName',
'@NameFormat': 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
'saml:AttributeValue': {
'#text': user.lastName,
}
},
]
}
}
} }
} }
return xmlbuilder.create(nodes).end({ pretty: true}); return xmlbuilder.create(nodes).end({ pretty: true});
}; };
// Add DigestValue const signResponseXML = (xml: string, signingKey: any, publicKey: any): string => {
// Add X509Certificate return xml;
}
// Create the HTML form to submit the response // Create the HTML form to submit the response
export const createResponseForm = (relayState: string, encodedSamlResponse: string, acsUrl: string) => { export const createResponseForm = (relayState: string, encodedSamlResponse: string, acsUrl: string) => {