Tweaks (#1)

* cleanup and pin versions * tweaked metadata markers, formatted metadata, cleaned up .env.example file
2022-02-23 23:30:02 +00:00 · 2022-02-23 23:30:02 +00:00 · 4ec1bc044e
commit 4ec1bc044e
parent 9f6f714f41
6 changed files with 139 additions and 7605 deletions
--- a/.env.example
+++ b/.env.example
@ -1,4 +1,2 @@
 NODE_ENV=dev
 DATABASE_URL=
 APP_URL=http://localhost:4000
-ENTITY_ID=http://saml.example.com
+ENTITY_ID=https://saml.example.com/entityid
--- a/data/idp-metadata.xml
+++ b/data/idp-metadata.xml
@ -1,15 +1,19 @@
 <?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="idp_entity_id" validUntil="2026-06-22T18:39:53.000Z">
+<EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="{{idp_entity_id}}" validUntil="2026-06-22T18:39:53.000Z">
-  <md:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+	<IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
-    <md:KeyDescriptor use="signing">
+		<KeyDescriptor use="signing">
-      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+			<KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
-        <ds:X509Data>
+				<X509Data>
-          <ds:X509Certificate>idp_certificate</ds:X509Certificate>
+					<X509Certificate>
-        </ds:X509Data>
+						{{idp_certificate}}
-      </ds:KeyInfo>
+					</X509Certificate>
-    </md:KeyDescriptor>
+				</X509Data>
-    <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
+			</KeyInfo>
-    <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="idp_sso_url"/>
+		</KeyDescriptor>
-    <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="idp_sso_url"/>
+		<NameIDFormat>
-  </md:IDPSSODescriptor>
+			urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
-</md:EntityDescriptor>
+		</NameIDFormat>
 		<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="{{idp_sso_url}}" />
 		<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="{{idp_sso_url}}" />
 	</IDPSSODescriptor>
 </EntityDescriptor>
--- a/lib/env.ts
+++ b/lib/env.ts
@ -1,5 +1,5 @@
 const appUrl = process.env.APP_URL || 'http://localhost:4000';
-const entityId = process.env.ENTITY_ID || 'http://saml.example.com';
+const entityId = process.env.ENTITY_ID || 'https://saml.example.com/entityid';
 const ssoUrl = `${appUrl}/api/saml/sso`;
 const config = {
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -4,7 +4,7 @@
  "scripts": {
    "dev": "next dev -p 4000",
    "build": "next build",
-    "start": "next start",
+    "start": "next start -p 4000",
    "lint": "next lint"
  },
  "dependencies": {
@ -12,16 +12,15 @@
    "node-forge": "^1.2.1",
    "react": "17.0.2",
    "react-dom": "17.0.2",
-    "webpack-filter-warnings-plugin": "^1.2.1",
+    "xml-crypto": "2.1.3",
-    "xml-crypto": "^2.1.3",
+    "xml2js": "0.4.23",
-    "xml2js": "^0.4.23",
+    "xmlbuilder": "15.1.1"
    "xmlbuilder": "^15.1.1"
  },
  "devDependencies": {
    "@types/node": "17.0.8",
-    "@types/node-forge": "^1.0.0",
+    "@types/node-forge": "1.0.0",
    "@types/react": "17.0.38",
-    "@types/xml-crypto": "^1.4.2",
+    "@types/xml-crypto": "1.4.2",
    "@types/xml2js": "0.4.9",
    "autoprefixer": "10.4.2",
    "eslint": "8.6.0",
--- a/utils/idp.ts
+++ b/utils/idp.ts
@ -16,9 +16,9 @@ const createIdPMetadataXML = async ({
  certificate = stripCertHeaderAndFooter(certificate);
  return xml
-    .replace('idp_entity_id', idpEntityId)
+    .replace('{{idp_entity_id}}', idpEntityId)
-    .replace('idp_certificate', certificate)
+    .replace('{{idp_certificate}}', certificate)
-    .replace(/idp_sso_url/g, idpSsoUrl);
+    .replace(/{{idp_sso_url}}/g, idpSsoUrl);
 };
 export { createIdPMetadataXML };