Code cleanup
This commit is contained in:
Kiran
parent
faa3946353
commit
9b86ea8b2e
@ -1,3 +1,4 @@
|
||||
import config from 'lib/env';
|
||||
import type { NextApiRequest, NextApiResponse } from 'next';
|
||||
import type { User } from 'types';
|
||||
import {
|
||||
@ -7,22 +8,23 @@ import {
|
||||
fetchPublicKey,
|
||||
signResponseXML,
|
||||
} from 'utils';
|
||||
import config from 'lib/env';
|
||||
|
||||
export default async function handler(req: NextApiRequest, res: NextApiResponse) {
|
||||
if (req.method === 'POST') {
|
||||
const email = req.body.email;
|
||||
|
||||
if (!email.endsWith('@example.com')) {
|
||||
res.status(403).send(`${email} denied access`);
|
||||
}
|
||||
|
||||
const id = email.replace('@example.com', '');
|
||||
|
||||
const user: User = {
|
||||
id,
|
||||
email,
|
||||
firstName: id,
|
||||
lastName: id,
|
||||
};
|
||||
console.log(`🏁`, user);
|
||||
|
||||
const xml = await createResponseXML({
|
||||
idpIdentityId: config.entityId,
|
||||
|
||||
@ -12,15 +12,16 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse<
|
||||
async function processSAMLRequest() {
|
||||
const relayState = <string>req.query.RelayState;
|
||||
const samlRequest = <string>req.query.SAMLRequest;
|
||||
|
||||
try {
|
||||
const { id, audience, acsUrl, providerName } = await extractSAMLRequestAttributes(samlRequest);
|
||||
const params = new URLSearchParams({ id, audience, acsUrl, providerName, relayState });
|
||||
|
||||
res.redirect(302, `/saml/login?${params.toString()}`);
|
||||
} catch (err) {
|
||||
console.error(err);
|
||||
|
||||
res.status(500).send(`Error parsing SAML request`);
|
||||
}
|
||||
|
||||
// const audience = config.entityId;
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,4 +1,5 @@
|
||||
import { promises as fs } from 'fs';
|
||||
import { asn1, pki, util } from 'node-forge';
|
||||
import path from 'path';
|
||||
|
||||
const fetchPublicKey = async (): Promise<string> => {
|
||||
@ -9,6 +10,14 @@ const fetchPrivateKey = async (): Promise<string> => {
|
||||
return await fs.readFile(path.join('data', 'key.pem'), 'ascii');
|
||||
};
|
||||
|
||||
function getPublicKeyPemFromCertificate(x509Certificate: string) {
|
||||
const certDerBytes = util.decode64(x509Certificate);
|
||||
const obj = asn1.fromDer(certDerBytes);
|
||||
const cert = pki.certificateFromAsn1(obj);
|
||||
|
||||
return pki.publicKeyToPem(cert.publicKey);
|
||||
}
|
||||
|
||||
const stripCertHeaderAndFooter = (cert: string): string => {
|
||||
cert = cert.replace(/-+BEGIN CERTIFICATE-+\r?\n?/, '');
|
||||
cert = cert.replace(/-+END CERTIFICATE-+\r?\n?/, '');
|
||||
@ -17,4 +26,23 @@ const stripCertHeaderAndFooter = (cert: string): string => {
|
||||
return cert;
|
||||
};
|
||||
|
||||
export { fetchPublicKey, fetchPrivateKey, stripCertHeaderAndFooter };
|
||||
function GetKeyInfo(x509Certificate: string, signatureConfig: any = {}) {
|
||||
x509Certificate = stripCertHeaderAndFooter(x509Certificate);
|
||||
|
||||
this.getKeyInfo = () => {
|
||||
const prefix = signatureConfig.prefix ? `${signatureConfig.prefix}:` : '';
|
||||
return `<${prefix}X509Data><${prefix}X509Certificate>${x509Certificate}</${prefix}X509Certificate></${prefix}X509Data>`;
|
||||
};
|
||||
|
||||
this.getKey = () => {
|
||||
return getPublicKeyPemFromCertificate(x509Certificate).toString();
|
||||
};
|
||||
}
|
||||
|
||||
export {
|
||||
fetchPublicKey,
|
||||
fetchPrivateKey,
|
||||
stripCertHeaderAndFooter,
|
||||
getPublicKeyPemFromCertificate,
|
||||
GetKeyInfo,
|
||||
};
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
export * from './certificate';
|
||||
export * from './idp';
|
||||
export * from './request';
|
||||
export * from './response';
|
||||
export * from './idp';
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
import xml2js from 'xml2js';
|
||||
import { promisify } from 'util';
|
||||
import xml2js from 'xml2js';
|
||||
import { inflateRaw } from 'zlib';
|
||||
|
||||
const inflateRawAsync = promisify(inflateRaw);
|
||||
|
||||
@ -1,8 +1,8 @@
|
||||
import { User } from '../types';
|
||||
import xmlbuilder from 'xmlbuilder';
|
||||
import crypto from 'crypto';
|
||||
import { SignedXml, FileKeyInfo } from 'xml-crypto';
|
||||
import { pki, util, asn1 } from 'node-forge';
|
||||
import { SignedXml } from 'xml-crypto';
|
||||
import xmlbuilder from 'xmlbuilder';
|
||||
import { User } from '../types';
|
||||
import { GetKeyInfo } from './certificate';
|
||||
|
||||
const createResponseXML = async (params: {
|
||||
idpIdentityId: string;
|
||||
@ -156,33 +156,6 @@ const createResponseForm = (relayState: string, encodedSamlResponse: string, acs
|
||||
return formElements.join('');
|
||||
};
|
||||
|
||||
function getPublicKeyPemFromCertificate(x509Certificate: string) {
|
||||
const certDerBytes = util.decode64(x509Certificate);
|
||||
const obj = asn1.fromDer(certDerBytes);
|
||||
const cert = pki.certificateFromAsn1(obj);
|
||||
return pki.publicKeyToPem(cert.publicKey);
|
||||
}
|
||||
|
||||
const stripCertHeaderAndFooter = (cert: string): string => {
|
||||
cert = cert.replace(/-+BEGIN CERTIFICATE-+\r?\n?/, '');
|
||||
cert = cert.replace(/-+END CERTIFICATE-+\r?\n?/, '');
|
||||
cert = cert.replace(/\r\n/g, '\n');
|
||||
return cert;
|
||||
};
|
||||
|
||||
function GetKeyInfo(x509Certificate: string, signatureConfig: any = {}) {
|
||||
x509Certificate = stripCertHeaderAndFooter(x509Certificate);
|
||||
|
||||
this.getKeyInfo = () => {
|
||||
const prefix = signatureConfig.prefix ? `${signatureConfig.prefix}:` : '';
|
||||
return `<${prefix}X509Data><${prefix}X509Certificate>${x509Certificate}</${prefix}X509Certificate></${prefix}X509Data>`;
|
||||
};
|
||||
|
||||
this.getKey = () => {
|
||||
return getPublicKeyPemFromCertificate(x509Certificate).toString();
|
||||
};
|
||||
}
|
||||
|
||||
const signResponseXML = async (xml: string, signingKey: any, publicKey: any): Promise<string> => {
|
||||
const sig = new SignedXml();
|
||||
const responseXPath =
|
||||
|
||||
Loading…
Reference in New Issue
Block a user