gmgauthier/mocksaml
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Handle POST binding

Browse Source
This commit is contained in:
Aswin V 2022-02-24 22:06:25 +05:30
parent 0f06186989
commit cc68eca2f8
2 changed files with 29 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
pages/api/saml/sso.ts
View File

@ -4,24 +4,36 @@ import { extractSAMLRequestAttributes } from 'utils';
export default async function handler(req: NextApiRequest, res: NextApiResponse<string>) {
switch (req.method) {
case 'GET':
return await processSAMLRequest();
return await processSAMLRequest(req, res, false);
case 'POST':
return await processSAMLRequest(req, res, true);
default:
return res.status(405).end(`Method ${req.method} Not Allowed`);
}
}
async function processSAMLRequest() {
const relayState = <string>req.query.RelayState;
const samlRequest = <string>req.query.SAMLRequest;
async function processSAMLRequest(req: NextApiRequest, res: NextApiResponse, isPost: boolean) {
let samlRequest, relayState, isDeflated;
if (isPost) {
relayState = req.body.RelayState;
samlRequest = req.body.SAMLRequest;
isDeflated = false;
} else {
relayState = req.query.RelayState;
samlRequest = req.query.SAMLRequest;
isDeflated = true;
}
try {
const { id, audience, acsUrl, providerName } = await extractSAMLRequestAttributes(
samlRequest,
isDeflated
);
const params = new URLSearchParams({ id, audience, acsUrl, providerName, relayState });
try {
const { id, audience, acsUrl, providerName } = await extractSAMLRequestAttributes(samlRequest);
const params = new URLSearchParams({ id, audience, acsUrl, providerName, relayState });
res.redirect(302, `/saml/login?${params.toString()}`);
} catch (err) {
console.error(err);
res.redirect(302, `/saml/login?${params.toString()}`);
} catch (err) {
console.error(err);
res.status(500).send(`Error parsing SAML request`);
}
res.status(500).send(`Error parsing SAML request`);
}
}

6
utils/request.ts
View File

@ -18,8 +18,10 @@ const parseXML = (xml: string): Promise<Record<string, any>> => {
};
// Parse SAMLRequest attributes
const extractSAMLRequestAttributes = async (samlRequest: string) => {
const request = (await inflateRawAsync(Buffer.from(samlRequest, 'base64'))).toString();
const extractSAMLRequestAttributes = async (samlRequest: string, isDeflated: boolean) => {
const request = isDeflated
? (await inflateRawAsync(Buffer.from(samlRequest, 'base64'))).toString()
: Buffer.from(samlRequest, 'base64').toString();
const result = await parseXML(request);
const attributes = result['samlp:AuthnRequest']['$'];