parse SAML req

2022-02-22 11:05:42 +05:30 · 2022-02-22 11:05:42 +05:30 · e25bb86413
commit e25bb86413
parent d455e9ae0a
2 changed files with 17 additions and 16 deletions
--- a/pages/api/saml/sso.ts
+++ b/pages/api/saml/sso.ts
@ -20,10 +20,10 @@ export default async function handler(
  async function processSAMLRequest() {
    const relayState = <string>req.query.RelayState;
    const samlRequest = <string>req.query.SAMLRequest;
+    const { id, audience, acsUrl, providerName } = await extractSAMLRequestAttributes(samlRequest);

-    const idpIdentityId = config.entityId;
-    const audience = config.entityId;
-    const acsUrl = 'http://localhost:3000/sso/acs'; // TODO: Fetch acsUrl from SAMLRequest
+    const idpIdentityId = audience;
+    // const audience = config.entityId;

    const user: User = {
      id: '1',
--- a/utils/request.ts
+++ b/utils/request.ts
@ -1,10 +1,8 @@
-import { promises as fs } from 'fs';
-import path from 'path';
-import xml2js from 'xml2js';
-import {promisify} from 'util';
-import zlib from 'zlib';
+import xml2js from "xml2js";
+import { promisify } from "util";
+import { inflateRaw } from "zlib";

-const inflateRawSync = promisify(zlib.inflateRawSync)
+const inflateRawAsync = promisify(inflateRaw);

 // Parse XML
 const parseXML = (xml: string): Promise<Record<string, any>> => {
@ -21,15 +19,18 @@ const parseXML = (xml: string): Promise<Record<string, any>> => {

 // Parse SAMLRequest attributes
 const extractSAMLRequestAttributes = async (samlRequest: string) => {
-  // const request = await inflateRawSync(Buffer.from(samlRequest, 'base64')).toString();
-  // const result = await parseXML(request);
-
-  // const attributes = result['samlp:AuthnRequest']['$'];
+  const request = (
+    await inflateRawAsync(Buffer.from(samlRequest, "base64"))
+  ).toString();
+  const result = await parseXML(request);

+  const attributes = result["samlp:AuthnRequest"]["$"];
+  const issuer = result["samlp:AuthnRequest"]["saml:Issuer"];
  return {
-    id: '123',
-    acsUrl: 'https://hookb.in/NOrYqkDLnXse8mNNlDXx',
-    providerName: 'BoxyHQ',
+    id: attributes.ID,
+    acsUrl: attributes.AssertionConsumerServiceURL,
+    providerName: attributes.ProviderName,
+    audience: issuer[0]["_"],
  };
 };