gmgauthier/mocksaml
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
mocksaml/pages/api/saml/sso.ts
dependabot[bot] c9a56026ff
build(deps): bump @boxyhq/saml20 from 1.10.2 to 1.12.1 (#1001) 
* build(deps): bump @boxyhq/saml20 from 1.10.2 to 1.12.1

Bumps [@boxyhq/saml20](https://github.com/boxyhq/saml20) from 1.10.2 to 1.12.1.
- [Release notes](https://github.com/boxyhq/saml20/releases)
- [Changelog](https://github.com/ory/saml20/blob/main/.release-it.json)
- [Commits](https://github.com/boxyhq/saml20/compare/1.10.2...1.12.1)

---
updated-dependencies:
- dependency-name: "@boxyhq/saml20"
  dependency-version: 1.12.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* updated saml20

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Deepak Prabhakara <deepak.prabhakara@ory.sh>
2025-09-15 23:49:47 +01:00

53 lines
1.5 KiB
TypeScript
Raw Permalink Blame History

import type { NextApiRequest, NextApiResponse } from 'next';
import saml from '@boxyhq/saml20';
export default async function handler(req: NextApiRequest, res: NextApiResponse<string>) {
switch (req.method) {
case 'GET':
return await processSAMLRequest(req, res, false);
case 'POST':
return await processSAMLRequest(req, res, true);
default:
return res.status(405).end(`Method ${req.method} Not Allowed`);
}
}
async function processSAMLRequest(req: NextApiRequest, res: NextApiResponse, isPost: boolean) {
let samlRequest, relayState, isDeflated;
if (isPost) {
relayState = req.body.RelayState;
samlRequest = req.body.SAMLRequest;
isDeflated = false;
} else {
relayState = req.query.RelayState;
samlRequest = req.query.SAMLRequest;
// sigAlg = req.query.SigAlg;
// signature = req.query.Signature;
isDeflated = true;
}
try {
const rawRequest = await saml.decodeBase64(samlRequest, isDeflated);
const { id, audience, acsUrl, providerName, publicKey } = await saml.parseSAMLRequest(rawRequest, isPost);
if (isPost) {
if (!saml.validateSignature(rawRequest, publicKey, null)) {
throw new Error('Invalid signature');
}
}
const params = new URLSearchParams({ id, audience, acsUrl, providerName, relayState });
const loginUrl = (req.query.namespace ? `/namespace/${req.query.namespace}` : '') + '/saml/login';
res.redirect(302, `${loginUrl}?${params.toString()}`);
} catch (err) {
console.error(err);
res.status(500).send(`${err}`);
}
}
Reference in New Issue View Git Blame Copy Permalink