-
Notifications
You must be signed in to change notification settings - Fork 12
/
saml-login.raml
225 lines (221 loc) · 6.19 KB
/
saml-login.raml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
#%RAML 1.0
title: SAML Login
version: v1
baseUri: https://github.com/folio-org/mod-login-saml
documentation:
- title: mod-login-saml API
content: This module provides an SAML2-based login mechanism to authenticate user in FOLIO through SSO credentials
types:
SamlCheck: !include schemas/SamlCheck.json
SamlLogin: !include schemas/SamlLogin.json
SamlLoginRequest: !include schemas/SamlLoginRequest.json
SamlConfigRequest: !include schemas/SamlConfigRequest.json
SamlConfig: !include schemas/SamlConfig.json
SamlRegenerateResponse: !include schemas/SamlRegenerateResponse.json
SamlValidateResponse: !include schemas/SamlValidateResponse.json
/saml:
/regenerate:
get:
description: Regenerate SAML configuration (keyfile and passwords). The response contains the sp-metadata.xml file
responses:
200:
body:
application/json:
type: SamlRegenerateResponse
500:
description: "Internal server error"
body:
text/plain:
example: "Internal server error"
/login:
post:
body:
application/json:
type: SamlLoginRequest
description: Generates SAMLRequest and RelayState parameters for initiating a SAML login process
responses:
200:
description: "Return with HTML page in case POST_BINDING is used"
body:
application/json:
type: SamlLogin
500:
description: "Internal server error"
body:
text/plain:
example: "Internal server error"
options:
description: "Preflight CORS for /saml/login"
responses:
204:
description: "Return with appropriate CORS headers"
400:
description: "Bad request"
body:
text/plain:
example: "Bad request"
/callback:
post:
description: Redirect browser to sso-landing page with generated token. Deprecated.
body:
application/octet-stream:
type: string
application/x-www-form-urlencoded:
type: string
responses:
302:
description: "Generate JWT token and set cookie"
headers:
Set-Cookie:
x-okapi-token:
Location:
400:
description: "Bad request"
body:
text/plain:
example: "Bad request"
401:
description: "Unauthorized"
body:
text/plain:
example: "Unauthorized"
403:
description: "Forbidden"
body:
text/plain:
example: "Forbidden"
500:
description: "Internal server error"
body:
text/plain:
example: "Internal server error"
options:
description: "Preflight CORS for /saml/callback"
responses:
204:
description: "Return with appropriate CORS headers"
400:
description: "Bad request"
body:
text/plain:
example: "Bad request"
/callback-with-expiry:
post:
description: Redirect browser to sso-landing page with expiring access and refresh tokens.
body:
application/octet-stream:
type: string
application/x-www-form-urlencoded:
type: string
responses:
302:
description: "Generate JWT token and set cookie"
headers:
Location:
400:
description: "Bad request"
body:
text/plain:
example: "Bad request"
401:
description: "Unauthorized"
body:
text/plain:
example: "Unauthorized"
403:
description: "Forbidden"
body:
text/plain:
example: "Forbidden"
500:
description: "Internal server error"
body:
text/plain:
example: "Internal server error"
options:
description: "Preflight CORS for /saml/callback-with-expiry"
responses:
204:
description: "Return with appropriate CORS headers"
400:
description: "Bad request"
body:
text/plain:
example: "Bad request"
/check:
get:
description: Decides if SSO login is configured properly, returns true or false
responses:
200:
body:
application/json:
type: SamlCheck
404:
description: Module is not deployed
body:
text/html:
example: "Module is not deployed"
500:
description: "Internal server error"
body:
text/plain:
example: "Internal server error"
/configuration:
get:
responses:
200:
body:
application/json:
type: SamlConfig
500:
body:
text/plain:
example: "Internal server error"
put:
description: Save SAML module configuration
body:
application/json:
type: SamlConfigRequest
responses:
200:
body:
application/json:
type: SamlConfig
400:
body:
application/json:
type: SamlValidateResponse
500:
body:
text/plain:
example: "Internal server error"
/validate:
get:
queryParameters:
type:
displayName: Type
type: string
enum: [idpurl,okapiurl]
description: The type of configuration directive
example: idpurl
required: true
value:
displayName: Value
type: string
description: The value of configuration directive
example: http://localhost
required: true
responses:
200:
body:
application/json:
type: SamlValidateResponse
400:
body:
application/json:
type: SamlValidateResponse
500:
description: "Internal server error"
body:
text/plain:
example: "Internal server error"