-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathservice-provider-example.js
executable file
·85 lines (69 loc) · 2.12 KB
/
service-provider-example.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
#!/usr/bin/env node
//
// This is set up to point at openidp.feide.no with the fknsrsbiz-testing idp
// instance. You'll probably want to set your own up, or something.
//
// If you want.
//
// I'm not judging you.
//
var http = require("http"),
url = require("url");
var saml2 = require("./");
var sp = new saml2.ServiceProvider({
entityId: "fknsrsbiz-testing",
});
var idp = new saml2.IdentityProvider({
singleSignOnService: "https://openidp.feide.no/simplesaml/saml2/idp/SSOService.php",
fingerprint: "C9:ED:4D:FB:07:CA:F1:3F:C2:1E:0F:EC:15:72:04:7E:B8:A7:A4:CB",
});
var server = http.createServer(function(req, res) {
var uri = url.parse(req.url, true);
console.log(new Date(), req.method, uri.path);
if (uri.pathname === "/") {
return saml2.Transport.Redirect.produce(res, idp, {request: sp.createAuthnRequest()}, function(err) {
if (err) {
res.writeHead(500);
return res.end("OH NO ERROR");
}
});
}
if (uri.pathname === "/SAML2/AssertionConsumer/POST") {
return saml2.Transport.Post.consume(req, function(err, body) {
if (err) {
res.writeHead(500);
return res.end("Error reading assertion");
}
var onVerified = function onVerified(err, valid) {
if (err) {
res.writeHead(500);
return res.end("Error verifying signature");
}
if (!valid) {
res.writeHead(403);
return res.end("uh oh, the saml response's signature was not valid!");
}
res.writeHead(200, {
"content-type": "application/json",
});
res.end(JSON.stringify(body.samlResponse, null, 2));
};
if (idp.certificate) {
return idp.verify(body.samlResponseXml, onVerified);
} else {
return onVerified(null, true);
}
});
}
res.writeHead(404);
res.end("not found!");
});
server.listen(3000, function() {
console.log("");
console.log("Service provider example now listening!");
console.log("");
console.log("Visit http://127.0.0.1:3000/ in your browser and watch the magic!");
console.log("");
console.log("--------");
console.log("");
});