evin/nodebb-plugin-sso-saml
3
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

try to fix configuration logic

Browse source
This commit is contained in:
Christian Ulrich 2020-04-29 15:00:23 +02:00
parent 3317bc7d89
commit 9977b415ba
3 changed files with 122 additions and 66 deletions
Download patch file Download diff file Expand all files Collapse all files

78
library.js
View file

@ -20,16 +20,28 @@
}
});
var master_config = {};
var SAML = {};
var samlObj;
if (meta.config['sso:saml:idpentrypoint'] && meta.config['sso:saml:callbackpath']&& meta.config["sso:saml:metadata"] && meta.config["sso:saml:issuer"]) {
SAML.init = function(params, callback) {
function render(req, res, next) {
res.render('admin/plugins/sso-saml', {});
}
params.router.get('/admin/plugins/sso-saml', params.middleware.admin.buildHeader, render);
params.router.get('/api/admin/plugins/sso-saml', render);
meta.settings.get('sso_saml', function(err, options) {
master_config = options;
});
samlObj = new passportSAML({
path: meta.config['sso:saml:callbackpath'],
entryPoint: meta.config['sso:saml:idpentrypoint'],
issuer: meta.config['sso:saml:issuer'],
callbackUrl: nconf.get('url') + meta.config['sso:saml:callbackpath'],
path: master_config.callback_path,
entryPoint: master_config.idp_entry_point,
issuer: master_config.issuer,
callbackUrl: nconf.get('url') + master_config.callback_path,
disableRequestedAuthnContext: true,
identifierFormat: null
},
@ -58,28 +70,13 @@
});
}
);
}
else{
console.log("No config info")
console.log(meta.config);
}
SAML.init = function(params, callback) {
function render(req, res, next) {
res.render('admin/plugins/sso-saml', {});
}
params.router.get('/admin/plugins/sso-saml', params.middleware.admin.buildHeader, render);
params.router.get('/api/admin/plugins/sso-saml', render);
if (samlObj){
if (meta.config["sso:saml:metadata"]) {
params.router.get(meta.config["sso:saml:metadata"], function(req, res) {
if (meta.config["sso:saml:servercrt"]){
var cert = fs.readFileSync(meta.config["sso:saml:servercrt"], 'utf-8');
if (master_config.metadata) {
params.router.get(master_config.metadata, function(req, res) {
if (master_config.server_crt){
var cert = fs.readFileSync(master_config.server_crt, 'utf-8');
res.header("Content-Type", "application/xml");
res.send(samlObj.generateServiceProviderMetadata(cert))
}
@ -89,11 +86,11 @@
});
}
params.router.post(meta.config['sso:saml:callbackpath'],
params.router.post(master_config.callback_path,
passport.authenticate('saml'),
function(req, res, next){
if (meta.config['sso:saml:loginsuccessredirecturl']){
res.redirect(meta.config['sso:saml:loginsuccessredirecturl']);
if (master_config.login_redirect_url){
res.redirect(master_config.login_redirect_url);
}
else{
res.redirect("/");
@ -103,9 +100,9 @@
);
if (meta.config['sso:saml:logouturl']) {
if (master_config.logout_url) {
params.router.get(meta.config['sso:saml:logouturl'],function(req,res){
params.router.get(master_config.logout_url,function(req,res){
if (req.user && parseInt(req.user.uid, 10) > 0) {
winston.info('[Auth] Session ' + req.sessionID + ' logout (uid: ' + req.user.uid + ')');
@ -114,8 +111,8 @@
req.logout();
if (meta.config['sso:saml:logoutredirecturl']){
res.redirect(meta.config['sso:saml:logoutredirecturl']);
if (master_config.logout_redirect_url){
res.redirect(master_config.logout_redirect_url);
}
else{
res.redirect("/");
@ -127,10 +124,27 @@
}
}
else {
console.log("Cannot create samlObj")
}
callback();
};
SAML.get_config = function(options, callback) {
meta.settings.get('sso_saml', function(err, settings) {
if (err) {
return callback(null, options);
}
master_config = settings;
options.sso_saml = settings;
callback(null, options);
});
},
SAML.getStrategy = function(strategies, callback) {
if (samlObj){
@ -140,7 +154,7 @@
strategies.push({
name: 'saml',
url: '/auth/saml',
callbackURL: meta.config['sso:saml:callbackpath'],
callbackURL: master_config.callback_path,
icon: constants.admin.icon,
scope: ''
});

3
plugin.json
View file

@ -2,12 +2,13 @@
"id": "nodebb-plugin-sso-saml",
"name": "NodeBB SAML SSO",
"description": "NodeBB Plugin that allows users to login/register via SAML.",
"url": "https://github.com/GeographicaGS/nodebb-plugin-sso-saml",
"url": "https://code.evin.team/evin/nodebb-plugin-sso-saml.git",
"library": "./library.js",
"hooks": [
{ "hook": "filter:auth.init", "method": "getStrategy" },
{ "hook": "filter:admin.header.build", "method": "addMenuItem" },
{ "hook": "static:app.load", "method": "init" },
{ "hook": "filter:config.get", "method": "get_config" },
{ "hook": "filter:user.delete", "method": "deleteUserData" }
],
"templates": "./templates"

99
templates/admin/plugins/sso-saml.tpl
View file

@ -1,35 +1,76 @@
<h1> Simple samp Authentication</h1>
<hr />
<form>
<div class="alert alert-warning">
<p>
</p>
<br />
<input type="text" data-field="sso:saml:idpentrypoint" title="IdP entry point" class="form-control input-lg" placeholder="IdP entry point"><br />
<input type="text" data-field="sso:saml:callbackpath" title="Callback path" class="form-control input-md" placeholder="Callback path"><br/>
<input type="text" data-field="sso:saml:issuer" title="Issuer string to supply to identity provider" class="form-control input-md" placeholder="Issuer string to supply to identity provider"><br/>
<input type="text" data-field="sso:saml:metadata" title="Metadata URL" class="form-control input-md" placeholder="Metadata URL"><br/>
<input type="text" data-field="sso:saml:servercrt" title="Server CRT file" class="form-control input-md" placeholder="Server CRT file">
<br/>
<input type="text" data-field="sso:saml:loginsuccessredirecturl" title="URL to redirect after a successfull login" class="form-control input-md" placeholder="URL to redirect after a successfull login. Leave empty to redirect to /. ">
<br/>
<input type="text" data-field="sso:saml:logouturl" title="Logout URL" class="form-control input-md" placeholder="Logout URL ">
<br/>
<input type="text" data-field="sso:saml:logoutredirecturl" title="Logout redirect URL" class="form-control input-md" placeholder="Logout redirect URL">
<form class="saml-settings form-horizontal" onsubmit="return false;">
<div class="row">
<div class="col-md-12 col-sm-12 col-lg-12">
<h1 class="page-header"><i class="fa fa-cog"></i> SAML Settings</h1>
<div class="col-lg-9 col-md-9 col-sm-8">
<div class="well well-sm">
<h4 class="page-header">Server Settings</h4>
<div class="row">
<div class="form-group col-md-12 col-sm-12"> <!-- required -->
<label class="col-sm-3 control-label" for="idp_entry_point">IdP entry point</label>
<div class="col-sm-9">
<input type="text" id="idp_entry_point" required name="idp_entry_point" title="IdP entry point" class="form-control" placeholder="https://example.mydomain.com/idp/shibboleth">
</div>
</div>
<div class="form-group col-md-12 col-sm-12"> <!-- required -->
<label class="col-sm-3 control-label" for="callback_path">Callback path</label>
<div class="col-sm-9">
<input type="number" id="callback_path" required name="callback_path" title="Callback path" class="form-control" placeholder="Callback path">
</div>
</div>
<div class="form-group col-md-12 col-sm-12"> <!-- required -->
<label class="col-sm-3 control-label" for="issuer">Issuer</label>
<div class="col-sm-9">
<input type="text" id="issuer" required name="issuer" title="Issuer" class="form-control" placeholder="Issuer string to supply to identity provider">
</div>
</div>
<div class="form-group col-md-12 col-sm-12"> <!-- required -->
<label class="col-sm-3 control-label" for="metadata">Metadata URL</label>
<div class="col-sm-9">
<input type="text" id="metadata" required name="metadata" title="Metadata URL" class="form-control" placeholder="Metadata URL">
</div>
</div>
<div class="form-group col-md-12 col-sm-12">
<label class="col-sm-3 control-label" for="server_crt">Server CRT file</label>
<div class="col-sm-9">
<input type="text" id="server_crt" required name="server_crt" title="Server CRT file" class="form-control" placeholder="Server CRT file">
</div>
</div>
<div class="form-group col-md-12 col-sm-12">
<label class="col-sm-3 control-label" for="login_redirect_url">Login Redirect URL</label>
<div class="col-sm-9">
<input type="text" id="login_redirect_url" required name="login_redirect_url" title="Redirect Redirect URL" class="form-control" placeholder="URL to redirect to after a successful login">
</div>
</div>
<div class="form-group col-md-12 col-sm-12">
<label class="col-sm-3 control-label" for="logout_url">Logout URL</label>
<div class="col-sm-9">
<input type="text" id="logout_url" required name="logout_url" title="Logout URL" class="form-control" placeholder="Logout URL">
</div>
</div>
<div class="form-group col-md-12 col-sm-12">
<label class="col-sm-3 control-label" for="logout_redirect_url">Logout Redirect URL</label>
<div class="col-sm-9">
<input type="text" id="logout_redirect_url" required name="logout_redirect_url" title="Logout Redirect URL" class="form-control" placeholder="URL to redirect to after a successful logout">
</div>
</div>
</div>
</div>
</div>
<div class="form-group col-lg-3 col-md-3 col-sm-4">
<button class="btn btn-lg btn-primary btn-block" type="button" id="save">
<i class="fa fa-save"></i> Save Settings
</button>
</div>
</div>
</div>
</form>
<button class="btn btn-lg btn-primary" id="save">Save</button>
<script>
require(['forum/admin/settings'], function(Settings) {
Settings.prepare();
require(['settings'], function(Settings) {
Settings.load('sso-saml', $('.saml-settings'));
$('#save').on('click', function() {
Settings.save('sso_saml', $('.saml-settings'));
});
});
</script>