Enhancement: Add auth-saml2 support.

2025-10-04 10:19:30 +02:00 · 2016-01-03 21:56:02 +09:00 · 2016-01-03 21:56:02 +09:00 · 059213546e
commit 059213546e
parent 35e43d48d3
4 changed files with 175 additions and 2 deletions
--- a/lib/cli.js
+++ b/lib/cli.js
@ -482,6 +482,63 @@ program
    })
  })

+  program
+    .command('auth-saml2')
+    .description('start SAML 2.0 auth client')
+    .option('-p, --port <port>'
+      , 'port (or $PORT)'
+      , Number
+      , process.env.PORT || 7120)
+    .option('-s, --secret <secret>'
+      , 'secret (or $SECRET)'
+      , String
+      , process.env.SECRET)
+    .option('-i, --ssid <ssid>'
+      , 'session SSID (or $SSID)'
+      , String
+      , process.env.SSID || 'ssid')
+    .option('-a, --app-url <url>'
+      , 'URL to app'
+      , String)
+    .option('--saml-id-provider-entry-point-url <url>'
+      , 'SAML 2.0 identity provider URL (or $SAML_ID_PROVIDER_ENTRY_POINT_URL)'
+      , String
+      , process.env.SAML_ID_PROVIDER_ENTRY_POINT_URL)
+    .option('--saml-id-provider-issuer <issuer>'
+      , 'SAML 2.0 identity provider issuer (or $SAML_ID_PROVIDER_ISSUER)'
+      , String
+      , process.env.SAML_ID_PROVIDER_ISSUER)
+    .option('--saml-id-provider-cert-path <path>'
+      , 'SAML 2.0 identity provider certificate file path (or $SAML_ID_PROVIDER_CERT_PATH)'
+      , String
+      , process.env.SAML_ID_PROVIDER_CERT_PATH)
+    .action(function(options) {
+      if (!options.secret) {
+        this.missingArgument('--secret')
+      }
+      if (!options.appUrl) {
+        this.missingArgument('--app-url')
+      }
+      if (!options.samlIdProviderEntryPointUrl) {
+        this.missingArgument('--saml-id-provider-entry-point-url')
+      }
+      if (!options.samlIdProviderIssuer) {
+        this.missingArgument('--saml-id-provider-issuer')
+      }
+
+      require('./units/auth/saml2')({
+        port: options.port
+      , secret: options.secret
+      , ssid: options.ssid
+      , appUrl: options.appUrl
+      , saml: {
+          entryPoint: options.samlIdProviderEntryPointUrl
+        , issuer: options.samlIdProviderIssuer
+        , certPath: options.samlIdProviderCertPath
+        }
+      })
+    })
+
 program
  .command('auth-mock')
  .description('start mock auth client')
@ -918,7 +975,7 @@ program
    , 'device pull endpoint'
    , String
    , 'tcp://127.0.0.1:7116')
-  .option('--auth-type <mock|ldap|oauth2>'
+  .option('--auth-type <mock|ldap|oauth2|saml2>'
    , 'auth type'
    , String
    , 'mock')
@ -1099,7 +1156,7 @@ program
              'http://%s:%d/auth/%s/'
            , options.publicIp
            , options.poorxyPort
-            , ({oauth2: 'oauth'}[options.authType]) || options.authType
+            , ({oauth2: 'oauth', saml2: 'saml'}[options.authType]) || options.authType
            )
          , '--websocket-url', util.format(
              'http://%s:%d/'