mirror of
https://github.com/openstf/stf
synced 2025-10-03 09:49:17 +02:00
73 lines
2.2 KiB
JavaScript
73 lines
2.2 KiB
JavaScript
module.exports.command = 'auth-saml2'
|
|
|
|
module.exports.describe = 'Start a SAML 2.0 auth unit.'
|
|
|
|
module.exports.builder = function(yargs) {
|
|
return yargs
|
|
.env('STF_AUTH_SAML2')
|
|
.strict()
|
|
.option('app-url', {
|
|
alias: 'a'
|
|
, describe: 'URL to the app unit.'
|
|
, type: 'string'
|
|
, demand: true
|
|
})
|
|
.option('port', {
|
|
alias: 'p'
|
|
, describe: 'The port to bind to.'
|
|
, type: 'number'
|
|
, default: process.env.PORT || 7120
|
|
})
|
|
.option('saml-id-provider-entry-point-url', {
|
|
describe: 'SAML 2.0 identity provider URL.'
|
|
, type: 'string'
|
|
, default: process.env.SAML_ID_PROVIDER_ENTRY_POINT_URL
|
|
, demand: true
|
|
})
|
|
.option('saml-id-provider-issuer', {
|
|
describe: 'SAML 2.0 identity provider issuer.'
|
|
, type: 'string'
|
|
, default: process.env.SAML_ID_PROVIDER_ISSUER
|
|
, demand: true
|
|
})
|
|
.option('saml-id-provider-cert-path', {
|
|
describe: 'SAML 2.0 identity provider certificate file path.'
|
|
, type: 'string'
|
|
, default: process.env.SAML_ID_PROVIDER_CERT_PATH
|
|
})
|
|
.option('secret', {
|
|
alias: 's'
|
|
, describe: 'The secret to use for auth JSON Web Tokens. Anyone who ' +
|
|
'knows this token can freely enter the system if they want, so keep ' +
|
|
'it safe.'
|
|
, type: 'string'
|
|
, default: process.env.SECRET
|
|
, demand: true
|
|
})
|
|
.option('ssid', {
|
|
alias: 'i'
|
|
, describe: 'The name of the session ID cookie.'
|
|
, type: 'string'
|
|
, default: process.env.SSID || 'ssid'
|
|
})
|
|
.epilog('Each option can be be overwritten with an environment variable ' +
|
|
'by converting the option to uppercase, replacing dashes with ' +
|
|
'underscores and prefixing it with `STF_AUTH_SAML2_` (e.g. ' +
|
|
'`STF_AUTH_SAML2_SECRET`). Legacy environment variables like ' +
|
|
'SAML_ID_PROVIDER_ISSUER are still accepted, too, but consider them ' +
|
|
'deprecated.')
|
|
}
|
|
|
|
module.exports.handler = function(argv) {
|
|
return require('../../units/auth/saml2')({
|
|
port: argv.port
|
|
, secret: argv.secret
|
|
, ssid: argv.ssid
|
|
, appUrl: argv.appUrl
|
|
, saml: {
|
|
entryPoint: argv.samlIdProviderEntryPointUrl
|
|
, issuer: argv.samlIdProviderIssuer
|
|
, certPath: argv.samlIdProviderCertPath
|
|
}
|
|
})
|
|
}
|