UNPKG

@pagopa/io-spid-commons

Version:

Common code for integrating SPID authentication

29 lines (28 loc) 2.52 kB
import * as express from "express"; import { TaskEither } from "fp-ts/lib/TaskEither"; import { AuthenticateOptions, AuthorizeOptions, SamlConfig, VerifyWithoutRequest, VerifyWithRequest } from "passport-saml"; import { Strategy as SamlStrategy } from "passport-saml"; import { RedisClientType, RedisClusterType } from "redis"; import { MultiSamlConfig } from "passport-saml/multiSamlStrategy"; import { DoneCallbackT, IExtraLoginRequestParamConfig } from ".."; import { ILollipopParams } from "../types/lollipop"; import { IExtendedCacheProvider } from "./redis_cache_provider"; export type XmlTamperer = (xml: string) => TaskEither<Error, string>; export type XmlAuthorizeTamperer = (xml: string, lollipopParams?: ILollipopParams) => TaskEither<Error, string>; export type PreValidateResponseDoneCallbackT<T extends Record<string, unknown>> = (request: string, response: string, extraLoginRequestParams?: T) => void; export type PreValidateResponseT<T extends Record<string, unknown>> = (samlConfig: SamlConfig, body: unknown, extendedRedisCacheProvider: IExtendedCacheProvider<T>, doneCb: PreValidateResponseDoneCallbackT<T> | undefined, callback: (err: Error | null, isValid?: boolean, InResponseTo?: string) => void) => void; export declare class SpidStrategy<T extends Record<string, unknown>> extends SamlStrategy { private readonly options; private readonly getSamlOptions; private readonly redisClient; private readonly tamperAuthorizeRequest?; private readonly tamperMetadata?; private readonly preValidateResponse?; private readonly doneCb?; private readonly extraLoginRequestParamConfig?; private readonly extendedRedisCacheProvider; constructor(options: SamlConfig, getSamlOptions: MultiSamlConfig["getSamlOptions"], verify: VerifyWithRequest | VerifyWithoutRequest, redisClient: RedisClientType | RedisClusterType, tamperAuthorizeRequest?: XmlAuthorizeTamperer | undefined, tamperMetadata?: XmlTamperer | undefined, preValidateResponse?: PreValidateResponseT<T> | undefined, doneCb?: DoneCallbackT<T> | undefined, extraLoginRequestParamConfig?: IExtraLoginRequestParamConfig<T> | undefined); authenticate(req: express.Request, options: AuthenticateOptions | AuthorizeOptions): void; logout(req: express.Request, callback: (err: Error | null, url?: string) => void): void; generateServiceProviderMetadataAsync(req: express.Request, decryptionCert: string | null, signingCert: string | null, callback: (err: Error | null, metadata?: string) => void): void; }