UNPKG

wsfed

Version:

WSFed server middleware

github.com/auth0/node-wsfed

auth0/node-wsfed

113 lines (100 loc) 3.46 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
//shorthands claims namespaces var fm = { 'nameIdentifier': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier', 'email': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress', 'name': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name', 'givenname': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname', 'surname': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname', 'upn': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn', 'groups': 'http://schemas.xmlsoap.org/claims/Group' }; /** * * Passport User Profile Mapper * * A class to map passport.js user profile to a wsfed claims based identity. * * Passport Profile: * http://passportjs.org/guide/profile/ * * Claim Types: * http://msdn.microsoft.com/en-us/library/microsoft.identitymodel.claims.claimtypes_members.aspx * * @param {Object} pu Passport.js user profile */ function PassportProfileMapper (pu) { if(!(this instanceof PassportProfileMapper)) { return new PassportProfileMapper(pu); } this._pu = pu; } /** * map passport.js user profile to a wsfed claims based identity. * * @return {Object} WsFederation claim identity */ PassportProfileMapper.prototype.getClaims = function () { var claims = {}; claims[fm.nameIdentifier] = this._pu.id; if(Array.isArray(this._pu.emails) && this._pu.emails[0]) { claims[fm.email] = this._pu.emails[0].value; } claims[fm.name] = this._pu.displayName; if (this._pu.name) { claims[fm.givenname] = this._pu.name.givenName; claims[fm.surname] = this._pu.name.familyName; } var dontRemapAttributes = ['emails', 'displayName', 'name', 'id', '_json']; Object.keys(this._pu).filter(function (k) { return !~dontRemapAttributes.indexOf(k); }).forEach(function (k) { claims['http://schemas.passportjs.com/' + k] = this._pu[k]; }.bind(this)); return claims; }; /** * returns the nameidentifier for the saml token. * * @return {Object} object containing a nameIdentifier property and optional nameIdentifierFormat. */ PassportProfileMapper.prototype.getNameIdentifier = function () { var claims = this.getClaims(); return { nameIdentifier: claims[fm.nameIdentifier] || claims[fm.name] || claims[fm.emailaddress] }; }; /** * claims metadata used in the metadata endpoint. * * @param {Object} pu Passport.js profile * @return {[type]} WsFederation claim identity */ PassportProfileMapper.prototype.metadata = [ { id: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", optional: true, displayName: 'E-Mail Address', description: 'The e-mail address of the user' }, { id: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname", optional: true, displayName: 'Given Name', description: 'The given name of the user' }, { id: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name", optional: true, displayName: 'Name', description: 'The unique name of the user' }, { id: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname", optional: true, displayName: 'Surname', description: 'The surname of the user' }, { id: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", optional: true, displayName: 'Name ID', description: 'The SAML name identifier of the user' }]; module.exports = PassportProfileMapper;