0.0.2 • Published 6 years ago

node-wsfed-idp v0.0.2

Weekly downloads
6
License
ISC
Repository
github
Last release
6 years ago

node-wsfed-idp

Created to 'impersonate' all the functions of an AD FS Server.

Usage

var wsfed = require('node-wsfed-idp').WSFed;
var config = require('read-config')(path.join(__dirname, 'config.json'));
var fs = require('fs');
var moment = require('moment');

var SigningCert = fs.readFileSync(path.join(__dirname, config.federation.certs.tokensigningcert));
var SigningKey = fs.readFileSync(path.join(__dirname, config.federation.certs.tokensigningkey));

var timeout = config.federation.timeout;

var wsfedIssuer = config.federation.issuer;

function GetWsfedToken(query, AttrUserName, AttrUserPrincipal, AttrDisplayname, AttrUserRole, wa, wtrealm, wctx) {
  try {

  var relyingpartners = config.federation
  var EndPointfilter = jsonQuery('relyingpartners[name=' + wtrealm + '].options.endpoints.url', { data: relyingpartners})
  var endPoint = EndPointfilter.value

    /* Generate WSFed Assertion.  These attributes are
       configured previously in the code.
       cert: this is the cert used for encryption
       key: this is the key used for the cert
       issuer: the assertion issuer
       lifetimeInSeconds: timeout
       audiences: this is the application ID for sharepoint, urn:sharepoint:webapp
       attributes:  these should map to the mappings created for the IDP in SharePoint
       */

  var wsfed_options = {
    wsaAddress: wtrealm,
    cert: SigningCert,
    key: SigningKey,
    issuer: wsfedIssuer,
    lifetimeInSeconds: timeout,
    audiences: wtrealm,
    attributes: {
      'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress': AttrUserName,
      'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn': AttrUserPrincipal,
      'http://schemas.microsoft.com/ws/2008/06/identity/claims/role': AttrUserRole,
      'http://schemas.microsoft.com/ws/2008/06/identity/claims/userdata': AttrDisplayname
    }
  }
      /* Sign the Assertion */
  var signedAssertion = wsfed.create(wsfed_options)

  } catch (e) {
    res.reply("error: " + e.message + ", stack: " + e.stack);
    return;
  }
  return signedAssertion;
}

TODO

Working on adding Ws-Trust support. FederationMetadata is mostly complete, endpoints currently have to be changed in federationmetadata.template, but this will be dynamic in later code updates.

Release History

  • 0.0.1 Initial functional release
asynccryptofsmomentmoment-timezonepathxml-cryptoxml-encryptionxmldom
@infinitebrahmanuniverse/nolb-node-w@everything-registry/sub-chunk-2320
0.0.2

6 years ago

0.0.1

6 years ago