0.0.2 • Published 6 years ago
node-wsfed-idp v0.0.2
node-wsfed-idp
Created to 'impersonate' all the functions of an AD FS Server.
Usage
var wsfed = require('node-wsfed-idp').WSFed;
var config = require('read-config')(path.join(__dirname, 'config.json'));
var fs = require('fs');
var moment = require('moment');
var SigningCert = fs.readFileSync(path.join(__dirname, config.federation.certs.tokensigningcert));
var SigningKey = fs.readFileSync(path.join(__dirname, config.federation.certs.tokensigningkey));
var timeout = config.federation.timeout;
var wsfedIssuer = config.federation.issuer;
function GetWsfedToken(query, AttrUserName, AttrUserPrincipal, AttrDisplayname, AttrUserRole, wa, wtrealm, wctx) {
try {
var relyingpartners = config.federation
var EndPointfilter = jsonQuery('relyingpartners[name=' + wtrealm + '].options.endpoints.url', { data: relyingpartners})
var endPoint = EndPointfilter.value
/* Generate WSFed Assertion. These attributes are
configured previously in the code.
cert: this is the cert used for encryption
key: this is the key used for the cert
issuer: the assertion issuer
lifetimeInSeconds: timeout
audiences: this is the application ID for sharepoint, urn:sharepoint:webapp
attributes: these should map to the mappings created for the IDP in SharePoint
*/
var wsfed_options = {
wsaAddress: wtrealm,
cert: SigningCert,
key: SigningKey,
issuer: wsfedIssuer,
lifetimeInSeconds: timeout,
audiences: wtrealm,
attributes: {
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress': AttrUserName,
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn': AttrUserPrincipal,
'http://schemas.microsoft.com/ws/2008/06/identity/claims/role': AttrUserRole,
'http://schemas.microsoft.com/ws/2008/06/identity/claims/userdata': AttrDisplayname
}
}
/* Sign the Assertion */
var signedAssertion = wsfed.create(wsfed_options)
} catch (e) {
res.reply("error: " + e.message + ", stack: " + e.stack);
return;
}
return signedAssertion;
}
TODO
Working on adding Ws-Trust support. FederationMetadata is mostly complete, endpoints currently have to be changed in federationmetadata.template, but this will be dynamic in later code updates.
Release History
- 0.0.1 Initial functional release