@maderaunified/musd-saml
Madera Unified SAML Implementation
Install
$ npm install @maderaunified/musd-saml
Usage
const musdSAML = require("@maderaunified/musd-saml");
const app = express();
// Express Setup
musdSAML.init( app );
// Create Server, etc.
Methods
init( app, [userModel] )
Use init to instantiate all routes and initiate SAML strategies. Profile is object returned to service provider. Application can define it's own object to send to the client
const userModel = ( profile, done ) =>
done( null, {
email : profile.nameID,
employeeType : profile.employeeType,
employeeNumber : profile.employeeNumber
} );
musdSAML.init( app, userModel );
isAuth( req )
Returns boolean value as to whether the user is logged in
router.get(
'/route',
( req, res ) => {
if ( isAuth( req ) ) {
res.render(
config.routes.appView,
{
user : req.user
}
);
}
else {
res.render(
config.routes.appView,
{
user : null
}
);
}
}
);
Environment Variables
Required
- APP_ROUTE - Home page route for application ( Can be url if API and Client are separate )
- default : '/'
- SAML_ISSUER - Accessing URL. Change to be application specific
- default : 'https://localhost.madera.k12.ca.us:3000'
- HOST - URL for callback
- default : 'localhost.madera.k12.ca.us:3000'
- PROTOCOL - Protocol for callback
- default - http://
- KEY_PATH - local path to Madera Certificate Key
- PUB_KEY_PATH - local path to Madera Public Certificate
- LDAP_PATH - URL to Madera AD Server
- LDAP_BASEDN - BASE DN for Madera LDAP Server
- LDAP_USERNAME - User with access to Madera LDAP Server
- LDAP_PASSWORD - Password for user to Madera LDAP Server
Optional
-
APP_VIEW - view to load for app route
- default : 'index'
-
LOGIN_ROUTE - Route for login. Recommend not change
- default : '/login'
-
LOGOUT_ROUTE - Route used for logout. Recommend not change
- default : '/logout'
-
USER_ROUTE - Route to access user information
- default : '/user'
-
USER_VIEW - View to load for user route
- default : 'user'
-
SAML_PATH - Callback point for SAML provider. Recommend not change
- default : '/login/callback'
-
SAML_ENTRY_POINT - Identity Provider Entry Point. Recommend not change
-
SAML_LOGOUT_URL - Identity Provider Logout Point. Recommend not change
- default : 'https://selfservice.madera.k12.ca.us/idp/logout'
-
IDENTIFIER_FORMAT - nameID format. Recommend not change
- default : 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified'