This package has been deprecated

    Author message:

    express-saml2 was renamed to samlify

    express-saml2

    1.4.1 • Public • Published

    express-saml2 · Build Status npm version Join the chat at https://gitter.im/tngan/express-saml2

    High-level API for Single Sign On (SAML 2.0)

    Description

    This module provides high-level API for scalable Single Sign On (SSO) implementation. Developers can easily configure the Service Providers and Identity Providers by importing the corresponding metadata. SAML2.0 provides a standard guide but leaves a lot of options, so we provide a simple interface that's highly configurable.

    Installation

    To install the stable version

    $ npm install express-saml2

    Integrations

    Get Started

    var saml = require('express-saml2');

    See full documentation here

    Support algorithms

    Signature algorithms

    Data encryption algorithms

    Key encryption algorithms

    Demo

    In the /examples folder, there are three entities (1 IdP and 2 SPs). They are at port 3001, 4002 and 4003.

    Without using Single Sign On, users have to remember several pairs of username/password in order to log into different internal applications.

    normal-login

    SAML proposes two ways to initiate Single Sign On, they are respectively Service Provider Initiated SSO and Identity Provider Initiated SSO. In SP-initated SSO, the user attempts to access SP but their federated identity is authenticated by IdP, so they first have to log on IdP, then IdP sends back a SAML assertion response to SP, and finally SP creates a session to user in order to access the resources.

    spinit-sso

    In the approach of IdP-initated SSO, IdP provides links which refers to the resources in service providers. In this use case, users don't need to visit SP first.

    idpinit-sso

    IdP-initiated Single Logout is also provided and relied on relay state. IdP provides a link refers to the single logout endpoints in one of those participated service providers (SP1). The selected SP sends back a logout response to IdP with relay state which is the logout endpoint URL of next participated service provider (SP2), user finally log out IdP when all participated SP is logged out.

    idpinit-slo

    Talks

    An introduction to Single Sign On

    License

    MIT

    Copyright

    Copyright (C) 2016-2017 Tony Ngan, released under the MIT License.

    Install

    npm i express-saml2

    DownloadsWeekly Downloads

    596

    Version

    1.4.1

    License

    MIT

    Last publish

    Collaborators

    • tngan