58 lines
2.9 KiB
TypeScript
58 lines
2.9 KiB
TypeScript
/// <reference types="node" />
|
|
import * as querystring from "querystring";
|
|
import { CacheProvider as InMemoryCacheProvider } from "./inmemory-cache-provider";
|
|
import { ParsedQs } from "qs";
|
|
import { SamlOptions } from "./types";
|
|
import { AuthenticateOptions, AuthorizeOptions, Profile, SamlConfig } from "../passport-saml/types";
|
|
interface NameID {
|
|
value: string | null;
|
|
format: string | null;
|
|
}
|
|
declare class SAML {
|
|
options: SamlOptions;
|
|
cacheProvider: InMemoryCacheProvider;
|
|
constructor(ctorOptions: SamlConfig);
|
|
initialize(ctorOptions: SamlConfig): SamlOptions;
|
|
private getCallbackUrl;
|
|
_generateUniqueID(): string;
|
|
private generateInstant;
|
|
private signRequest;
|
|
private generateAuthorizeRequestAsync;
|
|
_generateLogoutRequest(user: Profile): Promise<string>;
|
|
_generateLogoutResponse(logoutRequest: Profile): string;
|
|
_requestToUrlAsync(request: string | null | undefined, response: string | null, operation: string, additionalParameters: querystring.ParsedUrlQuery): Promise<string>;
|
|
_getAdditionalParams(RelayState: string, operation: string, overrideParams?: querystring.ParsedUrlQuery): querystring.ParsedUrlQuery;
|
|
getAuthorizeUrlAsync(RelayState: string, host: string | undefined, options: AuthorizeOptions): Promise<string>;
|
|
getAuthorizeFormAsync(RelayState: string, host?: string): Promise<string>;
|
|
getLogoutUrlAsync(user: Profile, RelayState: string, options: AuthenticateOptions & AuthorizeOptions): Promise<string>;
|
|
getLogoutResponseUrl(samlLogoutRequest: Profile, RelayState: string, options: AuthenticateOptions & AuthorizeOptions, callback: (err: Error | null, url?: string | null) => void): void;
|
|
private getLogoutResponseUrlAsync;
|
|
_certToPEM(cert: string): string;
|
|
private certsToCheck;
|
|
validateSignature(fullXml: string, currentNode: Element, certs: string[]): boolean;
|
|
validatePostResponseAsync(container: Record<string, string>): Promise<{
|
|
profile?: Profile | null;
|
|
loggedOut?: boolean;
|
|
}>;
|
|
private validateInResponseTo;
|
|
validateRedirectAsync(container: ParsedQs, originalQuery: string | null): Promise<{
|
|
profile?: Profile | null;
|
|
loggedOut?: boolean;
|
|
}>;
|
|
private hasValidSignatureForRedirect;
|
|
private validateSignatureForRedirect;
|
|
private verifyLogoutRequest;
|
|
private verifyLogoutResponse;
|
|
private verifyIssuer;
|
|
private processValidlySignedAssertionAsync;
|
|
private checkTimestampsValidityError;
|
|
private checkAudienceValidityError;
|
|
validatePostRequestAsync(container: Record<string, string>): Promise<{
|
|
profile?: Profile;
|
|
loggedOut?: boolean;
|
|
}>;
|
|
_getNameIdAsync(self: SAML, doc: Node): Promise<NameID>;
|
|
generateServiceProviderMetadata(decryptionCert: string | null, signingCert?: string | null): string;
|
|
_keyToPEM(key: string | Buffer): typeof key extends string | Buffer ? string | Buffer : Error;
|
|
}
|
|
export { SAML };
|