This is a SAML 2.0 authentication provider for applications, service providers, and IdP for Node.js
npm install saml-login
The SAML identity provider will redirect you to the URL provided by the path configuration.
const { SAML } = require("saml-login"); const saml = new SAML(); const options = { /** The provider's SSO URL. Where to direct the user to login and verify their identity. */ providerSingleSignOnUrl: 'string', /** A unique ID generated for the request which can be used to verify later that the response is valid. If not specified an ID will be generated automatically. */ authenticationRequestId: 'string', /** The date of the request, later this date will be used to verify the response, if it is not provided here, it will automatically generated. */ requestTimestamp: new Date(), /** Your application's entity Id, should be a fully qualified URL, and must match the application entityId specified to the IdP. */ applicationEntityId: 'string', /** Your application's ACS SSO callback URL and must match the one registered with the IdP. This URL will receive the response from the IdP and must return a 302. */ applicationCallbackAssertionConsumerServiceUrl: 'string', }; const idpAuthenticationUrl = await saml.generateAuthenticationUrl(options);
const { SAML } = require("saml-login"); const saml = new SAML(); const options = { /** Identity provider public certificate to use for verifying the signature of the SAML Response. */ providerCertificate: 'string', /** Your application's entity Id, should be a fully qualified URL, and must match the application entityId specified to the IdP, used to verify the response. */ applicationEntityId: 'string' }; const { authenticationRequestId } = await saml.getSamlAssertionMetadata(request.body); const { profile } = await saml.validatePostResponse(options, request.body);
When the user is already logged into your application, and you want to log the user into a third party using their existing authentication. This generates the SAML Payload and URL to redirect the user to
const { SAML } = require("saml-login"); const saml = new SAML(); const options = { /** Your platforms IdP Entity ID or URL */ issuerEntityId: 'https://my.idp.com', /** Your private key to sign the delegation request. */ privateKey: '----BEGIN PRIVATE KEY...', /** Your application's entity Id, should be a fully qualified URL, and must match the application entityId specified to the IdP. */ applicationEntityId: 'https://thirdpart.application.com/', /** Your application's ACS SSO callback URL and must match the one registered with the IdP. This URL will receive the response from the IdP and must return a 302. */ applicationAssertionConsumerServiceUrl: 'https://thirdpart.application.com/saml', /** The relevant user that wants to log into the third party application. */ userId: 'user_id' }; const spDelegationUrl = await saml.generateDelegationUrl(options);
See Changelog