1 | # @maderaunified/musd-saml
|
2 |
|
3 | Madera Unified SAML Implementation
|
4 |
|
5 | ## Install
|
6 |
|
7 | ```
|
8 | $ npm install @maderaunified/musd-saml
|
9 | ```
|
10 |
|
11 | ## Usage
|
12 |
|
13 | ```js
|
14 | const musdSAML = require("@maderaunified/musd-saml");
|
15 |
|
16 | const app = express();
|
17 |
|
18 | // Express Setup
|
19 |
|
20 | musdSAML.init( app );
|
21 |
|
22 | // Create Server, etc.
|
23 | ```
|
24 |
|
25 | ## Methods
|
26 | ### init( app, [userModel] )
|
27 | Use init to instantiate all routes and initiate SAML strategies. Profile is object returned to service provider. Application can define it's own object to send to the client
|
28 |
|
29 | ```js
|
30 | const userModel = ( profile, done ) =>
|
31 | done( null, {
|
32 | email : profile.nameID,
|
33 | employeeType : profile.employeeType,
|
34 | employeeNumber : profile.employeeNumber
|
35 | } );
|
36 |
|
37 | musdSAML.init( app, userModel );
|
38 | ```
|
39 |
|
40 | ### isAuth( req )
|
41 | Returns boolean value as to whether the user is logged in
|
42 | ```js
|
43 | router.get(
|
44 | '/route',
|
45 | ( req, res ) => {
|
46 | if ( isAuth( req ) ) {
|
47 | res.render(
|
48 | config.routes.appView,
|
49 | {
|
50 | user : req.user
|
51 | }
|
52 | );
|
53 | }
|
54 | else {
|
55 | res.render(
|
56 | config.routes.appView,
|
57 | {
|
58 | user : null
|
59 | }
|
60 | );
|
61 | }
|
62 | }
|
63 | );
|
64 | ```
|
65 |
|
66 | ## Environment Variables
|
67 | - APP_ROUTE - Home page route for application
|
68 | - default : '/'
|
69 | - APP_VIEW - view to load for app route
|
70 | - default : 'index'
|
71 | - LOGIN_ROUTE - Route for login. Recommend not change
|
72 | - default : '/login'
|
73 | - LOGOUT_ROUTE - Route used for logout. Recommend not change
|
74 | - default : '/logout'
|
75 | - USER_ROUTE - Route to access user information
|
76 | - default : '/user'
|
77 | - USER_VIEW - View to load for user route
|
78 | - default : 'user'
|
79 | - SAML_PATH - Callback point for SAML provider. Recommend not change
|
80 | - default : '/login/callback'
|
81 | - SAML_ENTRY_POINT - Identity Provider Entry Point. Recommend not change
|
82 | - default : 'https://selfservice.madera.k12.ca.us/idp/profile/SAML2/Redirect/SSO'
|
83 | - SAML_LOGOUT_URL - Identity Provider Logout Point. Recommend not change
|
84 | - default : 'https://selfservice.madera.k12.ca.us/idp/logout'
|
85 | - SAML_ISSUER - Accessing URL. Change to be application specific
|
86 | - default : 'https://localhost.madera.k12.ca.us:3000'
|
87 | - IDENTIFIER_FORMAY - nameID format. Recommend not change
|
88 | - default : 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified'
|