1 |
|
2 | import * as querystring from "querystring";
|
3 | import { CacheProvider as InMemoryCacheProvider } from "./inmemory-cache-provider";
|
4 | import { ParsedQs } from "qs";
|
5 | import { SamlOptions } from "./types";
|
6 | import { AuthenticateOptions, AuthorizeOptions, Profile, SamlConfig } from "../passport-saml/types";
|
7 | interface NameID {
|
8 | value: string | null;
|
9 | format: string | null;
|
10 | }
|
11 | declare class SAML {
|
12 | options: SamlOptions;
|
13 | cacheProvider: InMemoryCacheProvider;
|
14 | constructor(ctorOptions: SamlConfig);
|
15 | initialize(ctorOptions: SamlConfig): SamlOptions;
|
16 | private getCallbackUrl;
|
17 | _generateUniqueID(): string;
|
18 | private generateInstant;
|
19 | private signRequest;
|
20 | private generateAuthorizeRequestAsync;
|
21 | _generateLogoutRequest(user: Profile): Promise<string>;
|
22 | _generateLogoutResponse(logoutRequest: Profile): string;
|
23 | _requestToUrlAsync(request: string | null | undefined, response: string | null, operation: string, additionalParameters: querystring.ParsedUrlQuery): Promise<string>;
|
24 | _getAdditionalParams(RelayState: string, operation: string, overrideParams?: querystring.ParsedUrlQuery): querystring.ParsedUrlQuery;
|
25 | getAuthorizeUrlAsync(RelayState: string, host: string | undefined, options: AuthorizeOptions): Promise<string>;
|
26 | getAuthorizeFormAsync(RelayState: string, host?: string): Promise<string>;
|
27 | getLogoutUrlAsync(user: Profile, RelayState: string, options: AuthenticateOptions & AuthorizeOptions): Promise<string>;
|
28 | getLogoutResponseUrl(samlLogoutRequest: Profile, RelayState: string, options: AuthenticateOptions & AuthorizeOptions, callback: (err: Error | null, url?: string | null) => void): void;
|
29 | private getLogoutResponseUrlAsync;
|
30 | _certToPEM(cert: string): string;
|
31 | private certsToCheck;
|
32 | validateSignature(fullXml: string, currentNode: Element, certs: string[]): boolean;
|
33 | validatePostResponseAsync(container: Record<string, string>): Promise<{
|
34 | profile?: Profile | null;
|
35 | loggedOut?: boolean;
|
36 | }>;
|
37 | private validateInResponseTo;
|
38 | validateRedirectAsync(container: ParsedQs, originalQuery: string | null): Promise<{
|
39 | profile?: Profile | null;
|
40 | loggedOut?: boolean;
|
41 | }>;
|
42 | private hasValidSignatureForRedirect;
|
43 | private validateSignatureForRedirect;
|
44 | private verifyLogoutRequest;
|
45 | private verifyLogoutResponse;
|
46 | private verifyIssuer;
|
47 | private processValidlySignedAssertionAsync;
|
48 | private checkTimestampsValidityError;
|
49 | private checkAudienceValidityError;
|
50 | validatePostRequestAsync(container: Record<string, string>): Promise<{
|
51 | profile?: Profile;
|
52 | loggedOut?: boolean;
|
53 | }>;
|
54 | _getNameIdAsync(self: SAML, doc: Node): Promise<NameID>;
|
55 | generateServiceProviderMetadata(decryptionCert: string | null, signingCert?: string | null): string;
|
56 | _keyToPEM(key: string | Buffer): typeof key extends string | Buffer ? string | Buffer : Error;
|
57 | |
58 |
|
59 |
|
60 |
|
61 |
|
62 |
|
63 |
|
64 |
|
65 |
|
66 | private processMaxAgeAssertionTime;
|
67 | |
68 |
|
69 |
|
70 |
|
71 |
|
72 |
|
73 |
|
74 |
|
75 | private dateStringToTimestamp;
|
76 | }
|
77 | export { SAML };
|