Merge remote-tracking branch 'xo-server-auth-saml/master'

2017-01-13 14:00:33 +01:00 · 2017-01-13 14:00:33 +01:00 · 80ffd811c9
commit 80ffd811c9
parent 56b583fc99 7e2f2f6102
7 changed files with 294 additions and 0 deletions
--- a/packages/xo-server-auth-saml/.editorconfig
+++ b/packages/xo-server-auth-saml/.editorconfig
@ -0,0 +1,65 @@
+# http://EditorConfig.org
+#
+# Julien Fontanet's configuration
+# https://gist.github.com/julien-f/8096213
+
+# Top-most EditorConfig file.
+root = true
+
+# Common config.
+[*]
+charset = utf-8
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespaces = true
+
+# CoffeeScript
+#
+# https://github.com/polarmobile/coffeescript-style-guide/blob/master/README.md
+[*.{,lit}coffee]
+indent_size = 2
+indent_style = space
+
+# Markdown
+[*.{md,mdwn,mdown,markdown}]
+indent_size = 4
+indent_style = space
+
+# Package.json
+#
+# This indentation style is the one used by npm.
+[/package.json]
+indent_size = 2
+indent_style = space
+
+# Jade
+[*.jade]
+indent_size = 2
+indent_style = space
+
+# JavaScript
+#
+# Two spaces seems to be the standard most common style, at least in
+# Node.js (http://nodeguide.com/style.html#tabs-vs-spaces).
+[*.{js,jsx,ts,tsx}]
+indent_size = 2
+indent_style = space
+
+# Less
+[*.less]
+indent_size = 2
+indent_style = space
+
+# Sass
+#
+# Style used for http://libsass.com
+[*.s[ac]ss]
+indent_size = 2
+indent_style = space
+
+# YAML
+#
+# Only spaces are allowed.
+[*.yaml]
+indent_size = 2
+indent_style = space
--- a/packages/xo-server-auth-saml/.gitignore
+++ b/packages/xo-server-auth-saml/.gitignore
@ -0,0 +1,7 @@
+/dist/
+/node_modules/
+
+npm-debug.log
+npm-debug.log.*
+pnpm-debug.log
+pnpm-debug.log.*
--- a/packages/xo-server-auth-saml/.npmignore
+++ b/packages/xo-server-auth-saml/.npmignore
@ -0,0 +1,10 @@
+/examples/
+example.js
+example.js.map
+*.example.js
+*.example.js.map
+
+/test/
+/tests/
+*.spec.js
+*.spec.js.map
--- a/packages/xo-server-auth-saml/.travis.yml
+++ b/packages/xo-server-auth-saml/.travis.yml
@ -0,0 +1,9 @@
+language: node_js
+node_js:
+  - 'stable'
+  - '6'
+  - '4'
+
+# Use containers.
+# http://docs.travis-ci.com/user/workers/container-based-infrastructure/
+sudo: false
--- a/packages/xo-server-auth-saml/README.md
+++ b/packages/xo-server-auth-saml/README.md
@ -0,0 +1,63 @@
+# xo-server-auth-saml [![Build Status](https://travis-ci.org/vatesfr/xo-server-auth-saml.png?branch=master)](https://travis-ci.org/vatesfr/xo-server-auth-saml)
+
+> SAML authentication plugin for XO-Server
+
+This plugin allows SAML users to authenticate to Xen-Orchestra.
+
+The first time a user signs in, XO will create a new XO user with the
+same identifier.
+
+## Install
+
+Installation of the [npm package](https://npmjs.org/package/xo-server-auth-saml):
+
+```
+> npm install --global xo-server-auth-saml
+```
+
+## Usage
+
+> This plugin is based on [passport-saml](https://github.com/bergie/passport-saml),
+> see [its documentation](https://github.com/bergie/passport-saml#configure-strategy)
+> for more information about the configuration.
+
+Like all other xo-server plugins, it can be configured directly via
+the web iterface, see [the plugin documentation](https://xen-orchestra.com/docs/plugins.html).
+
+> Important: When registering your instance to your identity provider,
+> you must configure its callback URL to
+> `http://xo.company.net/signin/saml/callback`!
+
+## Development
+
+```
+# Install dependencies
+> npm install
+
+# Run the tests
+> npm test
+
+# Continuously compile
+> npm run dev
+
+# Continuously run the tests
+> npm run dev-test
+
+# Build for production (automatically called by npm install)
+> npm run build
+```
+
+## Contributions
+
+Contributions are *very* welcomed, either on the documentation or on
+the code.
+
+You may:
+
+- report any [issue](https://github.com/vatesfr/xo-server-auth-saml/issues)
+  you've encountered;
+- fork and create a pull request.
+
+## License
+
+AGPL3 © [Vates SAS](http://vates.fr)
--- a/packages/xo-server-auth-saml/package.json
+++ b/packages/xo-server-auth-saml/package.json
@ -0,0 +1,81 @@
+{
+  "name": "xo-server-auth-saml",
+  "version": "0.4.1",
+  "license": "AGPL-3.0",
+  "description": "SAML authentication plugin for XO-Server",
+  "keywords": [
+    "authentication",
+    "orchestra",
+    "plugin",
+    "saml",
+    "xen",
+    "xen-orchestra",
+    "xo-server"
+  ],
+  "homepage": "https://github.com/vatesfr/xo-server-auth-saml",
+  "bugs": "https://github.com/vatesfr/xo-server-auth-saml/issues",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/vatesfr/xo-server-auth-saml"
+  },
+  "author": {
+    "name": "Julien Fontanet",
+    "email": "julien.fontanet@isonoe.net"
+  },
+  "preferGlobal": false,
+  "main": "dist/",
+  "bin": {},
+  "files": [
+    "dist/"
+  ],
+  "engines": {
+    "node": ">=4"
+  },
+  "dependencies": {
+    "babel-runtime": "^6.11.6",
+    "passport-saml": "^0.15.0"
+  },
+  "devDependencies": {
+    "babel-cli": "^6.14.0",
+    "babel-eslint": "^7.1.0",
+    "babel-plugin-transform-runtime": "^6.15.0",
+    "babel-preset-latest": "^6.16.0",
+    "babel-preset-stage-0": "^6.5.0",
+    "cross-env": "^3.1.3",
+    "dependency-check": "^2.6.0",
+    "ghooks": "^1.3.2",
+    "rimraf": "^2.5.4",
+    "standard": "^8.2.0"
+  },
+  "scripts": {
+    "build": "cross-env NODE_ENV=production babel --source-maps --out-dir=dist/ src/",
+    "clean": "rimraf dist/",
+    "depcheck": "dependency-check ./package.json",
+    "dev": "cross-env NODE_ENV=development babel --watch --source-maps --out-dir=dist/ src/",
+    "lint": "standard",
+    "posttest": "npm run lint && npm run depcheck",
+    "prebuild": "npm run clean",
+    "predev": "npm run clean",
+    "prepublish": "npm run build"
+  },
+  "babel": {
+    "plugins": [
+      "transform-runtime"
+    ],
+    "presets": [
+      "latest",
+      "stage-0"
+    ]
+  },
+  "standard": {
+    "ignore": [
+      "dist"
+    ],
+    "parser": "babel-eslint"
+  },
+  "config": {
+    "ghooks": {
+      "commit-msg": "npm test"
+    }
+  }
+}
--- a/packages/xo-server-auth-saml/src/index.js
+++ b/packages/xo-server-auth-saml/src/index.js
@ -0,0 +1,59 @@
+import {Strategy} from 'passport-saml'
+
+// ===================================================================
+
+export const configurationSchema = {
+  type: 'object',
+  properties: {
+    cert: {
+      type: 'string'
+    },
+    entryPoint: {
+      type: 'string'
+    },
+    issuer: {
+      type: 'string'
+    },
+    usernameField: {
+      type: 'string'
+    }
+  },
+  required: ['cert', 'entryPoint', 'issuer']
+}
+
+// ===================================================================
+
+class AuthSamlXoPlugin {
+  constructor ({ xo }) {
+    this._conf = null
+    this._usernameField = null
+    this._xo = xo
+  }
+
+  configure ({ usernameField, ...conf }) {
+    this._usernameField = usernameField
+    this._conf = conf
+  }
+
+  load () {
+    const xo = this._xo
+
+    xo.registerPassportStrategy(new Strategy(this._conf, async (profile, done) => {
+      const name = profile[this._usernameField]
+      if (!name) {
+        done('no name found for this user')
+        return
+      }
+
+      try {
+        done(null, await xo.registerUser('saml', name))
+      } catch (error) {
+        done(error.message)
+      }
+    }))
+  }
+}
+
+// ===================================================================
+
+export default opts => new AuthSamlXoPlugin(opts)