From 20cbf0c710f5eece109148fb015bc9606df45971 Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Wed, 15 Apr 2015 17:38:10 +0200 Subject: [PATCH 01/22] Initial commit. --- packages/xo-server-auth-saml/.babelrc | 15 +++ packages/xo-server-auth-saml/.editorconfig | 65 +++++++++++++ packages/xo-server-auth-saml/.gitignore | 8 ++ packages/xo-server-auth-saml/.mocha.js | 3 + packages/xo-server-auth-saml/.mocha.opts | 1 + packages/xo-server-auth-saml/.npmignore | 10 ++ packages/xo-server-auth-saml/.travis.yml | 6 ++ packages/xo-server-auth-saml/README.md | 94 +++++++++++++++++++ packages/xo-server-auth-saml/package.json | 55 +++++++++++ .../xo-server-auth-saml/src/index.spec.js | 11 +++ 10 files changed, 268 insertions(+) create mode 100644 packages/xo-server-auth-saml/.babelrc create mode 100644 packages/xo-server-auth-saml/.editorconfig create mode 100644 packages/xo-server-auth-saml/.gitignore create mode 100644 packages/xo-server-auth-saml/.mocha.js create mode 100644 packages/xo-server-auth-saml/.mocha.opts create mode 100644 packages/xo-server-auth-saml/.npmignore create mode 100644 packages/xo-server-auth-saml/.travis.yml create mode 100644 packages/xo-server-auth-saml/README.md create mode 100644 packages/xo-server-auth-saml/package.json create mode 100644 packages/xo-server-auth-saml/src/index.spec.js diff --git a/packages/xo-server-auth-saml/.babelrc b/packages/xo-server-auth-saml/.babelrc new file mode 100644 index 000000000..5e9978a41 --- /dev/null +++ b/packages/xo-server-auth-saml/.babelrc @@ -0,0 +1,15 @@ +{ + "comments": false, + "compact": true, + "optional": [ + // Experimental features. + // "minification.constantFolding", + // "minification.deadCodeElimination", + + "es7.asyncFunctions", + "es7.decorators", + "es7.exportExtensions", + "es7.functionBind", + "runtime" + ] +} diff --git a/packages/xo-server-auth-saml/.editorconfig b/packages/xo-server-auth-saml/.editorconfig new file mode 100644 index 000000000..da21ef4c5 --- /dev/null +++ b/packages/xo-server-auth-saml/.editorconfig @@ -0,0 +1,65 @@ +# http://EditorConfig.org +# +# Julien Fontanet's configuration +# https://gist.github.com/julien-f/8096213 + +# Top-most EditorConfig file. +root = true + +# Common config. +[*] +charset = utf-8 +end_of_line = lf +insert_final_newline = true +trim_trailing_whitespaces = true + +# CoffeeScript +# +# https://github.com/polarmobile/coffeescript-style-guide/blob/master/README.md +[*.{,lit}coffee] +indent_size = 2 +indent_style = space + +# Markdown +[*.{md,mdwn,mdown,markdown}] +indent_size = 4 +indent_style = space + +# Package.json +# +# This indentation style is the one used by npm. +[/package.json] +indent_size = 2 +indent_style = space + +# Jade +[*.jade] +indent_size = 2 +indent_style = space + +# JavaScript +# +# Two spaces seems to be the standard most common style, at least in +# Node.js (http://nodeguide.com/style.html#tabs-vs-spaces). +[*.js] +indent_size = 2 +indent_style = space + +# Less +[*.less] +indent_size = 2 +indent_style = space + +# Sass +# +# Style used for http://libsass.com +[*.s[ac]ss] +indent_size = 2 +indent_style = space + +# YAML +# +# Only spaces are allowed. +[*.yaml] +indent_size = 2 +indent_style = space diff --git a/packages/xo-server-auth-saml/.gitignore b/packages/xo-server-auth-saml/.gitignore new file mode 100644 index 000000000..384949d8a --- /dev/null +++ b/packages/xo-server-auth-saml/.gitignore @@ -0,0 +1,8 @@ +/bower_components/ +/dist/ + +npm-debug.log +npm-debug.log.* + +!node_modules/* +node_modules/*/ diff --git a/packages/xo-server-auth-saml/.mocha.js b/packages/xo-server-auth-saml/.mocha.js new file mode 100644 index 000000000..b888fb4d5 --- /dev/null +++ b/packages/xo-server-auth-saml/.mocha.js @@ -0,0 +1,3 @@ +try { require('clarify') } catch (_) {} +try { require('trace') } catch (_) {} +try { require('source-map-support/register') } catch (_) {} diff --git a/packages/xo-server-auth-saml/.mocha.opts b/packages/xo-server-auth-saml/.mocha.opts new file mode 100644 index 000000000..6cfd94898 --- /dev/null +++ b/packages/xo-server-auth-saml/.mocha.opts @@ -0,0 +1 @@ +--require ./.mocha.js diff --git a/packages/xo-server-auth-saml/.npmignore b/packages/xo-server-auth-saml/.npmignore new file mode 100644 index 000000000..c31ee82cb --- /dev/null +++ b/packages/xo-server-auth-saml/.npmignore @@ -0,0 +1,10 @@ +/examples/ +example.js +example.js.map +*.example.js +*.example.js.map + +/test/ +/tests/ +*.spec.js +*.spec.js.map diff --git a/packages/xo-server-auth-saml/.travis.yml b/packages/xo-server-auth-saml/.travis.yml new file mode 100644 index 000000000..d38f7e60a --- /dev/null +++ b/packages/xo-server-auth-saml/.travis.yml @@ -0,0 +1,6 @@ +language: node_js +node_js: + - 'iojs-v2' + - 'iojs-v1' + - '0.12' + - '0.10' diff --git a/packages/xo-server-auth-saml/README.md b/packages/xo-server-auth-saml/README.md new file mode 100644 index 000000000..d4a51dcc9 --- /dev/null +++ b/packages/xo-server-auth-saml/README.md @@ -0,0 +1,94 @@ +# xo-server-auth-saml [![Build Status](https://travis-ci.org/vatesfr/xo-server-auth-saml.png?branch=master)](https://travis-ci.org/vatesfr/xo-server-auth-saml) + +**Still in dev: does not work!!!** + +> LDAP authentication plugin for XO-Server + +This plugin allows SAML users to authenticate to Xen-Orchestra. + +The first time a user signs in, XO will create a new XO user with the +same identifier. + +## Install + +Installation of the [npm package](https://npmjs.org/package/xo-server-auth-saml): + +``` +> npm install --save xo-server-auth-saml +``` + +## Usage + +To enable this plugin you have to add it into the configuration file +of XO-Server: + +```yaml +plugins: + + auth-ldap: + uri: "ldap://ldap.example.org" + + # Credentials to use before looking for the user record. + # + # Default to anonymous. + bind: + + # Distinguished name of the user permitted to search the LDAP + # directory for the user to authenticate. + # + # For Microsoft Active Directory, it can also be + # `'@'` + dn: 'cn=admin,ou=people,dc=example,dc=org' + + # Password of the user permitted to search the LDAP directory. + password: 'secret' + + # The base is the part of the directory tree where the users are + # looked for. + base: "ou=people,dc=example,dc=org" + + # Filter used to find the user. + # + # For Microsoft Active Directory, the filter should be + # `'(cn={{name}})'` or `'(sAMAccountName={{name}}@)'`. + # + # Default is `'(uid={{name}})'`. + #filter: '(uid={{name}})' +``` + +## Development + +### Installing dependencies + +``` +> npm install +``` + +### Compilation + +The sources files are watched and automatically recompiled on changes. + +``` +> npm run dev +``` + +### Tests + +``` +> npm run test-dev +``` + +## Contributions + +Contributions are *very* welcomed, either on the documentation or on +the code. + +You may: + +- report any [issue](https://github.com/vatesfr/xo-server-auth-saml/issues) + you've encountered; +- fork and create a pull request. + +## License + +AGPL3 © [Vates SAS](http://vates.fr) diff --git a/packages/xo-server-auth-saml/package.json b/packages/xo-server-auth-saml/package.json new file mode 100644 index 000000000..9ea360036 --- /dev/null +++ b/packages/xo-server-auth-saml/package.json @@ -0,0 +1,55 @@ +{ + "name": "xo-server-auth-saml", + "version": "0.0.0", + "license": "AGPL3", + "description": "SAML authentication plugin for XO-Server", + "keywords": [ + "xo-server", + "xo-server", + "authentication", + "saml" + ], + "homepage": "https://github.com/vatesfr/xo-server-auth-saml", + "bugs": "https://github.com/vatesfr/xo-server-auth-saml/issues", + "repository": { + "type": "git", + "url": "https://github.com/vatesfr/xo-server-auth-saml" + }, + "author": { + "name": "Julien Fontanet", + "email": "julien.fontanet@isonoe.net" + }, + "preferGlobal": false, + "main": "dist/", + "bin": {}, + "files": [ + "dist/" + ], + "dependencies": { + "babel-runtime": "^5.7.0" + }, + "devDependencies": { + "babel": "^5.6.23", + "babel-eslint": "^3.1.23", + "clarify": "^1.0.5", + "mocha": "^2.2.5", + "must": "^0.12.0", + "source-map-support": "^0.3.2", + "standard": "^4.5.4", + "trace": "^1.2.0" + }, + "scripts": { + "build": "babel --source-maps --out-dir=dist/ src/", + "dev": "babel --watch --source-maps --out-dir=dist/ src/", + "lint": "standard", + "prepublish": "npm run build", + "test": "npm run lint && mocha --opts .mocha.opts \"dist/**/*.spec.js\"", + "test-dev": "mocha --opts .mocha.opts --watch --reporter=min \"dist/**/*.spec.js\"" + }, + "standard": { + "ignore": [ + "dist/**" + ], + "parser": "babel-eslint" + } +} diff --git a/packages/xo-server-auth-saml/src/index.spec.js b/packages/xo-server-auth-saml/src/index.spec.js new file mode 100644 index 000000000..8c97004d5 --- /dev/null +++ b/packages/xo-server-auth-saml/src/index.spec.js @@ -0,0 +1,11 @@ +/* eslint-env mocha */ + +import expect from 'must' + +// =================================================================== + +import myLib from './' + +// =================================================================== + +describe('myLib') From 8c9ea7885acf680f199951c5d6f0fefaf2c6b9df Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Fri, 28 Aug 2015 16:16:32 +0200 Subject: [PATCH 02/22] First working version. --- packages/xo-server-auth-saml/README.md | 42 ++++++------------- packages/xo-server-auth-saml/package.json | 11 ++--- packages/xo-server-auth-saml/src/index.js | 25 +++++++++++ .../xo-server-auth-saml/src/index.spec.js | 11 ----- 4 files changed, 44 insertions(+), 45 deletions(-) create mode 100644 packages/xo-server-auth-saml/src/index.js delete mode 100644 packages/xo-server-auth-saml/src/index.spec.js diff --git a/packages/xo-server-auth-saml/README.md b/packages/xo-server-auth-saml/README.md index d4a51dcc9..0f4bab5a4 100644 --- a/packages/xo-server-auth-saml/README.md +++ b/packages/xo-server-auth-saml/README.md @@ -1,8 +1,6 @@ # xo-server-auth-saml [![Build Status](https://travis-ci.org/vatesfr/xo-server-auth-saml.png?branch=master)](https://travis-ci.org/vatesfr/xo-server-auth-saml) -**Still in dev: does not work!!!** - -> LDAP authentication plugin for XO-Server +> SAML authentication plugin for XO-Server This plugin allows SAML users to authenticate to Xen-Orchestra. @@ -19,41 +17,27 @@ Installation of the [npm package](https://npmjs.org/package/xo-server-auth-saml) ## Usage +> This plugin is based on [passport-saml](https://github.com/bergie/passport-saml), +> see [its documentation](https://github.com/bergie/passport-saml#configure-strategy) +> for more information about the configuration. + To enable this plugin you have to add it into the configuration file of XO-Server: ```yaml plugins: - auth-ldap: - uri: "ldap://ldap.example.org" + auth-saml: + path: '/signin/saml/callback' - # Credentials to use before looking for the user record. - # - # Default to anonymous. - bind: + # Server certificate used to validate + cert: '-----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----' - # Distinguished name of the user permitted to search the LDAP - # directory for the user to authenticate. - # - # For Microsoft Active Directory, it can also be - # `'@'` - dn: 'cn=admin,ou=people,dc=example,dc=org' + # Identity provider entry point (sign in URL). + entryPoint: 'https://saml.example.org/signin/' - # Password of the user permitted to search the LDAP directory. - password: 'secret' - - # The base is the part of the directory tree where the users are - # looked for. - base: "ou=people,dc=example,dc=org" - - # Filter used to find the user. - # - # For Microsoft Active Directory, the filter should be - # `'(cn={{name}})'` or `'(sAMAccountName={{name}}@)'`. - # - # Default is `'(uid={{name}})'`. - #filter: '(uid={{name}})' + # Issuer string to supply the identity provider. + issuer: 'xen-orchestra' ``` ## Development diff --git a/packages/xo-server-auth-saml/package.json b/packages/xo-server-auth-saml/package.json index 9ea360036..188492661 100644 --- a/packages/xo-server-auth-saml/package.json +++ b/packages/xo-server-auth-saml/package.json @@ -1,7 +1,7 @@ { "name": "xo-server-auth-saml", "version": "0.0.0", - "license": "AGPL3", + "license": "AGPL-3", "description": "SAML authentication plugin for XO-Server", "keywords": [ "xo-server", @@ -26,16 +26,17 @@ "dist/" ], "dependencies": { - "babel-runtime": "^5.7.0" + "babel-runtime": "^5.8.20", + "passport-saml": "^0.12.0" }, "devDependencies": { - "babel": "^5.6.23", - "babel-eslint": "^3.1.23", + "babel": "^5.8.21", + "babel-eslint": "^4.1.0", "clarify": "^1.0.5", "mocha": "^2.2.5", "must": "^0.12.0", "source-map-support": "^0.3.2", - "standard": "^4.5.4", + "standard": "^5.1.0", "trace": "^1.2.0" }, "scripts": { diff --git a/packages/xo-server-auth-saml/src/index.js b/packages/xo-server-auth-saml/src/index.js new file mode 100644 index 000000000..a5503dabf --- /dev/null +++ b/packages/xo-server-auth-saml/src/index.js @@ -0,0 +1,25 @@ +/* eslint no-throw-literal: 0 */ + +import {Strategy} from 'passport-saml' + +// =================================================================== + +class AuthSamlXoPlugin { + constructor (conf) { + this._conf = conf + } + + load (xo) { + xo.registerPassportStrategy(new Strategy(this._conf, async (profile, done) => { + try { + done(null, await xo.registerUser('saml', profile.username)) + } catch (error) { + done(error.message) + } + })) + } +} + +// =================================================================== + +export default conf => new AuthSamlXoPlugin(conf) diff --git a/packages/xo-server-auth-saml/src/index.spec.js b/packages/xo-server-auth-saml/src/index.spec.js deleted file mode 100644 index 8c97004d5..000000000 --- a/packages/xo-server-auth-saml/src/index.spec.js +++ /dev/null @@ -1,11 +0,0 @@ -/* eslint-env mocha */ - -import expect from 'must' - -// =================================================================== - -import myLib from './' - -// =================================================================== - -describe('myLib') From 6c3719b9b8d2c657d75bbcfd1132b026b50aa49b Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Fri, 28 Aug 2015 17:47:53 +0200 Subject: [PATCH 03/22] 0.1.0 --- packages/xo-server-auth-saml/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/xo-server-auth-saml/package.json b/packages/xo-server-auth-saml/package.json index 188492661..f1ab80841 100644 --- a/packages/xo-server-auth-saml/package.json +++ b/packages/xo-server-auth-saml/package.json @@ -1,6 +1,6 @@ { "name": "xo-server-auth-saml", - "version": "0.0.0", + "version": "0.1.0", "license": "AGPL-3", "description": "SAML authentication plugin for XO-Server", "keywords": [ From e61873f33543b3b9f1347ba3d9786283815ed8e1 Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Fri, 28 Aug 2015 18:23:46 +0200 Subject: [PATCH 04/22] username is not define in passport-saml. --- packages/xo-server-auth-saml/src/index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/xo-server-auth-saml/src/index.js b/packages/xo-server-auth-saml/src/index.js index a5503dabf..5fc9aa9e2 100644 --- a/packages/xo-server-auth-saml/src/index.js +++ b/packages/xo-server-auth-saml/src/index.js @@ -12,7 +12,7 @@ class AuthSamlXoPlugin { load (xo) { xo.registerPassportStrategy(new Strategy(this._conf, async (profile, done) => { try { - done(null, await xo.registerUser('saml', profile.username)) + done(null, await xo.registerUser('saml', profile.uid)) } catch (error) { done(error.message) } From e7082680676cce6890d31d51f4c763cf0338e063 Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Mon, 7 Sep 2015 14:15:55 +0200 Subject: [PATCH 05/22] Test on iojs 3 and use Travis containers. --- packages/xo-server-auth-saml/.travis.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/packages/xo-server-auth-saml/.travis.yml b/packages/xo-server-auth-saml/.travis.yml index d38f7e60a..1550c31c0 100644 --- a/packages/xo-server-auth-saml/.travis.yml +++ b/packages/xo-server-auth-saml/.travis.yml @@ -1,6 +1,11 @@ language: node_js node_js: + - 'iojs-v3' - 'iojs-v2' - 'iojs-v1' - '0.12' - '0.10' + +# Use containers. +# http://docs.travis-ci.com/user/workers/container-based-infrastructure/ +sudo: false From b4c612ff6d1076e8e0e7e68da31bd3073824bfb9 Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Mon, 7 Sep 2015 14:16:10 +0200 Subject: [PATCH 06/22] Remove unnecessary ESLint directive. --- packages/xo-server-auth-saml/src/index.js | 2 -- 1 file changed, 2 deletions(-) diff --git a/packages/xo-server-auth-saml/src/index.js b/packages/xo-server-auth-saml/src/index.js index 5fc9aa9e2..6991f7656 100644 --- a/packages/xo-server-auth-saml/src/index.js +++ b/packages/xo-server-auth-saml/src/index.js @@ -1,5 +1,3 @@ -/* eslint no-throw-literal: 0 */ - import {Strategy} from 'passport-saml' // =================================================================== From 3d00b4ffbe703bf14a9e8f89e2c6753f72c7a1d6 Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Fri, 11 Sep 2015 10:43:36 +0200 Subject: [PATCH 07/22] 0.2.0 --- packages/xo-server-auth-saml/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/xo-server-auth-saml/package.json b/packages/xo-server-auth-saml/package.json index f1ab80841..262fab11d 100644 --- a/packages/xo-server-auth-saml/package.json +++ b/packages/xo-server-auth-saml/package.json @@ -1,6 +1,6 @@ { "name": "xo-server-auth-saml", - "version": "0.1.0", + "version": "0.2.0", "license": "AGPL-3", "description": "SAML authentication plugin for XO-Server", "keywords": [ From 1f454ababf64d83dbf0e34514ab47f3e2e432712 Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Wed, 16 Sep 2015 11:12:42 +0200 Subject: [PATCH 08/22] Support custom username field. --- packages/xo-server-auth-saml/README.md | 5 +++++ packages/xo-server-auth-saml/src/index.js | 22 +++++++++++++++++++++- 2 files changed, 26 insertions(+), 1 deletion(-) diff --git a/packages/xo-server-auth-saml/README.md b/packages/xo-server-auth-saml/README.md index 0f4bab5a4..0560d4b57 100644 --- a/packages/xo-server-auth-saml/README.md +++ b/packages/xo-server-auth-saml/README.md @@ -38,6 +38,11 @@ plugins: # Issuer string to supply the identity provider. issuer: 'xen-orchestra' + + # Field to use as the name of the user. + # + # Default: uid. + usernameField: 'uid' ``` ## Development diff --git a/packages/xo-server-auth-saml/src/index.js b/packages/xo-server-auth-saml/src/index.js index 6991f7656..4e2cc74a3 100644 --- a/packages/xo-server-auth-saml/src/index.js +++ b/packages/xo-server-auth-saml/src/index.js @@ -2,15 +2,35 @@ import {Strategy} from 'passport-saml' // =================================================================== +function extract (obj, prop, defaultValue = undefined) { + if (prop in obj) { + const value = obj[prop] + delete obj[prop] + + return value + } + + return defaultValue +} + +// =================================================================== + class AuthSamlXoPlugin { constructor (conf) { + this._usernameField = extract(conf, 'usernameField', 'uid') this._conf = conf } load (xo) { xo.registerPassportStrategy(new Strategy(this._conf, async (profile, done) => { + const name = profile[this._usernameField] + if (!name) { + done('no name found for this user') + return + } + try { - done(null, await xo.registerUser('saml', profile.uid)) + done(null, await xo.registerUser('saml', name)) } catch (error) { done(error.message) } From 10a7c750011a6b7e71faea7976a8e2331a56f7b6 Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Wed, 16 Sep 2015 11:13:25 +0200 Subject: [PATCH 09/22] Enable tests on Node 4. --- packages/xo-server-auth-saml/.travis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/packages/xo-server-auth-saml/.travis.yml b/packages/xo-server-auth-saml/.travis.yml index 1550c31c0..1be09b389 100644 --- a/packages/xo-server-auth-saml/.travis.yml +++ b/packages/xo-server-auth-saml/.travis.yml @@ -1,5 +1,6 @@ language: node_js node_js: + - '4' - 'iojs-v3' - 'iojs-v2' - 'iojs-v1' From d131a26a41a8ff13ecbd0a174cadd11f70cacdcb Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Wed, 16 Sep 2015 11:35:26 +0200 Subject: [PATCH 10/22] Fix the license. --- packages/xo-server-auth-saml/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/xo-server-auth-saml/package.json b/packages/xo-server-auth-saml/package.json index 262fab11d..e837afe32 100644 --- a/packages/xo-server-auth-saml/package.json +++ b/packages/xo-server-auth-saml/package.json @@ -1,7 +1,7 @@ { "name": "xo-server-auth-saml", "version": "0.2.0", - "license": "AGPL-3", + "license": "AGPL-3.0", "description": "SAML authentication plugin for XO-Server", "keywords": [ "xo-server", From a1cd95752af729c54a8c8ac969a7eddaa2b78a01 Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Wed, 16 Sep 2015 11:35:32 +0200 Subject: [PATCH 11/22] 0.3.0 --- packages/xo-server-auth-saml/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/xo-server-auth-saml/package.json b/packages/xo-server-auth-saml/package.json index e837afe32..1605a3127 100644 --- a/packages/xo-server-auth-saml/package.json +++ b/packages/xo-server-auth-saml/package.json @@ -1,6 +1,6 @@ { "name": "xo-server-auth-saml", - "version": "0.2.0", + "version": "0.3.0", "license": "AGPL-3.0", "description": "SAML authentication plugin for XO-Server", "keywords": [ From ddf7226ba80fe923d0e5a8ae7bf899ef0eec2107 Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Wed, 16 Sep 2015 11:57:44 +0200 Subject: [PATCH 12/22] Minor fixes in the README. --- packages/xo-server-auth-saml/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/xo-server-auth-saml/README.md b/packages/xo-server-auth-saml/README.md index 0560d4b57..7a1b303cf 100644 --- a/packages/xo-server-auth-saml/README.md +++ b/packages/xo-server-auth-saml/README.md @@ -12,7 +12,7 @@ same identifier. Installation of the [npm package](https://npmjs.org/package/xo-server-auth-saml): ``` -> npm install --save xo-server-auth-saml +> npm install --global xo-server-auth-saml ``` ## Usage @@ -30,8 +30,8 @@ plugins: auth-saml: path: '/signin/saml/callback' - # Server certificate used to validate - cert: '-----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----' + # Server certificate used to validate in Base64 (no comments, no line breaks). + cert: 'MIIFBjCCAu4CCQDBMhqko5KQODANBgkqhkiG9w0BAQ ...' # Identity provider entry point (sign in URL). entryPoint: 'https://saml.example.org/signin/' From fd6f92f6b53fcb17818204b55126d6fefb958901 Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Wed, 16 Sep 2015 11:57:52 +0200 Subject: [PATCH 13/22] 0.3.1 --- packages/xo-server-auth-saml/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/xo-server-auth-saml/package.json b/packages/xo-server-auth-saml/package.json index 1605a3127..f399c36e4 100644 --- a/packages/xo-server-auth-saml/package.json +++ b/packages/xo-server-auth-saml/package.json @@ -1,6 +1,6 @@ { "name": "xo-server-auth-saml", - "version": "0.3.0", + "version": "0.3.1", "license": "AGPL-3.0", "description": "SAML authentication plugin for XO-Server", "keywords": [ From 760974c7c73d46970e6a4745ff316748d6b90f87 Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Mon, 21 Sep 2015 10:30:53 +0200 Subject: [PATCH 14/22] Clearer explanation for the callback URL. --- packages/xo-server-auth-saml/README.md | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/packages/xo-server-auth-saml/README.md b/packages/xo-server-auth-saml/README.md index 7a1b303cf..400ff966b 100644 --- a/packages/xo-server-auth-saml/README.md +++ b/packages/xo-server-auth-saml/README.md @@ -21,15 +21,13 @@ Installation of the [npm package](https://npmjs.org/package/xo-server-auth-saml) > see [its documentation](https://github.com/bergie/passport-saml#configure-strategy) > for more information about the configuration. -To enable this plugin you have to add it into the configuration file -of XO-Server: +To enable this plugin you have to add the following lines into the +configuration file of XO-Server: ```yaml plugins: auth-saml: - path: '/signin/saml/callback' - # Server certificate used to validate in Base64 (no comments, no line breaks). cert: 'MIIFBjCCAu4CCQDBMhqko5KQODANBgkqhkiG9w0BAQ ...' @@ -45,6 +43,10 @@ plugins: usernameField: 'uid' ``` +> Important: When registering your instance to your identity provider, +> you must configure its callback URL to +> `http://xo.company.net/signin/saml/callback`! + ## Development ### Installing dependencies From 71e77ad45a31c9736adc8484c42fc71dd2ca39f2 Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Thu, 8 Oct 2015 13:55:57 +0200 Subject: [PATCH 15/22] New plugin API. --- packages/xo-server-auth-saml/src/index.js | 33 ++++++++++++++++++++--- 1 file changed, 30 insertions(+), 3 deletions(-) diff --git a/packages/xo-server-auth-saml/src/index.js b/packages/xo-server-auth-saml/src/index.js index 4e2cc74a3..0084d4d37 100644 --- a/packages/xo-server-auth-saml/src/index.js +++ b/packages/xo-server-auth-saml/src/index.js @@ -15,13 +15,40 @@ function extract (obj, prop, defaultValue = undefined) { // =================================================================== +export const configurationSchema = { + type: 'object', + properties: { + cert: { + type: 'string' + }, + entryPoint: { + type: 'string' + }, + issuer: { + type: 'string' + }, + usernameField: { + type: 'string' + } + }, + required: ['cert', 'entryPoint', 'issuer'] +} + +// =================================================================== + class AuthSamlXoPlugin { - constructor (conf) { + constructor (xo) { + this._xo = xo + } + + configure (conf) { this._usernameField = extract(conf, 'usernameField', 'uid') this._conf = conf } - load (xo) { + load () { + const {_xo: xo} = this + xo.registerPassportStrategy(new Strategy(this._conf, async (profile, done) => { const name = profile[this._usernameField] if (!name) { @@ -40,4 +67,4 @@ class AuthSamlXoPlugin { // =================================================================== -export default conf => new AuthSamlXoPlugin(conf) +export default ({xo}) => new AuthSamlXoPlugin(xo) From 5db5c4e52cda04564ce3837a61dcb42a60b084bc Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Fri, 9 Oct 2015 17:56:00 +0200 Subject: [PATCH 16/22] 0.4.0 --- packages/xo-server-auth-saml/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/xo-server-auth-saml/package.json b/packages/xo-server-auth-saml/package.json index f399c36e4..7fc6583d7 100644 --- a/packages/xo-server-auth-saml/package.json +++ b/packages/xo-server-auth-saml/package.json @@ -1,6 +1,6 @@ { "name": "xo-server-auth-saml", - "version": "0.3.1", + "version": "0.4.0", "license": "AGPL-3.0", "description": "SAML authentication plugin for XO-Server", "keywords": [ From 2e5169eb46bca37b62532c265dcfa821420bad32 Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Fri, 9 Oct 2015 18:55:23 +0200 Subject: [PATCH 17/22] 0.4.1 --- packages/xo-server-auth-saml/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/xo-server-auth-saml/package.json b/packages/xo-server-auth-saml/package.json index 7fc6583d7..7a67fcbbf 100644 --- a/packages/xo-server-auth-saml/package.json +++ b/packages/xo-server-auth-saml/package.json @@ -1,6 +1,6 @@ { "name": "xo-server-auth-saml", - "version": "0.4.0", + "version": "0.4.1", "license": "AGPL-3.0", "description": "SAML authentication plugin for XO-Server", "keywords": [ From b3a593afd7b4c74595d94b7c6ba6af5e9a29569f Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Tue, 24 Nov 2015 11:47:31 +0100 Subject: [PATCH 18/22] Test on Node stable. --- packages/xo-server-auth-saml/.travis.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/packages/xo-server-auth-saml/.travis.yml b/packages/xo-server-auth-saml/.travis.yml index 1be09b389..502095fce 100644 --- a/packages/xo-server-auth-saml/.travis.yml +++ b/packages/xo-server-auth-saml/.travis.yml @@ -1,9 +1,7 @@ language: node_js node_js: + - 'stable' - '4' - - 'iojs-v3' - - 'iojs-v2' - - 'iojs-v1' - '0.12' - '0.10' From f8c74daef504440484235725e368628a72c764e2 Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Tue, 24 Nov 2015 11:47:53 +0100 Subject: [PATCH 19/22] Use object spread instead of altering passed object. --- packages/xo-server-auth-saml/src/index.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/xo-server-auth-saml/src/index.js b/packages/xo-server-auth-saml/src/index.js index 0084d4d37..a4c3d1009 100644 --- a/packages/xo-server-auth-saml/src/index.js +++ b/packages/xo-server-auth-saml/src/index.js @@ -41,8 +41,8 @@ class AuthSamlXoPlugin { this._xo = xo } - configure (conf) { - this._usernameField = extract(conf, 'usernameField', 'uid') + configure ({ usernameField, ...conf }) { + this._usernameField = usernameField this._conf = conf } From a4e9f1a68394511368ba3a604599bc33ffdf482a Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Tue, 24 Nov 2015 11:48:31 +0100 Subject: [PATCH 20/22] Remove unused code. --- packages/xo-server-auth-saml/src/index.js | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/packages/xo-server-auth-saml/src/index.js b/packages/xo-server-auth-saml/src/index.js index a4c3d1009..271200518 100644 --- a/packages/xo-server-auth-saml/src/index.js +++ b/packages/xo-server-auth-saml/src/index.js @@ -2,19 +2,6 @@ import {Strategy} from 'passport-saml' // =================================================================== -function extract (obj, prop, defaultValue = undefined) { - if (prop in obj) { - const value = obj[prop] - delete obj[prop] - - return value - } - - return defaultValue -} - -// =================================================================== - export const configurationSchema = { type: 'object', properties: { From a8340c24c3a0d286a6e3d6d97e5c3733e61d27e2 Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Tue, 27 Sep 2016 15:29:23 +0200 Subject: [PATCH 21/22] chore(package): update all dependencies --- packages/xo-server-auth-saml/.babelrc | 15 ------- packages/xo-server-auth-saml/.editorconfig | 2 +- packages/xo-server-auth-saml/.gitignore | 5 +-- packages/xo-server-auth-saml/.mocha.js | 3 -- packages/xo-server-auth-saml/.mocha.opts | 1 - packages/xo-server-auth-saml/.travis.yml | 2 - packages/xo-server-auth-saml/README.md | 23 +--------- packages/xo-server-auth-saml/package.json | 49 +++++++++++++++------- 8 files changed, 37 insertions(+), 63 deletions(-) delete mode 100644 packages/xo-server-auth-saml/.babelrc delete mode 100644 packages/xo-server-auth-saml/.mocha.js delete mode 100644 packages/xo-server-auth-saml/.mocha.opts diff --git a/packages/xo-server-auth-saml/.babelrc b/packages/xo-server-auth-saml/.babelrc deleted file mode 100644 index 5e9978a41..000000000 --- a/packages/xo-server-auth-saml/.babelrc +++ /dev/null @@ -1,15 +0,0 @@ -{ - "comments": false, - "compact": true, - "optional": [ - // Experimental features. - // "minification.constantFolding", - // "minification.deadCodeElimination", - - "es7.asyncFunctions", - "es7.decorators", - "es7.exportExtensions", - "es7.functionBind", - "runtime" - ] -} diff --git a/packages/xo-server-auth-saml/.editorconfig b/packages/xo-server-auth-saml/.editorconfig index da21ef4c5..b6db0112a 100644 --- a/packages/xo-server-auth-saml/.editorconfig +++ b/packages/xo-server-auth-saml/.editorconfig @@ -41,7 +41,7 @@ indent_style = space # # Two spaces seems to be the standard most common style, at least in # Node.js (http://nodeguide.com/style.html#tabs-vs-spaces). -[*.js] +[*.{js,jsx,ts,tsx}] indent_size = 2 indent_style = space diff --git a/packages/xo-server-auth-saml/.gitignore b/packages/xo-server-auth-saml/.gitignore index 384949d8a..fa69f37f1 100644 --- a/packages/xo-server-auth-saml/.gitignore +++ b/packages/xo-server-auth-saml/.gitignore @@ -1,8 +1,5 @@ -/bower_components/ /dist/ +/node_modules/ npm-debug.log npm-debug.log.* - -!node_modules/* -node_modules/*/ diff --git a/packages/xo-server-auth-saml/.mocha.js b/packages/xo-server-auth-saml/.mocha.js deleted file mode 100644 index b888fb4d5..000000000 --- a/packages/xo-server-auth-saml/.mocha.js +++ /dev/null @@ -1,3 +0,0 @@ -try { require('clarify') } catch (_) {} -try { require('trace') } catch (_) {} -try { require('source-map-support/register') } catch (_) {} diff --git a/packages/xo-server-auth-saml/.mocha.opts b/packages/xo-server-auth-saml/.mocha.opts deleted file mode 100644 index 6cfd94898..000000000 --- a/packages/xo-server-auth-saml/.mocha.opts +++ /dev/null @@ -1 +0,0 @@ ---require ./.mocha.js diff --git a/packages/xo-server-auth-saml/.travis.yml b/packages/xo-server-auth-saml/.travis.yml index 502095fce..fb5d91729 100644 --- a/packages/xo-server-auth-saml/.travis.yml +++ b/packages/xo-server-auth-saml/.travis.yml @@ -2,8 +2,6 @@ language: node_js node_js: - 'stable' - '4' - - '0.12' - - '0.10' # Use containers. # http://docs.travis-ci.com/user/workers/container-based-infrastructure/ diff --git a/packages/xo-server-auth-saml/README.md b/packages/xo-server-auth-saml/README.md index 400ff966b..420d35ae5 100644 --- a/packages/xo-server-auth-saml/README.md +++ b/packages/xo-server-auth-saml/README.md @@ -21,27 +21,8 @@ Installation of the [npm package](https://npmjs.org/package/xo-server-auth-saml) > see [its documentation](https://github.com/bergie/passport-saml#configure-strategy) > for more information about the configuration. -To enable this plugin you have to add the following lines into the -configuration file of XO-Server: - -```yaml -plugins: - - auth-saml: - # Server certificate used to validate in Base64 (no comments, no line breaks). - cert: 'MIIFBjCCAu4CCQDBMhqko5KQODANBgkqhkiG9w0BAQ ...' - - # Identity provider entry point (sign in URL). - entryPoint: 'https://saml.example.org/signin/' - - # Issuer string to supply the identity provider. - issuer: 'xen-orchestra' - - # Field to use as the name of the user. - # - # Default: uid. - usernameField: 'uid' -``` +Like all other xo-server plugins, it can be configured directly via +the web iterface, see [the plugin documentation](https://xen-orchestra.com/docs/plugins.html). > Important: When registering your instance to your identity provider, > you must configure its callback URL to diff --git a/packages/xo-server-auth-saml/package.json b/packages/xo-server-auth-saml/package.json index 7a67fcbbf..64c371751 100644 --- a/packages/xo-server-auth-saml/package.json +++ b/packages/xo-server-auth-saml/package.json @@ -25,32 +25,49 @@ "files": [ "dist/" ], + "engines": { + "node": ">=4" + }, "dependencies": { - "babel-runtime": "^5.8.20", - "passport-saml": "^0.12.0" + "babel-runtime": "^6.11.6", + "passport-saml": "^0.15.0" }, "devDependencies": { - "babel": "^5.8.21", - "babel-eslint": "^4.1.0", - "clarify": "^1.0.5", - "mocha": "^2.2.5", - "must": "^0.12.0", - "source-map-support": "^0.3.2", - "standard": "^5.1.0", - "trace": "^1.2.0" + "babel-cli": "^6.14.0", + "babel-eslint": "^6.1.2", + "babel-plugin-transform-runtime": "^6.15.0", + "babel-preset-es2015": "^6.14.0", + "babel-preset-stage-0": "^6.5.0", + "dependency-check": "^2.6.0", + "ghooks": "^1.3.2", + "standard": "^8.2.0" }, "scripts": { - "build": "babel --source-maps --out-dir=dist/ src/", - "dev": "babel --watch --source-maps --out-dir=dist/ src/", + "build": "NODE_ENV=production babel --source-maps --out-dir=dist/ src/", + "depcheck": "dependency-check ./package.json", + "dev": "NODE_DEV=development babel --watch --source-maps --out-dir=dist/ src/", "lint": "standard", - "prepublish": "npm run build", - "test": "npm run lint && mocha --opts .mocha.opts \"dist/**/*.spec.js\"", - "test-dev": "mocha --opts .mocha.opts --watch --reporter=min \"dist/**/*.spec.js\"" + "posttest": "npm run lint && npm run depcheck", + "prepublish": "npm run build" + }, + "babel": { + "plugins": [ + "transform-runtime" + ], + "presets": [ + "es2015", + "stage-0" + ] }, "standard": { "ignore": [ - "dist/**" + "dist" ], "parser": "babel-eslint" + }, + "config": { + "ghooks": { + "commit-msg": "npm test" + } } } From 7e2f2f6102d676059ceee4f70860a2a42ebea7c2 Mon Sep 17 00:00:00 2001 From: Julien Fontanet Date: Fri, 28 Oct 2016 13:45:43 +0200 Subject: [PATCH 22/22] chore(package): various updates --- packages/xo-server-auth-saml/.gitignore | 2 ++ packages/xo-server-auth-saml/.travis.yml | 1 + packages/xo-server-auth-saml/README.md | 19 ++++++++---------- packages/xo-server-auth-saml/package.json | 24 +++++++++++++++-------- packages/xo-server-auth-saml/src/index.js | 8 +++++--- 5 files changed, 32 insertions(+), 22 deletions(-) diff --git a/packages/xo-server-auth-saml/.gitignore b/packages/xo-server-auth-saml/.gitignore index fa69f37f1..827e4e420 100644 --- a/packages/xo-server-auth-saml/.gitignore +++ b/packages/xo-server-auth-saml/.gitignore @@ -3,3 +3,5 @@ npm-debug.log npm-debug.log.* +pnpm-debug.log +pnpm-debug.log.* diff --git a/packages/xo-server-auth-saml/.travis.yml b/packages/xo-server-auth-saml/.travis.yml index fb5d91729..ae52e87e6 100644 --- a/packages/xo-server-auth-saml/.travis.yml +++ b/packages/xo-server-auth-saml/.travis.yml @@ -1,6 +1,7 @@ language: node_js node_js: - 'stable' + - '6' - '4' # Use containers. diff --git a/packages/xo-server-auth-saml/README.md b/packages/xo-server-auth-saml/README.md index 420d35ae5..82ad17432 100644 --- a/packages/xo-server-auth-saml/README.md +++ b/packages/xo-server-auth-saml/README.md @@ -30,24 +30,21 @@ the web iterface, see [the plugin documentation](https://xen-orchestra.com/docs/ ## Development -### Installing dependencies - ``` +# Install dependencies > npm install -``` -### Compilation +# Run the tests +> npm test -The sources files are watched and automatically recompiled on changes. - -``` +# Continuously compile > npm run dev -``` -### Tests +# Continuously run the tests +> npm run dev-test -``` -> npm run test-dev +# Build for production (automatically called by npm install) +> npm run build ``` ## Contributions diff --git a/packages/xo-server-auth-saml/package.json b/packages/xo-server-auth-saml/package.json index 64c371751..a9ca878c3 100644 --- a/packages/xo-server-auth-saml/package.json +++ b/packages/xo-server-auth-saml/package.json @@ -4,10 +4,13 @@ "license": "AGPL-3.0", "description": "SAML authentication plugin for XO-Server", "keywords": [ - "xo-server", - "xo-server", "authentication", - "saml" + "orchestra", + "plugin", + "saml", + "xen", + "xen-orchestra", + "xo-server" ], "homepage": "https://github.com/vatesfr/xo-server-auth-saml", "bugs": "https://github.com/vatesfr/xo-server-auth-saml/issues", @@ -34,20 +37,25 @@ }, "devDependencies": { "babel-cli": "^6.14.0", - "babel-eslint": "^6.1.2", + "babel-eslint": "^7.1.0", "babel-plugin-transform-runtime": "^6.15.0", - "babel-preset-es2015": "^6.14.0", + "babel-preset-latest": "^6.16.0", "babel-preset-stage-0": "^6.5.0", + "cross-env": "^3.1.3", "dependency-check": "^2.6.0", "ghooks": "^1.3.2", + "rimraf": "^2.5.4", "standard": "^8.2.0" }, "scripts": { - "build": "NODE_ENV=production babel --source-maps --out-dir=dist/ src/", + "build": "cross-env NODE_ENV=production babel --source-maps --out-dir=dist/ src/", + "clean": "rimraf dist/", "depcheck": "dependency-check ./package.json", - "dev": "NODE_DEV=development babel --watch --source-maps --out-dir=dist/ src/", + "dev": "cross-env NODE_ENV=development babel --watch --source-maps --out-dir=dist/ src/", "lint": "standard", "posttest": "npm run lint && npm run depcheck", + "prebuild": "npm run clean", + "predev": "npm run clean", "prepublish": "npm run build" }, "babel": { @@ -55,7 +63,7 @@ "transform-runtime" ], "presets": [ - "es2015", + "latest", "stage-0" ] }, diff --git a/packages/xo-server-auth-saml/src/index.js b/packages/xo-server-auth-saml/src/index.js index 271200518..e19a4a81b 100644 --- a/packages/xo-server-auth-saml/src/index.js +++ b/packages/xo-server-auth-saml/src/index.js @@ -24,7 +24,9 @@ export const configurationSchema = { // =================================================================== class AuthSamlXoPlugin { - constructor (xo) { + constructor ({ xo }) { + this._conf = null + this._usernameField = null this._xo = xo } @@ -34,7 +36,7 @@ class AuthSamlXoPlugin { } load () { - const {_xo: xo} = this + const xo = this._xo xo.registerPassportStrategy(new Strategy(this._conf, async (profile, done) => { const name = profile[this._usernameField] @@ -54,4 +56,4 @@ class AuthSamlXoPlugin { // =================================================================== -export default ({xo}) => new AuthSamlXoPlugin(xo) +export default opts => new AuthSamlXoPlugin(opts)