Merge pull request #633 from nakaeeee/saml-auth

Support SAML authentication
author: Christoph (Sheogorath) Kern 2017-12-04 18:57:57 +0100
committer: GitHub 2017-12-04 18:57:57 +0100
commit: 0957f5963b735e9ccde4098265c7fab13dbb216b (patch)
tree: 63e288eb3abe096a0156fae96b4be646a9619ffb /lib/config
parent: 8112cd6fef740c3bf8f535de860c2e7b8dd51834 (diff)
parent: 2db2ff484fb0911ea699c7fc59b8b1ad868ca992 (diff)
3 files changed, 29 insertions, 0 deletions
diff --git a/lib/config/default.js b/lib/config/default.js
index 273bad02..d04485ce 100644
--- a/lib/config/default.js
+++ b/lib/config/default.js
@@ -98,6 +98,20 @@ module.exports = {
     searchAttributes: undefined,
     tlsca: undefined
   },
+  saml: {
+    idpSsoUrl: undefined,
+    idpCert: undefined,
+    issuer: undefined,
+    identifierFormat: 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
+    groupAttribute: undefined,
+    externalGroups: [],
+    requiredGroups: [],
+    attribute: {
+      id: undefined,
+      username: undefined,
+      email: undefined
+    }
+  },
   email: true,
   allowemailregister: true,
   allowpdfexport: true
diff --git a/lib/config/environment.js b/lib/config/environment.js
index 0c272f05..b7b0e3f8 100644
--- a/lib/config/environment.js
+++ b/lib/config/environment.js
@@ -73,6 +73,20 @@ module.exports = {
     searchAttributes: process.env.HMD_LDAP_SEARCHATTRIBUTES,
     tlsca: process.env.HMD_LDAP_TLS_CA
   },
+  saml: {
+    idpSsoUrl: process.env.HMD_SAML_IDPSSOURL,
+    idpCert: process.env.HMD_SAML_IDPCERT,
+    issuer: process.env.HMD_SAML_ISSUER,
+    identifierFormat: process.env.HMD_SAML_IDENTIFIERFORMAT,
+    groupAttribute: process.env.HMD_SAML_GROUPATTRIBUTE,
+    externalGroups: process.env.HMD_SAML_EXTERNALGROUPS ? process.env.HMD_SAML_EXTERNALGROUPS.split('|') : [],
+    requiredGroups: process.env.HMD_SAML_REQUIREDGROUPS ? process.env.HMD_SAML_REQUIREDGROUPS.split('|') : [],
+    attribute: {
+      id: process.env.HMD_SAML_ATTRIBUTE_ID,
+      username: process.env.HMD_SAML_ATTRIBUTE_USERNAME,
+      email: process.env.HMD_SAML_ATTRIBUTE_EMAIL
+    }
+  },
   email: toBooleanConfig(process.env.HMD_EMAIL),
   allowemailregister: toBooleanConfig(process.env.HMD_ALLOW_EMAIL_REGISTER),
   allowpdfexport: toBooleanConfig(process.env.HMD_ALLOW_PDF_EXPORT)
diff --git a/lib/config/index.js b/lib/config/index.js
index addd8ba6..3ac3de53 100644
--- a/lib/config/index.js
+++ b/lib/config/index.js
@@ -92,6 +92,7 @@ config.isGitHubEnable = config.github.clientID && config.github.clientSecret
 config.isGitLabEnable = config.gitlab.clientID && config.gitlab.clientSecret
 config.isMattermostEnable = config.mattermost.clientID && config.mattermost.clientSecret
 config.isLDAPEnable = config.ldap.url
+config.isSAMLEnable = config.saml.idpSsoUrl
 config.isPDFExportEnable = config.allowpdfexport
 
 // generate correct path
author	Christoph (Sheogorath) Kern	2017-12-04 18:57:57 +0100
committer	GitHub	2017-12-04 18:57:57 +0100
commit	0957f5963b735e9ccde4098265c7fab13dbb216b (patch)
tree	63e288eb3abe096a0156fae96b4be646a9619ffb /lib/config
parent	8112cd6fef740c3bf8f535de860c2e7b8dd51834 (diff)
parent	2db2ff484fb0911ea699c7fc59b8b1ad868ca992 (diff)