From bab0409ed09496ee1b997c40f62e6d8b0ad83013 Mon Sep 17 00:00:00 2001
From: Simeon Keske
Date: Wed, 6 May 2020 16:28:34 +0200
Subject: add error handling to saml-certs

Signed-off-by: Simeon Keske <git@n0emis.eu>
Signed-off-by: Leo Maroni <git@em0lar.de>
---
 lib/web/auth/saml/index.js | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/lib/web/auth/saml/index.js b/lib/web/auth/saml/index.js
index 4d0bfec5..c984751c 100644
--- a/lib/web/auth/saml/index.js
+++ b/lib/web/auth/saml/index.js
@@ -16,8 +16,21 @@ passport.use(new SamlStrategy({
   callbackUrl: config.serverURL + '/auth/saml/callback',
   entryPoint: config.saml.idpSsoUrl,
   issuer: config.saml.issuer || config.serverURL,
-  cert: fs.readFileSync(config.saml.idpCert, 'utf-8'),
-  privateCert: config.saml.clientCert === undefined ? undefined : fs.readFileSync(config.saml.clientCert, 'utf-8'),
+  privateCert: config.saml.clientCert === undefined ? undefined : (function () {
+    try {
+      return fs.readFileSync(config.saml.clientCert, 'utf-8')
+    } catch (e) {
+      logger.error('saml client certificate not found at: ' + config.saml.clientCert)
+    }
+  }()),
+  cert: (function () {
+    try {
+      return fs.readFileSync(config.saml.idpCert, 'utf-8')
+    } catch (e) {
+      logger.error('saml idp certificate not found at: ' + config.saml.idpCert)
+      process.exit(1)
+    }
+  }()),
   identifierFormat: config.saml.identifierFormat,
   disableRequestedAuthnContext: config.saml.disableRequestedAuthnContext
 }, function (user, done) {
-- 
cgit v1.2.3