From bab0409ed09496ee1b997c40f62e6d8b0ad83013 Mon Sep 17 00:00:00 2001 From: Simeon Keske Date: Wed, 6 May 2020 16:28:34 +0200 Subject: add error handling to saml-certs Signed-off-by: Simeon Keske Signed-off-by: Leo Maroni --- lib/web/auth/saml/index.js | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) (limited to 'lib/web/auth/saml') diff --git a/lib/web/auth/saml/index.js b/lib/web/auth/saml/index.js index 4d0bfec5..c984751c 100644 --- a/lib/web/auth/saml/index.js +++ b/lib/web/auth/saml/index.js @@ -16,8 +16,21 @@ passport.use(new SamlStrategy({ callbackUrl: config.serverURL + '/auth/saml/callback', entryPoint: config.saml.idpSsoUrl, issuer: config.saml.issuer || config.serverURL, - cert: fs.readFileSync(config.saml.idpCert, 'utf-8'), - privateCert: config.saml.clientCert === undefined ? undefined : fs.readFileSync(config.saml.clientCert, 'utf-8'), + privateCert: config.saml.clientCert === undefined ? undefined : (function () { + try { + return fs.readFileSync(config.saml.clientCert, 'utf-8') + } catch (e) { + logger.error('saml client certificate not found at: ' + config.saml.clientCert) + } + }()), + cert: (function () { + try { + return fs.readFileSync(config.saml.idpCert, 'utf-8') + } catch (e) { + logger.error('saml idp certificate not found at: ' + config.saml.idpCert) + process.exit(1) + } + }()), identifierFormat: config.saml.identifierFormat, disableRequestedAuthnContext: config.saml.disableRequestedAuthnContext }, function (user, done) { -- cgit v1.2.3