Added SAML disableRequestedAuthnContext

This commit is contained in:
Ylian Saint-Hilaire 2020-05-28 17:03:40 -07:00
parent 45d0d7d173
commit c4a580a211
3 changed files with 4 additions and 1 deletions

View File

@ -209,6 +209,7 @@
},
"saml": {
"_callbackurl": "https://server/auth-saml-callback",
"_disableRequestedAuthnContext": true,
"newAccounts": true,
"_newAccountsUserGroups": [ "ugrp//xxxxxxxxxxxxxxxxx" ],
"entityid": "meshcentral",

View File

@ -31268,4 +31268,4 @@
]
}
]
}
}

View File

@ -4541,6 +4541,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
path: (typeof domain.authstrategies.saml.callbackurl == 'string') ? domain.authstrategies.saml.callbackurl : (url + 'auth-saml-callback'),
entryPoint: domain.authstrategies.saml.idpurl, issuer: 'meshcentral'
};
if (domain.authstrategies.saml.disablerequestedauthncontext != null) { options.disableRequestedAuthnContext = domain.authstrategies.saml.disablerequestedauthncontext; }
parent.debug('web', 'Adding SAML SSO with options: ' + JSON.stringify(options));
if (typeof domain.authstrategies.saml.entityid == 'string') { options.issuer = domain.authstrategies.saml.entityid; }
options.cert = cert.toString().split('-----BEGIN CERTIFICATE-----').join('').split('-----END CERTIFICATE-----').join('');
@ -4582,6 +4583,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
path: (typeof domain.authstrategies.intel.callbackurl == 'string') ? domain.authstrategies.intel.callbackurl : (url + 'auth-intel-callback'),
entryPoint: domain.authstrategies.intel.idpurl, issuer: 'meshcentral'
};
if (domain.authstrategies.saml.disablerequestedauthncontext != null) { options.disableRequestedAuthnContext = domain.authstrategies.saml.disablerequestedauthncontext; }
parent.debug('web', 'Adding Intel SSO with options: ' + JSON.stringify(options));
if (typeof domain.authstrategies.intel.entityid == 'string') { options.issuer = domain.authstrategies.intel.entityid; }
options.cert = cert.toString().split('-----BEGIN CERTIFICATE-----').join('').split('-----END CERTIFICATE-----').join('');