MyFavMirrors
/
MeshCentral
mirror of https://github.com/Ylianst/MeshCentral.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added SAML disableRequestedAuthnContext

This commit is contained in:
Ylian Saint-Hilaire 2020-05-28 17:03:40 -07:00
parent 45d0d7d173
commit c4a580a211
3 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
sample-config-advanced.json
View File

@ -209,6 +209,7 @@
}, },
"saml": { "saml": {
"_callbackurl": "https://server/auth-saml-callback", "_callbackurl": "https://server/auth-saml-callback",
"_disableRequestedAuthnContext": true,
"newAccounts": true, "newAccounts": true,
"_newAccountsUserGroups": [ "ugrp//xxxxxxxxxxxxxxxxx" ], "_newAccountsUserGroups": [ "ugrp//xxxxxxxxxxxxxxxxx" ],
"entityid": "meshcentral", "entityid": "meshcentral",

2
webserver.js
View File

@ -4541,6 +4541,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
path: (typeof domain.authstrategies.saml.callbackurl == 'string') ? domain.authstrategies.saml.callbackurl : (url + 'auth-saml-callback'), path: (typeof domain.authstrategies.saml.callbackurl == 'string') ? domain.authstrategies.saml.callbackurl : (url + 'auth-saml-callback'),
entryPoint: domain.authstrategies.saml.idpurl, issuer: 'meshcentral' entryPoint: domain.authstrategies.saml.idpurl, issuer: 'meshcentral'
}; };
if (domain.authstrategies.saml.disablerequestedauthncontext != null) { options.disableRequestedAuthnContext = domain.authstrategies.saml.disablerequestedauthncontext; }
parent.debug('web', 'Adding SAML SSO with options: ' + JSON.stringify(options)); parent.debug('web', 'Adding SAML SSO with options: ' + JSON.stringify(options));
if (typeof domain.authstrategies.saml.entityid == 'string') { options.issuer = domain.authstrategies.saml.entityid; } if (typeof domain.authstrategies.saml.entityid == 'string') { options.issuer = domain.authstrategies.saml.entityid; }
options.cert = cert.toString().split('-----BEGIN CERTIFICATE-----').join('').split('-----END CERTIFICATE-----').join(''); options.cert = cert.toString().split('-----BEGIN CERTIFICATE-----').join('').split('-----END CERTIFICATE-----').join('');
@ -4582,6 +4583,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
path: (typeof domain.authstrategies.intel.callbackurl == 'string') ? domain.authstrategies.intel.callbackurl : (url + 'auth-intel-callback'), path: (typeof domain.authstrategies.intel.callbackurl == 'string') ? domain.authstrategies.intel.callbackurl : (url + 'auth-intel-callback'),
entryPoint: domain.authstrategies.intel.idpurl, issuer: 'meshcentral' entryPoint: domain.authstrategies.intel.idpurl, issuer: 'meshcentral'
}; };
if (domain.authstrategies.saml.disablerequestedauthncontext != null) { options.disableRequestedAuthnContext = domain.authstrategies.saml.disablerequestedauthncontext; }
parent.debug('web', 'Adding Intel SSO with options: ' + JSON.stringify(options)); parent.debug('web', 'Adding Intel SSO with options: ' + JSON.stringify(options));
if (typeof domain.authstrategies.intel.entityid == 'string') { options.issuer = domain.authstrategies.intel.entityid; } if (typeof domain.authstrategies.intel.entityid == 'string') { options.issuer = domain.authstrategies.intel.entityid; }
options.cert = cert.toString().split('-----BEGIN CERTIFICATE-----').join('').split('-----END CERTIFICATE-----').join(''); options.cert = cert.toString().split('-----BEGIN CERTIFICATE-----').join('').split('-----END CERTIFICATE-----').join('');