hapi-saml2 is a hapi.js plugin, it uses node-saml library to provide Single Sign On using SAML protocol
This plugin based on node-saml and was originally inspired by hapi-saml-sso.
Check the documentation of the repository for options
documentation
hapi-saml2 version | dependency version |
---|---|
4.0.5 - 4.0.7 | @node-saml/[email protected] |
4.0.3 - 4.0.4 | @node-saml/[email protected] |
3.2.2 - 3.2.2 | [email protected] |
3.2.0 - 3.2.1 | [email protected] |
2.2.0 - 2.2.0 | [email protected] |
2.0.2 - 2.0.3 | [email protected] |
1.3.5 - 1.3.8 | [email protected] |
hapi-saml2 version | hapi.js supported version |
---|---|
1.0.0 - latest | v18 - v21 |
0.0.1 - 0.0.5 | v17 |
Add hapi-saml2
to your project:
npm install hapi-saml2 --save
Register the plugin and configure it with the options:
const Hapi = require('@hapi/hapi')
const server = Hapi.server({
port: 3000,
host: 'localhost'
})
const init = async () => {
await server.register({
plugin: require('hapi-saml2'),
options: {
getSAMLOptions: (request) => {}, // required. should return options for `node-saml`
login: async (request, identifier, user) => {}, // required. should return true if user is authenticated and authenticate user based on identifier (Profile.nameID is used),
// or return an object { success: Boolean, errorMessage: String } to sent an error message to postResponseValidationErrorHandler(if implemented)
logout: async (request) => {}, // required. should logout the user on the app
apiPrefix: '/saml', // prefix for added routes
redirectUrlAfterSuccess: '/', // url to redirect to after successful login
redirectUrlAfterFailure: '/', // url to redirect to after failed login
boomErrorForMissingConfiguration: Boom.badImplementation('SAML instance is not configured'), // Boom error to throw on missing configuration error
boomErrorForIncorrectConfiguration: Boom.badImplementation('SAML configuration is incorrect'), // Boom error to throw on incorrect configuration error
postResponseValidationErrorHandler: async ({ request, h, e }) => { return h.redirect('/errorPage') } // function to handle Post Response validation errors
}
})
await server.start()
}
init()
The plugin provides the following SSO API:
GET /saml/metadata.xml
GET /saml/login
GET /saml/logout
POST /saml/callback
They can be configured with apiPrefix
option.
First, install the following dev-dependencies:
yarn add -D @hapi/hapi
yarn add -D @hapi/boom
Then run yarn test
.