mirrors/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-05-17 00:24:43 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(saml): change SAML attribute default, verify that a NameID is defined

Browse source 
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This commit is contained in:
Erik Michelson 2025-02-14 02:39:58 +01:00
parent 1a5030dbc1
commit fb6218ed82
4 changed files with 33 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

9
lib/web/auth/saml/index.js
View file

@ -56,14 +56,15 @@ passport.use(
}
// user creation
const uuid = user[config.saml.attribute.id] || user.nameID
if (!uuid) {
logger.error('saml auth failed: id not found')
return done('Permission denied', null)
}
const profile = {
provider: 'saml',
id: 'SAML-' + uuid,
username: user[config.saml.attribute.username] || user.nameID,
emails: user[config.saml.attribute.email] ? [user[config.saml.attribute.email]] : []
}
if (profile.emails.length === 0 && config.saml.identifierFormat === 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress') {
profile.emails.push(user.nameID)
emails: user[config.saml.attribute.email] ? [user[config.saml.attribute.email]] : config.saml.identifierFormat === 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress' ? [user.nameID] : []
}
const stringifiedProfile = JSON.stringify(profile)
models.User.findOrCreate({