fixed npm high security error

[zg3d]

Issue This PR Addresses

No Issue was created

Type of Change

• Bugfix: Change which fixes an issue
• New Feature: Change which adds functionality
• Documentation Update: Change which improves documentation
• UI: Change which improves UI

Description

While I was using docker and docker used npm install there was a high security issue as follows

I ran npm audit

and then I ran the fix and the issue was fixed which was updating passport-saml from 1.5.5 to 2.0.2

This update does not break our current saml login flow

Checklist

• Quality: This PR builds and passes our npm test and works locally
• Tests: This PR includes thorough tests or an explanation of why it does not
• Screenshots: This PR includes screenshots or GIFs of the changes made or an explanation of why it does not (if applicable)
• Documentation: This PR includes updated/added documentation to user exposed functionality or configuration variables are added/changed or an explanation of why it does not(if applicable)

[humphd]

Because this is a major version update, we need to assess that our authentication flow isn't broken by any of the changes they've made. Here is what has changed between releases:

node-saml/passport-saml@v1.3.5...v2.0.2

@zg3d can you try running the login container along with Telescope locally, and see if you can login? I can talk you through it on Slack if you like. I know that @jiyoungsin is doing similar testing in another PR, and we might be able to do it all together.

[humphd]

See https://github.com/Seneca-CDOT/telescope/blob/master/docs/login.md#running-an-sso-identity-provider for info on how this works. Once that container is running, Telescope should be able to do the SAML login flow.

[zg3d]

@humphd It allows me to login through the SAML login flow