Skip to content
/ shibboleth Public

JavaScript package for accessing authentication items from Shibboleth

License

MIT license
3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

UVASOMIT/shibboleth

BranchesTags

Repository files navigation

Shibboleth Node.JS Package

JavaScript package for accessing authentication items from Shibboleth.

Installation

To install the package:

npm install @uvasomit/shibboleth --save

Usage (TypeScript)

Restify

To use this as Restify middleware:

const { shibboleth } = require('@uvasomit/shibboleth');

const app = express();
const server = new http.Server(app);

app.use(shibboleth);

The middleware will look to see if the http_shibsessionid header or the x-iisnode-http_shibsessionid header is present. If so, the middleware passes, and moves to the next middleware. If not, the middleware will look for an environment variable called SHIBBOLETHURL. This URL should be the login/authentication URL without the query string. It will append ?target= to the end of it, and then redirect the user to the Shibboleth authentication URL with the target set to the currently requested page.

When it returns the headers should be present, and the middleware will pass. To get the authenticated user, check your headers for the apprioriate item, such as http_uid or logon_user. This will depend on your setup.

You can also get the user via the user helper:

const { getUserAuth, shibboleth } = require('@uvasomit/shibboleth');

You can then call:

const userID = getUserAuth(req);

This accepts a Restify or Express request object, and by default will return one of the following (in this order):

  • http_uid
  • http_pubcookie_user
  • logon_user
  • x-iisnode-http_uid
  • x-iisnode-http_pubcookie_user
  • x-iisnode-login_user

You can also check explicitly for a different set of headers via:

const headers = ['header_to_check'];
const userID = getUserAuth(req, headers);

Manual Process

If you don't want to use the middleware, you can import the Shibboleth class:

const { Shibboleth } = require('@uvasomit/shibboleth');

const shib = new Shibboleth(process.env.SHIBBOLETHURL);

Once you have the class instantiated, you have access to several methods:

  • shib.hasShibSessionInfo(req, headers)

In the above headers is optional, and is a string array of Shibboleth session headers to look for in order to verify that the request has a Shibboleth session.

  • shib.shouldRedirect(req)
  • shib.redirect(req, next)

In the above, next is for Restify only, and is what is passed through via the shibboleth() middleware.

About

JavaScript package for accessing authentication items from Shibboleth

Topics

authentication shibboleth

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

3 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors 2

  •  
  •  

Languages