allow configuring the certs through env vars instead of files

.jshintrc

@@ -34,6 +34,7 @@
     "beforeEach": false,
     "describe": false,
     "it": false,
-    "escape": false
+    "escape": false,
+    "WebSocket": true
   }
 }

connector-setup/steps/certificate.js

@@ -1,14 +1,15 @@
 var selfsigned  = require('selfsigned');
 var fs          = require('fs');
 var path        = require('path');
+var nconf = require('nconf');
 
 var fileNames = {
   pem: path.join(process.cwd(), 'certs', 'cert.pem'),
   key: path.join(process.cwd(), 'certs', 'cert.key')
 };
 
 module.exports = function (workingPath, info, cb) {
-  if (fs.existsSync(fileNames.key)) {
+  if (fs.existsSync(fileNames.key) || nconf.get('AUTH_CERT')) {
     console.log('Certificates already exist, skipping certificate generation.');
     return cb();
   }
@@ -21,7 +22,6 @@ module.exports = function (workingPath, info, cb) {
 
   console.log('Generating a self-signed certificate.'.yellow);
 
-  var selfsigned = require('selfsigned');
   var pems = selfsigned.generate({ subj: '/CN=' + info.connectionDomain , days: 365 });
 
   fs.writeFileSync(fileNames.pem, pems.cert);

connector-setup/steps/configureConnection.js

@@ -16,6 +16,10 @@ var pemToCert = function(pem) {
 };
 
 var getCurrentThumbprint = function (workingPath) {
+  if (nconf.get('AUTH_CERT')) {
+    return thumbprint.calculate(pemToCert(nconf.get('AUTH_CERT')));
+  }
+
   var cert = pemToCert(fs.readFileSync(path.join(workingPath, 'certs', 'cert.pem')).toString());
   return thumbprint.calculate(cert);
 };
@@ -25,7 +29,8 @@ module.exports = function (program, workingPath, connectionInfo, ticket, cb) {
                   ('http://' + os.hostname() + ':' + (nconf.get('PORT') || 4000));
 
   var signInEndpoint = urlJoin(serverUrl, '/wsfed');
-  var cert = pemToCert(fs.readFileSync(path.join(workingPath, 'certs', 'cert.pem')).toString());
+  var pem = nconf.get('AUTH_CERT') || fs.readFileSync(path.join(workingPath, 'certs', 'cert.pem')).toString();
+  var cert = pemToCert(pem);
 
   console.log(('Configuring connection ' + connectionInfo.connectionName + '.').yellow);
   console.log(' > Posting certificates and signInEndpoint: ' + signInEndpoint);

lib/wsfederation-responses.js

@@ -5,8 +5,8 @@ var xtend           = require('xtend');
 var cookieSessions  = require('cookie-sessions');
 
 var credentials = {
-  cert: fs.readFileSync(path.join(__dirname, '../certs/cert.pem')),
-  key:  fs.readFileSync(path.join(__dirname, '../certs/cert.key'))
+  cert: nconf.get('AUTH_CERT') || fs.readFileSync(path.join(__dirname, '../certs/cert.pem')),
+  key:  nconf.get('AUTH_CERT_KEY') ||  fs.readFileSync(path.join(__dirname, '../certs/cert.key'))
 };
 
 var nconf   = require('nconf');
@@ -54,7 +54,7 @@ exports.tokenDirect = function (req, res, next) {
       var realmPostURLs = nconf.get(wtrealm || nconf.get('REALM'));
       if (realmPostURLs) {
         realmPostURLs = realmPostURLs.split(',');
-        
+
         if (wreply && ~realmPostURLs.indexOf(wreply)) {
           return callback(null, wreply);
         }

ws_validator.js

@@ -10,8 +10,8 @@ var async = require('async');
 var randomstring = require('randomstring');
 
 var cert = {
-  key:  fs.readFileSync(__dirname + '/certs/cert.key'),
-  cert: fs.readFileSync(__dirname + '/certs/cert.pem')
+  key:  nconf.get('AUTH_CERT_KEY') || fs.readFileSync(__dirname + '/certs/cert.key'),
+  cert: nconf.get('AUTH_CERT') || fs.readFileSync(__dirname + '/certs/cert.pem')
 };
 
 var authenticate_when_password_expired = nconf.get('ALLOW_PASSWORD_EXPIRED');