From 85517060122a6ecbe76cf628f72b23d3e80a8bff Mon Sep 17 00:00:00 2001 From: Nahid Akbar Date: Tue, 11 Jun 2019 15:48:01 +1000 Subject: [PATCH 1/9] Add vanguard login mechanism --- magda-gateway/package.json | 1 + magda-gateway/src/buildApp.ts | 8 +- magda-gateway/src/createAuthRouter.ts | 15 +++ magda-gateway/src/missing.d.ts | 1 + magda-gateway/src/oauth2/vanguard.ts | 71 ++++++++++++ yarn.lock | 159 ++++++++++++++++++++++++-- 6 files changed, 246 insertions(+), 9 deletions(-) create mode 100644 magda-gateway/src/oauth2/vanguard.ts diff --git a/magda-gateway/package.json b/magda-gateway/package.json index 5010e8c08b..04f6e29d17 100644 --- a/magda-gateway/package.json +++ b/magda-gateway/package.json @@ -43,6 +43,7 @@ "passport-facebook": "^2.0.0", "passport-google-oauth20": "^1.0.0", "passport-local": "^1.0.0", + "passport-wsfed-saml2": "^3.0.17", "pg": "^6.4.0", "read-pkg-up": "^3.0.0", "request": "^2.88.0", diff --git a/magda-gateway/src/buildApp.ts b/magda-gateway/src/buildApp.ts index b11c7856e9..1c7c58afe0 100644 --- a/magda-gateway/src/buildApp.ts +++ b/magda-gateway/src/buildApp.ts @@ -68,6 +68,9 @@ type Config = { enableCkanRedirection?: boolean; ckanRedirectionDomain?: string; ckanRedirectionPath?: string; + vanguardWsFedIdpUrl?: string; + vanguardWsFedRealm?: string; + vanguardWsFedCertificate?: string; }; export default function buildApp(config: Config) { @@ -163,7 +166,10 @@ export default function buildApp(config: Config) { ckanUrl: config.ckanUrl, authorizationApi: config.authorizationApi, externalUrl: config.externalUrl, - userId: config.userId + userId: config.userId, + vanguardWsFedIdpUrl: config.vanguardWsFedIdpUrl, + vanguardWsFedRealm: config.vanguardWsFedRealm, + vanguardWsFedCertificate: config.vanguardWsFedCertificate }) ); } diff --git a/magda-gateway/src/createAuthRouter.ts b/magda-gateway/src/createAuthRouter.ts index 15ea7628e5..19dd1a34d0 100644 --- a/magda-gateway/src/createAuthRouter.ts +++ b/magda-gateway/src/createAuthRouter.ts @@ -18,6 +18,9 @@ export interface AuthRouterOptions { authorizationApi: string; externalUrl: string; userId: string; + vanguardWsFedIdpUrl: string; + vanguardWsFedRealm: string; + vanguardWsFedCertificate: string; } export default function createAuthRouter(options: AuthRouterOptions): Router { @@ -88,6 +91,18 @@ export default function createAuthRouter(options: AuthRouterOptions): Router { aafClientSecret: options.aafClientSecret, externalUrl: options.externalUrl }) + }, + { + id: "vanguard", + enabled: options.vanguardWsFedIdpUrl ? true : false, + authRouter: require("./oauth2/vanguard").default({ + authorizationApi: authApi, + passport: passport, + wsFedIdpUrl: options.vanguardWsFedIdpUrl, + wsFedRealm: options.vanguardWsFedRealm, + wsFedCertificate: options.vanguardWsFedCertificate, + externalAuthHome: `${options.externalUrl}/auth` + }) } ]; diff --git a/magda-gateway/src/missing.d.ts b/magda-gateway/src/missing.d.ts index 64279b9735..9a2999f5c2 100644 --- a/magda-gateway/src/missing.d.ts +++ b/magda-gateway/src/missing.d.ts @@ -1,3 +1,4 @@ // Declarations for third-party modules without a @types package. declare module "passport-google-oauth20"; declare module "passport-arcgis"; +declare module "passport-wsfed-saml2"; diff --git a/magda-gateway/src/oauth2/vanguard.ts b/magda-gateway/src/oauth2/vanguard.ts new file mode 100644 index 0000000000..f263fe618f --- /dev/null +++ b/magda-gateway/src/oauth2/vanguard.ts @@ -0,0 +1,71 @@ +import { Strategy } from "passport-wsfed-saml2"; + +import * as express from "express"; +import { Router } from "express"; +import { Authenticator, Profile } from "passport"; + +import ApiClient from "@magda/typescript-common/dist/authorization-api/ApiClient"; +import createOrGetUserToken from "../createOrGetUserToken"; +import { redirectOnSuccess } from "./redirect"; + +export interface VanguardOptions { + authorizationApi: ApiClient; + passport: Authenticator; + wsFedIdpUrl: string; + wsFedRealm: string; + wsFedCertificate: string; + externalAuthHome: string; +} + +const STRATEGY = "vanguard"; + +export default function vanguard(options: VanguardOptions) { + const authorizationApi = options.authorizationApi; + const passport = options.passport; + const wsFedIdpUrl = options.wsFedIdpUrl; + const wsFedRealm = options.wsFedRealm; + const wsFedCertificate = options.wsFedCertificate; + const externalAuthHome = options.externalAuthHome; + + // const loginBaseUrl = `${externalAuthHome}/login`; + + if (!wsFedIdpUrl || !wsFedRealm || !wsFedCertificate) { + return undefined; + } + + passport.use( + STRATEGY, + new Strategy( + { + identityProviderUrl: wsFedIdpUrl, + realm: wsFedRealm, + protocol: "wsfed", + cert: wsFedCertificate + }, + function(profile: Profile, cb: Function) { + createOrGetUserToken(authorizationApi, profile, "vanguard") + .then(userId => cb(null, userId)) + .catch(error => cb(error)); + } + ) + ); + + const router: Router = express.Router(); + + router.all("/", (req, res, next) => { + passport.authenticate(STRATEGY, {})(req, res, next); + }); + + router.all( + "/return", + passport.authenticate(STRATEGY, { + failureRedirect: "/", + failureFlash: true + }), + function(req, res) { + redirectOnSuccess(req.query.redirect || externalAuthHome, req, res); + } + ); + + return router; +} diff --git a/yarn.lock b/yarn.lock index 2ffaf4fb63..b7b7e93dea 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3045,7 +3045,7 @@ async@^1.4.0, async@^1.5.0, async@^1.5.2: resolved "https://registry.yarnpkg.com/async/-/async-1.5.2.tgz#ec6a61ae56480c0c3cb241c95618e20892f9672a" integrity sha1-7GphrlZIDAw8skHJVhjiCJL5Zyo= -async@^2.0.0, async@^2.0.1, async@^2.1.2, async@^2.1.4, async@^2.4.1, async@^2.6.0, async@^2.6.1: +async@^2.0.0, async@^2.0.1, async@^2.1.2, async@^2.1.4, async@^2.1.5, async@^2.4.1, async@^2.6.0, async@^2.6.1: version "2.6.2" resolved "https://registry.yarnpkg.com/async/-/async-2.6.2.tgz#18330ea7e6e313887f5d2f2a904bac6fe4dd5381" integrity sha512-H1qVYh1MYhEEFLsP97cVKqCGo7KfCyTt6uEWqsTBr9SO84oK9Uwbyd/yCW+6rKJLHksBNUVWZDAjfS+Ccx0Bbg== @@ -6399,7 +6399,7 @@ cross-spawn@^4: lru-cache "^4.0.1" which "^1.2.9" -cryptiles@0.2.x: +cryptiles@0.2.x, cryptiles@~0.2.2: version "0.2.2" resolved "https://registry.yarnpkg.com/cryptiles/-/cryptiles-0.2.2.tgz#ed91ff1f17ad13d3748288594f8a48a0d26f325c" integrity sha1-7ZH/HxetE9N0gohZT4pIoNJvMlw= @@ -7628,7 +7628,12 @@ ee-first@1.1.1: resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d" integrity sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0= -ejs@^2.3.3, ejs@^2.5.2, ejs@^2.6.1: +ejs@2.5.5: + version "2.5.5" + resolved "https://registry.yarnpkg.com/ejs/-/ejs-2.5.5.tgz#6ef4e954ea7dcf54f66aad2fe7aa421932d9ed77" + integrity sha1-bvTpVOp9z1T2aq0v56pCGTLZ7Xc= + +ejs@^2.3.3, ejs@^2.5.2, ejs@^2.5.6, ejs@^2.6.1: version "2.6.1" resolved "https://registry.yarnpkg.com/ejs/-/ejs-2.6.1.tgz#498ec0d495655abc6f23cd61868d926464071aa0" integrity sha512-0xy4A/twfrRCnkhfk8ErDi5DqdAsAqeGxht4xkCUrsvhhbQNs7E+4jV0CN7+NKIY0aHE72+XvqtBIXzD31ZbXQ== @@ -9118,6 +9123,11 @@ for-own@^1.0.0: dependencies: for-in "^1.0.1" +foreach@~2.0.1: + version "2.0.5" + resolved "https://registry.yarnpkg.com/foreach/-/foreach-2.0.5.tgz#0bee005018aeb260d0a3af3ae658dd0136ec1b99" + integrity sha1-C+4AUBiusmDQo6865ljdATbsG5k= + foreachasync@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/foreachasync/-/foreachasync-3.0.0.tgz#5502987dc8714be3392097f32e0071c9dee07cf6" @@ -10785,7 +10795,7 @@ indexes-of@^1.0.1: resolved "https://registry.yarnpkg.com/indexes-of/-/indexes-of-1.0.1.tgz#f30f716c8e2bd346c7b67d3df3915566a7c05607" integrity sha1-8w9xbI4r00bHtn0985FVZqfAVgc= -indexof@0.0.1: +indexof@0.0.1, indexof@~0.0.1: version "0.0.1" resolved "https://registry.yarnpkg.com/indexof/-/indexof-0.0.1.tgz#82dc336d232b9062179d05ab3293a66059fd435d" integrity sha1-gtwzbSMrkGIXnQWrMpOmYFn9Q10= @@ -11248,6 +11258,11 @@ is-obj@^1.0.0, is-obj@^1.0.1: resolved "https://registry.yarnpkg.com/is-obj/-/is-obj-1.0.1.tgz#3e4729ac1f5fde025cd7d83a896dab9f4f67db0f" integrity sha1-PkcprB9f3gJc19g6iW2rn09n2w8= +is-object@~0.1.2: + version "0.1.2" + resolved "https://registry.yarnpkg.com/is-object/-/is-object-0.1.2.tgz#00efbc08816c33cfc4ac8251d132e10dc65098d7" + integrity sha1-AO+8CIFsM8/ErIJR0TLhDcZQmNc= + is-path-cwd@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/is-path-cwd/-/is-path-cwd-1.0.0.tgz#d225ec23132e89edd38fda767472e62e65f1106d" @@ -11420,6 +11435,11 @@ is-wsl@^1.1.0: resolved "https://registry.yarnpkg.com/is-wsl/-/is-wsl-1.1.0.tgz#1f16e4aa22b04d1336b66188a66af3c600c3a66d" integrity sha1-HxbkqiKwTRM2tmGIpmrzxgDDpm0= +is@~0.2.6: + version "0.2.7" + resolved "https://registry.yarnpkg.com/is/-/is-0.2.7.tgz#3b34a2c48f359972f35042849193ae7264b63562" + integrity sha1-OzSixI81mXLzUEKEkZOucmS2NWI= + isarray@0.0.1: version "0.0.1" resolved "https://registry.yarnpkg.com/isarray/-/isarray-0.0.1.tgz#8a18acfca9a8f4177e09abfc6038939b05d1eedf" @@ -12348,6 +12368,13 @@ jsonwebtoken@^8.4.0: ms "^2.1.1" semver "^5.6.0" +jsonwebtoken@~5.0.4: + version "5.0.5" + resolved "https://registry.yarnpkg.com/jsonwebtoken/-/jsonwebtoken-5.0.5.tgz#6592cc05ee03dd5ad9e03a910911a4da79afe0f8" + integrity sha1-ZZLMBe4D3VrZ4DqRCRGk2nmv4Pg= + dependencies: + jws "^3.0.0" + jsprim@^1.2.2: version "1.4.1" resolved "https://registry.yarnpkg.com/jsprim/-/jsprim-1.4.1.tgz#313e66bc1e5cc06e438bc1b7499c2e5c56acb6a2" @@ -12414,7 +12441,7 @@ jwa@^1.4.1: ecdsa-sig-formatter "1.0.11" safe-buffer "^5.0.1" -jws@^3.2.2: +jws@^3.0.0, jws@^3.2.2: version "3.2.2" resolved "https://registry.yarnpkg.com/jws/-/jws-3.2.2.tgz#001099f3639468c9414000e99995fa52fb478304" integrity sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA== @@ -13991,6 +14018,11 @@ mute-stream@0.0.7: resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.7.tgz#3075ce93bc21b8fab43e1bc4da7e8115ed1e7bab" integrity sha1-MHXOk7whuPq0PhvE2n6BFe0ee6s= +nan@2.2.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/nan/-/nan-2.2.0.tgz#779c07135629503cf6a7b7e6aab33049b3c3853c" + integrity sha1-d5wHE1YpUDz2p7fmqrMwSbPDhTw= + nan@^2.10.0, nan@^2.9.2: version "2.13.2" resolved "https://registry.yarnpkg.com/nan/-/nan-2.13.2.tgz#f51dc7ae66ba7d5d55e1e6d4d8092e802c9aefe7" @@ -14162,6 +14194,11 @@ node-forge@0.7.5: resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-0.7.5.tgz#6c152c345ce11c52f465c2abd957e8639cd674df" integrity sha512-MmbQJ2MTESTjt3Gi/3yG1wGpIMhUfcIypUCGtTizFR9IiccFwxSpfp0vtIZlkFclEqERemxfnSdZEMR9VqqEFQ== +node-forge@^0.7.0: + version "0.7.6" + resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-0.7.6.tgz#fdf3b418aee1f94f0ef642cd63486c77ca9724ac" + integrity sha512-sol30LUpz1jQFBjOKwbjxijiE3b6pjd74YwfD0fJOKPjF+fONKb2Yg8rYgS6+bK6VDl+/wfr4IYpC7jDzLUIfw== + node-gyp@^3.8.0: version "3.8.0" resolved "https://registry.yarnpkg.com/node-gyp/-/node-gyp-3.8.0.tgz#540304261c330e80d0d5edce253a68cb3964218c" @@ -14547,6 +14584,15 @@ object-keys@^1.0.11, object-keys@^1.0.12: resolved "https://registry.yarnpkg.com/object-keys/-/object-keys-1.1.0.tgz#11bd22348dd2e096a045ab06f6c85bcc340fa032" integrity sha512-6OO5X1+2tYkNyNEx6TsCxEqFfRWaqx6EtMiSbGrw8Ob8v9Ne+Hl8rBAgLBZn5wjEz3s/s6U1WXFUFOcxxAwUpg== +object-keys@~0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/object-keys/-/object-keys-0.2.0.tgz#cddec02998b091be42bf1035ae32e49f1cb6ea67" + integrity sha1-zd7AKZiwkb5CvxA1rjLknxy26mc= + dependencies: + foreach "~2.0.1" + indexof "~0.0.1" + is "~0.2.6" + object-path@^0.11.4: version "0.11.4" resolved "https://registry.yarnpkg.com/object-path/-/object-path-0.11.4.tgz#370ae752fbf37de3ea70a861c23bba8915691949" @@ -15140,11 +15186,30 @@ passport-oauth@1.0.0: passport-oauth1 "1.x.x" passport-oauth2 "1.x.x" -passport-strategy@1.x.x: +passport-strategy@1.x.x, passport-strategy@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/passport-strategy/-/passport-strategy-1.0.0.tgz#b5539aa8fc225a3d1ad179476ddf236b440f52e4" integrity sha1-tVOaqPwiWj0a0XlHbd8ja0QPUuQ= +passport-wsfed-saml2@^3.0.17: + version "3.0.17" + resolved "https://registry.yarnpkg.com/passport-wsfed-saml2/-/passport-wsfed-saml2-3.0.17.tgz#8f3611b0a2ab945fd57e85eddf82720d764aefac" + integrity sha512-2vRIoO0V9BRac/CxTi3ry4ddvnoEAVQ9o3G7RdVV77gbgyNOpXOZb2IT4YWOv0+DQLIMJioqUXDkQZzCYFqVxQ== + dependencies: + cryptiles "~0.2.2" + ejs "2.5.5" + jsonwebtoken "~5.0.4" + passport-strategy "^1.0.0" + uid2 "0.0.x" + valid-url "^1.0.9" + x509 auth0/node-x509#v0.3.3-auth0 + xml-crypto auth0/xml-crypto#fix-digest + xml-encryption "0.11.0" + xml2js "0.1.x" + xmldom auth0/xmldom#v0.1.19-auth0_1 + xpath "0.0.5" + xtend "~2.0.3" + passport@^0.2.2: version "0.2.2" resolved "https://registry.yarnpkg.com/passport/-/passport-0.2.2.tgz#9c38f17beb929f3d81af7b8838e8430db8703f2b" @@ -18811,7 +18876,7 @@ sax@1.2.1: resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.1.tgz#7b8e656190b228e81a66aea748480d828cd2d37a" integrity sha1-e45lYZCyKOgaZq6nSEgNgozS03o= -sax@>=0.6.0, sax@^1.2.4, sax@~1.2.1, sax@~1.2.4: +sax@>=0.1.1, sax@>=0.6.0, sax@^1.2.4, sax@~1.2.1, sax@~1.2.4: version "1.2.4" resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.4.tgz#2816234e2378bddc4e5354fab5caa895df7100d9" integrity sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw== @@ -20275,6 +20340,16 @@ table@^5.0.2, table@^5.2.3: slice-ansi "^2.1.0" string-width "^3.0.0" +table@^5.3.3: + version "5.4.0" + resolved "https://registry.yarnpkg.com/table/-/table-5.4.0.tgz#d772a3216e68829920a41a32c18eda286c95d780" + integrity sha512-nHFDrxmbrkU7JAFKqKbDJXfzrX2UBsWmrieXFTGxiI5e4ncg3VqsZeI4EzNmX0ncp4XNGVeoxIWJXfCIXwrsvw== + dependencies: + ajv "^6.9.1" + lodash "^4.17.11" + slice-ansi "^2.1.0" + string-width "^3.0.0" + taffydb@2.6.2: version "2.6.2" resolved "https://registry.yarnpkg.com/taffydb/-/taffydb-2.6.2.tgz#7cbcb64b5a141b6a2efc2c5d2c67b4e150b2a268" @@ -21622,6 +21697,11 @@ v8flags@^3.0.0: dependencies: homedir-polyfill "^1.0.1" +valid-url@^1.0.9: + version "1.0.9" + resolved "https://registry.yarnpkg.com/valid-url/-/valid-url-1.0.9.tgz#1c14479b40f1397a75782f115e4086447433a200" + integrity sha1-HBRHm0DxOXp1eC8RXkCGRHQzogA= + validate-npm-package-license@^3.0.1: version "3.0.4" resolved "https://registry.yarnpkg.com/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz#fc91f6b9c7ba15c857f4cb2c5defeec39d4f410a" @@ -22455,6 +22535,12 @@ x-xss-protection@1.1.0: resolved "https://registry.yarnpkg.com/x-xss-protection/-/x-xss-protection-1.1.0.tgz#4f1898c332deb1e7f2be1280efb3e2c53d69c1a7" integrity sha512-rx3GzJlgEeZ08MIcDsU2vY2B1QEriUKJTSiNHHUIem6eg9pzVOr2TL3Y4Pd6TMAM5D5azGjcxqI62piITBDHVg== +"x509@github:auth0/node-x509#v0.3.3-auth0": + version "0.3.3" + resolved "https://codeload.github.com/auth0/node-x509/tar.gz/d7e6c43f890cdeec3e82f0751e66858553f7124a" + dependencies: + nan "2.2.0" + xdg-basedir@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/xdg-basedir/-/xdg-basedir-3.0.0.tgz#496b2cc109eca8dbacfe2dc72b603c17c5870ad4" @@ -22473,11 +22559,36 @@ xlsx@^0.14.0: exit-on-epipe "~1.0.1" ssf "~0.10.2" +"xml-crypto@github:auth0/xml-crypto#fix-digest": + version "0.10.1" + resolved "https://codeload.github.com/auth0/xml-crypto/tar.gz/65fa1e22c5884e45135d0bacccb99ad11e900bf1" + dependencies: + xmldom "=0.1.19" + xpath.js ">=0.0.3" + +xml-encryption@0.11.0: + version "0.11.0" + resolved "https://registry.yarnpkg.com/xml-encryption/-/xml-encryption-0.11.0.tgz#458c2cb7d0300ff62d304c74eb3ded08ca97456b" + integrity sha1-RYwst9AwD/YtMEx06z3tCMqXRWs= + dependencies: + async "^2.1.5" + ejs "^2.5.6" + node-forge "^0.7.0" + xmldom "~0.1.15" + xpath "0.0.24" + xml-name-validator@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/xml-name-validator/-/xml-name-validator-3.0.0.tgz#6ae73e06de4d8c6e47f9fb181f78d648ad457c6a" integrity sha512-A5CUptxDsvxKJEU3yO6DuWBSJz/qizqzJKOMIfUJHETbBw/sFaDxgd6fxm1ewUaM0jZ444Fc5vC5ROYurg/4Pw== +xml2js@0.1.x: + version "0.1.14" + resolved "https://registry.yarnpkg.com/xml2js/-/xml2js-0.1.14.tgz#5274e67f5a64c5f92974cd85139e0332adc6b90c" + integrity sha1-UnTmf1pkxfkpdM2FE54DMq3GuQw= + dependencies: + sax ">=0.1.1" + xml2js@0.4.19, xml2js@^0.4.17, xml2js@^0.4.19: version "0.4.19" resolved "https://registry.yarnpkg.com/xml2js/-/xml2js-0.4.19.tgz#686c20f213209e94abf0d1bcf1efaa291c7827a7" @@ -22506,16 +22617,40 @@ xmlcreate@^1.0.1: resolved "https://registry.yarnpkg.com/xmlcreate/-/xmlcreate-1.0.2.tgz#fa6bf762a60a413fb3dd8f4b03c5b269238d308f" integrity sha1-+mv3YqYKQT+z3Y9LA8WyaSONMI8= -xmldom@^0.1.27, xmldom@~0.1.19: +xmldom@=0.1.19: + version "0.1.19" + resolved "https://registry.yarnpkg.com/xmldom/-/xmldom-0.1.19.tgz#631fc07776efd84118bf25171b37ed4d075a0abc" + integrity sha1-Yx/Ad3bv2EEYvyUXGzftTQdaCrw= + +xmldom@^0.1.27, xmldom@~0.1.15, xmldom@~0.1.19: version "0.1.27" resolved "https://registry.yarnpkg.com/xmldom/-/xmldom-0.1.27.tgz#d501f97b3bdb403af8ef9ecc20573187aadac0e9" integrity sha1-1QH5ezvbQDr4757MIFcxh6rawOk= +"xmldom@github:auth0/xmldom#v0.1.19-auth0_1": + version "0.1.19" + resolved "https://codeload.github.com/auth0/xmldom/tar.gz/3376bc7beb5551bf68e12b0cc6b0e3669f77d392" + xmlhttprequest-ssl@~1.5.4: version "1.5.5" resolved "https://registry.yarnpkg.com/xmlhttprequest-ssl/-/xmlhttprequest-ssl-1.5.5.tgz#c2876b06168aadc40e57d97e81191ac8f4398b3e" integrity sha1-wodrBhaKrcQOV9l+gRkayPQ5iz4= +xpath.js@>=0.0.3: + version "1.1.0" + resolved "https://registry.yarnpkg.com/xpath.js/-/xpath.js-1.1.0.tgz#3816a44ed4bb352091083d002a383dd5104a5ff1" + integrity sha512-jg+qkfS4K8E7965sqaUl8mRngXiKb3WZGfONgE18pr03FUQiuSV6G+Ej4tS55B+rIQSFEIw3phdVAQ4pPqNWfQ== + +xpath@0.0.24: + version "0.0.24" + resolved "https://registry.yarnpkg.com/xpath/-/xpath-0.0.24.tgz#1ade162e1cc523c8d39fc7d06afc16ea216f29fb" + integrity sha1-Gt4WLhzFI8jTn8fQavwW6iFvKfs= + +xpath@0.0.5: + version "0.0.5" + resolved "https://registry.yarnpkg.com/xpath/-/xpath-0.0.5.tgz#454036f6ef0f3df5af5d4ba4a119fb75674b3e6c" + integrity sha1-RUA29u8PPfWvXUukoRn7dWdLPmw= + xregexp@2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/xregexp/-/xregexp-2.0.0.tgz#52a63e56ca0b84a7f3a5f3d61872f126ad7a5943" @@ -22531,6 +22666,14 @@ xregexp@4.0.0: resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.1.tgz#a5c6d532be656e23db820efb943a1f04998d63af" integrity sha1-pcbVMr5lbiPbgg77lDofBJmNY68= +xtend@~2.0.3: + version "2.0.6" + resolved "https://registry.yarnpkg.com/xtend/-/xtend-2.0.6.tgz#5ea657a6dba447069c2e59c58a1138cb0c5e6cee" + integrity sha1-XqZXptukRwacLlnFihE4ywxebO4= + dependencies: + is-object "~0.1.2" + object-keys "~0.2.0" + y18n@^3.2.0, y18n@^3.2.1: version "3.2.1" resolved "https://registry.yarnpkg.com/y18n/-/y18n-3.2.1.tgz#6d15fba884c08679c0d77e88e7759e811e07fa41" From ae55be353d968440f1d3609615e1c15cd40c0502 Mon Sep 17 00:00:00 2001 From: Nahid Akbar Date: Tue, 11 Jun 2019 15:52:59 +1000 Subject: [PATCH 2/9] Client side update --- magda-gateway/views/login.ejs | 1 + .../src/Components/Account/AccountLoginPage.js | 12 ++++++++++++ 2 files changed, 13 insertions(+) diff --git a/magda-gateway/views/login.ejs b/magda-gateway/views/login.ejs index 29691f3abe..6c8a050f2a 100755 --- a/magda-gateway/views/login.ejs +++ b/magda-gateway/views/login.ejs @@ -2,3 +2,4 @@ Log In with Google Log In with ArcGIS Log In with CKAN +Log In with Vanguard diff --git a/magda-web-client/src/Components/Account/AccountLoginPage.js b/magda-web-client/src/Components/Account/AccountLoginPage.js index 238680a1c7..eee9b24d06 100644 --- a/magda-web-client/src/Components/Account/AccountLoginPage.js +++ b/magda-web-client/src/Components/Account/AccountLoginPage.js @@ -85,6 +85,18 @@ export default function Login(props) { )} + {props.providers.indexOf("vanguard") !== -1 && ( +
  • + + logo + Vanguard + +
    • + )} {props.providers.indexOf("ckan") !== -1 && ( From c91401fad3fc1ee008352107a151d2225c29ad1d Mon Sep 17 00:00:00 2001 From: Nahid Akbar Date: Tue, 11 Jun 2019 16:17:06 +1000 Subject: [PATCH 3/9] adding node gyp dependecies for xml verification library xml crypto's dependency x509 --- magda-builder-nodejs/Dockerfile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/magda-builder-nodejs/Dockerfile b/magda-builder-nodejs/Dockerfile index c4290451e2..b2cb749e79 100644 --- a/magda-builder-nodejs/Dockerfile +++ b/magda-builder-nodejs/Dockerfile @@ -2,6 +2,7 @@ FROM mhart/alpine-node:8 RUN npm install -g lerna -RUN apk --update add git openssh bash && \ +RUN apk --update add git openssh bash \ + python make g++ && \ rm -rf /var/lib/apt/lists/* && \ - rm /var/cache/apk/* \ No newline at end of file + rm /var/cache/apk/* From 5295b5e2e14a9f6195633438a064f3d2a1459f74 Mon Sep 17 00:00:00 2001 From: Nahid Akbar Date: Wed, 12 Jun 2019 13:14:55 +1000 Subject: [PATCH 4/9] Align node versions so native modules work across build and production environments --- magda-gateway/Dockerfile | 2 +- magda-gateway/src/index.ts | 24 ++++++++++++++++++++++++ 2 files changed, 25 insertions(+), 1 deletion(-) diff --git a/magda-gateway/Dockerfile b/magda-gateway/Dockerfile index 965152cdc6..9745c321a4 100644 --- a/magda-gateway/Dockerfile +++ b/magda-gateway/Dockerfile @@ -1,4 +1,4 @@ -FROM node:10 +FROM mhart/alpine-node:8 RUN mkdir -p /usr/src/app COPY . /usr/src/app diff --git a/magda-gateway/src/index.ts b/magda-gateway/src/index.ts index 697f860c8a..3b59058c34 100755 --- a/magda-gateway/src/index.ts +++ b/magda-gateway/src/index.ts @@ -136,6 +136,30 @@ const argv = addJwtSecretFromEnvVar( process.env.ARCGIS_CLIENT_SECRET || process.env.npm_package_config_arcgisClientSecret }) + .option("vanguardWsFedCertificate", { + describe: + "The certificate to use for Vanguard WS-FED Login. This can also be specified with the VANGUARD_CERTIFICATE environment variable.", + type: "string", + default: + process.env.VANGUARD_CERTIFICATE || + process.env.npm_package_config_vanguardCertificate + }) + .option("vanguardWsFedIdpUrl", { + describe: + "Vanguard integration entry point. Can also be specified in VANGUARD_URL environment variable.", + type: "string", + default: + process.env.VANGUARD_URL || + process.env.npm_package_config_vanguardUrl + }) + .option("vanguardWsFedRealm", { + describe: + "Vanguard realm id for entry point. Can also be specified in VANGUARD_REALM environment variable.", + type: "string", + default: + process.env.VANGUARD_REALM || + process.env.npm_package_config_vanguardRealm + }) .option("aafClientUri", { describe: "The aaf client Uri to use for AAF Auth.", type: "string", From 198055cd23bad61367cc020fe5c2183f11b26895 Mon Sep 17 00:00:00 2001 From: Nahid Akbar Date: Wed, 12 Jun 2019 13:22:44 +1000 Subject: [PATCH 5/9] link up deployment --- deploy/helm/magda-dev.yml | 2 ++ .../helm/magda/charts/gateway/templates/deployment.yaml | 8 ++++++++ 2 files changed, 10 insertions(+) diff --git a/deploy/helm/magda-dev.yml b/deploy/helm/magda-dev.yml index 4aa09cf3b0..aec76c273b 100644 --- a/deploy/helm/magda-dev.yml +++ b/deploy/helm/magda-dev.yml @@ -33,6 +33,8 @@ gateway: arcgisClientId: "d0MgVUbbg5Z6vmWo" googleClientId: "275237095477-f7ej2gsvbl2alb8bcqcn7r5jk0ur719p.apps.googleusercontent.com" ckanAuthenticationUrl: https://data.gov.au/data + vanguardWsFedIdpUrl: https://thirdparty.authentication.business.gov.au/fas/v2/wsfed12/authenticate + vanguardWsFedRealm: https://environment.magda.io/integration-test-2 cors: credentials: true origin: true diff --git a/deploy/helm/magda/charts/gateway/templates/deployment.yaml b/deploy/helm/magda/charts/gateway/templates/deployment.yaml index cb01153d16..221f9214d7 100644 --- a/deploy/helm/magda/charts/gateway/templates/deployment.yaml +++ b/deploy/helm/magda/charts/gateway/templates/deployment.yaml @@ -124,6 +124,14 @@ spec: key: facebook-client-secret optional: true {{- end }} +{{- if .Values.auth.vanguardWsFedRealm }} + - name: VANGUARD_CERTIFICATE + valueFrom: + secretKeyRef: + name: oauth-secrets + key: vanguard-certificate + optional: true +{{- end }} {{- if .Values.auth.arcgisClientId }} - name: ARCGIS_CLIENT_SECRET valueFrom: From d754b33500ab2fcf1afb276ab550adb4e4fdbdb8 Mon Sep 17 00:00:00 2001 From: Nahid Akbar Date: Wed, 12 Jun 2019 17:06:41 +1000 Subject: [PATCH 6/9] Translate some fields to what other passport modules produce --- deploy/helm/magda-dev.yml | 2 -- .../charts/gateway/templates/deployment.yaml | 9 ++++++++ deploy/helm/preview.yml | 2 ++ magda-gateway/src/createOrGetUserToken.ts | 1 + magda-gateway/src/oauth2/vanguard.ts | 21 +++++++++++++++++-- 5 files changed, 31 insertions(+), 4 deletions(-) diff --git a/deploy/helm/magda-dev.yml b/deploy/helm/magda-dev.yml index aec76c273b..4aa09cf3b0 100644 --- a/deploy/helm/magda-dev.yml +++ b/deploy/helm/magda-dev.yml @@ -33,8 +33,6 @@ gateway: arcgisClientId: "d0MgVUbbg5Z6vmWo" googleClientId: "275237095477-f7ej2gsvbl2alb8bcqcn7r5jk0ur719p.apps.googleusercontent.com" ckanAuthenticationUrl: https://data.gov.au/data - vanguardWsFedIdpUrl: https://thirdparty.authentication.business.gov.au/fas/v2/wsfed12/authenticate - vanguardWsFedRealm: https://environment.magda.io/integration-test-2 cors: credentials: true origin: true diff --git a/deploy/helm/magda/charts/gateway/templates/deployment.yaml b/deploy/helm/magda/charts/gateway/templates/deployment.yaml index 221f9214d7..ac601f23b3 100644 --- a/deploy/helm/magda/charts/gateway/templates/deployment.yaml +++ b/deploy/helm/magda/charts/gateway/templates/deployment.yaml @@ -45,6 +45,15 @@ spec: {{- if .Values.auth.aafClientUri}} "--aafClientUri", {{ .Values.auth.aafClientUri| quote }}, {{- end }} +{{- if .Values.auth.googleClientId }} + "--googleClientId", {{ .Values.auth.googleClientId | quote }}, +{{- end }} +{{- if .Values.auth.vanguardWsFedIdpUrl }} + "--vanguardWsFedIdpUrl", {{ .Values.auth.vanguardWsFedIdpUrl | quote }}, +{{- end }} +{{- if .Values.auth.vanguardWsFedRealm }} + "--vanguardWsFedRealm", {{ .Values.auth.vanguardWsFedRealm | quote }}, +{{- end }} {{- if .Values.enableAuthEndpoint }} "--enableAuthEndpoint", {{ .Values.enableAuthEndpoint | quote }}, {{- end }} diff --git a/deploy/helm/preview.yml b/deploy/helm/preview.yml index ab5d01bd37..3f4c116491 100644 --- a/deploy/helm/preview.yml +++ b/deploy/helm/preview.yml @@ -24,6 +24,8 @@ gateway: arcgisClientId: "d0MgVUbbg5Z6vmWo" googleClientId: "275237095477-f7ej2gsvbl2alb8bcqcn7r5jk0ur719p.apps.googleusercontent.com" ckanAuthenticationUrl: https://data.gov.au/data + vanguardWsFedIdpUrl: https://thirdparty.authentication.business.gov.au/fas/v2/wsfed12/authenticate + vanguardWsFedRealm: https://environment.magda.io/integration-test-2 autoscaler: enabled: false helmet: diff --git a/magda-gateway/src/createOrGetUserToken.ts b/magda-gateway/src/createOrGetUserToken.ts index 0127d4faff..57d34449d2 100644 --- a/magda-gateway/src/createOrGetUserToken.ts +++ b/magda-gateway/src/createOrGetUserToken.ts @@ -10,6 +10,7 @@ export default function createOrGetUserToken( profile: passport.Profile, source: string ): Promise { + console.log("USER", profileToUser(profile, source)); return authApi.lookupUser(source, profile.id).then(maybe => maybe.caseOf({ just: user => Promise.resolve(userToUserToken(user)), diff --git a/magda-gateway/src/oauth2/vanguard.ts b/magda-gateway/src/oauth2/vanguard.ts index f263fe618f..2ca815717e 100644 --- a/magda-gateway/src/oauth2/vanguard.ts +++ b/magda-gateway/src/oauth2/vanguard.ts @@ -2,7 +2,7 @@ import { Strategy } from "passport-wsfed-saml2"; import * as express from "express"; import { Router } from "express"; -import { Authenticator, Profile } from "passport"; +import { Authenticator } from "passport"; import ApiClient from "@magda/typescript-common/dist/authorization-api/ApiClient"; import createOrGetUserToken from "../createOrGetUserToken"; @@ -42,7 +42,24 @@ export default function vanguard(options: VanguardOptions) { protocol: "wsfed", cert: wsFedCertificate }, - function(profile: Profile, cb: Function) { + function(profile: any, cb: Function) { + const email = + profile[ + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" + ]; + const displayName = + profile[ + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" + ] || email; + const id = + profile[ + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" + ]; + profile = Object.assign(profile, { + emails: [{ value: email }], + displayName, + id + }); createOrGetUserToken(authorizationApi, profile, "vanguard") .then(userId => cb(null, userId)) .catch(error => cb(error)); From 3859144a45bd71acda849ab243513603169c103e Mon Sep 17 00:00:00 2001 From: Nahid Akbar Date: Thu, 13 Jun 2019 11:27:38 +1000 Subject: [PATCH 7/9] Update changelog --- CHANGES.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGES.md b/CHANGES.md index d9100fd1fe..ed913804e5 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -49,6 +49,7 @@ UI: Gateway: - Add ArcGIS/ESRI Authentication provider +- Add Vanguard (WS-FED) Authentication provider Access Control: From 93406805d384540f767d433b221dc445168a4370 Mon Sep 17 00:00:00 2001 From: Nahid Akbar Date: Thu, 13 Jun 2019 15:01:28 +1000 Subject: [PATCH 8/9] pr feedback changes --- magda-gateway/src/createOrGetUserToken.ts | 1 - magda-gateway/src/oauth2/vanguard.ts | 2 -- 2 files changed, 3 deletions(-) diff --git a/magda-gateway/src/createOrGetUserToken.ts b/magda-gateway/src/createOrGetUserToken.ts index 57d34449d2..0127d4faff 100644 --- a/magda-gateway/src/createOrGetUserToken.ts +++ b/magda-gateway/src/createOrGetUserToken.ts @@ -10,7 +10,6 @@ export default function createOrGetUserToken( profile: passport.Profile, source: string ): Promise { - console.log("USER", profileToUser(profile, source)); return authApi.lookupUser(source, profile.id).then(maybe => maybe.caseOf({ just: user => Promise.resolve(userToUserToken(user)), diff --git a/magda-gateway/src/oauth2/vanguard.ts b/magda-gateway/src/oauth2/vanguard.ts index 2ca815717e..32e23ddc7d 100644 --- a/magda-gateway/src/oauth2/vanguard.ts +++ b/magda-gateway/src/oauth2/vanguard.ts @@ -27,8 +27,6 @@ export default function vanguard(options: VanguardOptions) { const wsFedCertificate = options.wsFedCertificate; const externalAuthHome = options.externalAuthHome; - // const loginBaseUrl = `${externalAuthHome}/login`; - if (!wsFedIdpUrl || !wsFedRealm || !wsFedCertificate) { return undefined; } From 1c041d499e88547d5e28c77bc122755756120524 Mon Sep 17 00:00:00 2001 From: Alex Gilleran Date: Mon, 24 Jun 2019 15:09:28 +1000 Subject: [PATCH 9/9] Changed to fork version of passport-wsfed-saml2 --- magda-gateway/Dockerfile | 2 +- magda-gateway/package.json | 2 +- yarn.lock | 47 ++++++++++++++++++++++---------------- 3 files changed, 29 insertions(+), 22 deletions(-) diff --git a/magda-gateway/Dockerfile b/magda-gateway/Dockerfile index 9745c321a4..965152cdc6 100644 --- a/magda-gateway/Dockerfile +++ b/magda-gateway/Dockerfile @@ -1,4 +1,4 @@ -FROM mhart/alpine-node:8 +FROM node:10 RUN mkdir -p /usr/src/app COPY . /usr/src/app diff --git a/magda-gateway/package.json b/magda-gateway/package.json index 04f6e29d17..1f44fc2f18 100644 --- a/magda-gateway/package.json +++ b/magda-gateway/package.json @@ -43,7 +43,7 @@ "passport-facebook": "^2.0.0", "passport-google-oauth20": "^1.0.0", "passport-local": "^1.0.0", - "passport-wsfed-saml2": "^3.0.17", + "passport-wsfed-saml2": "https://github.com/magda-io/passport-wsfed-saml2", "pg": "^6.4.0", "read-pkg-up": "^3.0.0", "request": "^2.88.0", diff --git a/yarn.lock b/yarn.lock index b7b7e93dea..b3224302b5 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4578,6 +4578,13 @@ boom@2.x.x: dependencies: hoek "2.x.x" +boom@7.x.x: + version "7.3.0" + resolved "https://registry.yarnpkg.com/boom/-/boom-7.3.0.tgz#733a6d956d33b0b1999da3fe6c12996950d017b9" + integrity sha512-Swpoyi2t5+GhOEGw8rEsKvTxFLIDiiKoUc2gsoV6Lyr43LHBIzch3k2MvYUs8RTROrIkVJ3Al0TkaOGjnb+B6A== + dependencies: + hoek "6.x.x" + bowser@^1.0.0, bowser@^1.7.3: version "1.9.4" resolved "https://registry.yarnpkg.com/bowser/-/bowser-1.9.4.tgz#890c58a2813a9d3243704334fa81b96a5c150c9a" @@ -6399,7 +6406,7 @@ cross-spawn@^4: lru-cache "^4.0.1" which "^1.2.9" -cryptiles@0.2.x, cryptiles@~0.2.2: +cryptiles@0.2.x: version "0.2.2" resolved "https://registry.yarnpkg.com/cryptiles/-/cryptiles-0.2.2.tgz#ed91ff1f17ad13d3748288594f8a48a0d26f325c" integrity sha1-7ZH/HxetE9N0gohZT4pIoNJvMlw= @@ -6413,6 +6420,13 @@ cryptiles@2.x.x: dependencies: boom "2.x.x" +cryptiles@~4.1.3: + version "4.1.3" + resolved "https://registry.yarnpkg.com/cryptiles/-/cryptiles-4.1.3.tgz#2461d3390ea0b82c643a6ba79f0ed491b0934c25" + integrity sha512-gT9nyTMSUC1JnziQpPbxKGBbUg8VL7Zn2NB4E1cJYvuXdElHrwxrV9bmltZGDzet45zSDGyYceueke1TjynGzw== + dependencies: + boom "7.x.x" + crypto-browserify@^3.11.0: version "3.12.0" resolved "https://registry.yarnpkg.com/crypto-browserify/-/crypto-browserify-3.12.0.tgz#396cf9f3137f03e4b8e532c58f698254e00f80ec" @@ -10299,6 +10313,11 @@ hoek@4.x.x: resolved "https://registry.yarnpkg.com/hoek/-/hoek-4.2.1.tgz#9634502aa12c445dd5a7c5734b572bb8738aacbb" integrity sha512-QLg82fGkfnJ/4iy1xZ81/9SIJiq1NGFUMGs6ParyjBZr6jW2Ufj/snDqTHixNlHdPNwN2RLVD0Pi3igeK9+JfA== +hoek@6.x.x: + version "6.1.3" + resolved "https://registry.yarnpkg.com/hoek/-/hoek-6.1.3.tgz#73b7d33952e01fe27a38b0457294b79dd8da242c" + integrity sha512-YXXAAhmF9zpQbC7LEcREFtXfGq5K1fmd+4PHkBq8NUqmzW3G+Dq10bI/i0KucLRwss3YYFQ0fSfoxBZYiGUqtQ== + hoist-non-react-statics@1.x.x, hoist-non-react-statics@^1.2.0: version "1.2.0" resolved "https://registry.yarnpkg.com/hoist-non-react-statics/-/hoist-non-react-statics-1.2.0.tgz#aa448cf0986d55cc40773b17174b7dd066cb7cfb" @@ -14018,11 +14037,6 @@ mute-stream@0.0.7: resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.7.tgz#3075ce93bc21b8fab43e1bc4da7e8115ed1e7bab" integrity sha1-MHXOk7whuPq0PhvE2n6BFe0ee6s= -nan@2.2.0: - version "2.2.0" - resolved "https://registry.yarnpkg.com/nan/-/nan-2.2.0.tgz#779c07135629503cf6a7b7e6aab33049b3c3853c" - integrity sha1-d5wHE1YpUDz2p7fmqrMwSbPDhTw= - nan@^2.10.0, nan@^2.9.2: version "2.13.2" resolved "https://registry.yarnpkg.com/nan/-/nan-2.13.2.tgz#f51dc7ae66ba7d5d55e1e6d4d8092e802c9aefe7" @@ -14194,7 +14208,7 @@ node-forge@0.7.5: resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-0.7.5.tgz#6c152c345ce11c52f465c2abd957e8639cd674df" integrity sha512-MmbQJ2MTESTjt3Gi/3yG1wGpIMhUfcIypUCGtTizFR9IiccFwxSpfp0vtIZlkFclEqERemxfnSdZEMR9VqqEFQ== -node-forge@^0.7.0: +node-forge@^0.7.0, node-forge@^0.7.6: version "0.7.6" resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-0.7.6.tgz#fdf3b418aee1f94f0ef642cd63486c77ca9724ac" integrity sha512-sol30LUpz1jQFBjOKwbjxijiE3b6pjd74YwfD0fJOKPjF+fONKb2Yg8rYgS6+bK6VDl+/wfr4IYpC7jDzLUIfw== @@ -15191,18 +15205,17 @@ passport-strategy@1.x.x, passport-strategy@^1.0.0: resolved "https://registry.yarnpkg.com/passport-strategy/-/passport-strategy-1.0.0.tgz#b5539aa8fc225a3d1ad179476ddf236b440f52e4" integrity sha1-tVOaqPwiWj0a0XlHbd8ja0QPUuQ= -passport-wsfed-saml2@^3.0.17: +"passport-wsfed-saml2@https://github.com/magda-io/passport-wsfed-saml2": version "3.0.17" - resolved "https://registry.yarnpkg.com/passport-wsfed-saml2/-/passport-wsfed-saml2-3.0.17.tgz#8f3611b0a2ab945fd57e85eddf82720d764aefac" - integrity sha512-2vRIoO0V9BRac/CxTi3ry4ddvnoEAVQ9o3G7RdVV77gbgyNOpXOZb2IT4YWOv0+DQLIMJioqUXDkQZzCYFqVxQ== + resolved "https://github.com/magda-io/passport-wsfed-saml2#9bc671057215ccce21ab1507bf18c6fb975ead6a" dependencies: - cryptiles "~0.2.2" + cryptiles "~4.1.3" ejs "2.5.5" jsonwebtoken "~5.0.4" + node-forge "^0.7.6" passport-strategy "^1.0.0" uid2 "0.0.x" valid-url "^1.0.9" - x509 auth0/node-x509#v0.3.3-auth0 xml-crypto auth0/xml-crypto#fix-digest xml-encryption "0.11.0" xml2js "0.1.x" @@ -22535,12 +22548,6 @@ x-xss-protection@1.1.0: resolved "https://registry.yarnpkg.com/x-xss-protection/-/x-xss-protection-1.1.0.tgz#4f1898c332deb1e7f2be1280efb3e2c53d69c1a7" integrity sha512-rx3GzJlgEeZ08MIcDsU2vY2B1QEriUKJTSiNHHUIem6eg9pzVOr2TL3Y4Pd6TMAM5D5azGjcxqI62piITBDHVg== -"x509@github:auth0/node-x509#v0.3.3-auth0": - version "0.3.3" - resolved "https://codeload.github.com/auth0/node-x509/tar.gz/d7e6c43f890cdeec3e82f0751e66858553f7124a" - dependencies: - nan "2.2.0" - xdg-basedir@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/xdg-basedir/-/xdg-basedir-3.0.0.tgz#496b2cc109eca8dbacfe2dc72b603c17c5870ad4" @@ -22559,7 +22566,7 @@ xlsx@^0.14.0: exit-on-epipe "~1.0.1" ssf "~0.10.2" -"xml-crypto@github:auth0/xml-crypto#fix-digest": +xml-crypto@auth0/xml-crypto#fix-digest: version "0.10.1" resolved "https://codeload.github.com/auth0/xml-crypto/tar.gz/65fa1e22c5884e45135d0bacccb99ad11e900bf1" dependencies: @@ -22627,7 +22634,7 @@ xmldom@^0.1.27, xmldom@~0.1.15, xmldom@~0.1.19: resolved "https://registry.yarnpkg.com/xmldom/-/xmldom-0.1.27.tgz#d501f97b3bdb403af8ef9ecc20573187aadac0e9" integrity sha1-1QH5ezvbQDr4757MIFcxh6rawOk= -"xmldom@github:auth0/xmldom#v0.1.19-auth0_1": +xmldom@auth0/xmldom#v0.1.19-auth0_1: version "0.1.19" resolved "https://codeload.github.com/auth0/xmldom/tar.gz/3376bc7beb5551bf68e12b0cc6b0e3669f77d392"