GithubHelp home page GithubHelp logo

alexzxela / express-saml2 Goto Github PK

View Code? Open in Web Editor NEW

This project forked from beameio/express-saml2

0.0 2.0 0.0 4.63 MB

๐Ÿ”’ Node.js API for Single Sign On (SAML 2.0)

Home Page: https://express-saml2.js.org

License: MIT License

JavaScript 100.00%

express-saml2's Introduction

express-saml2 ยท Build Status npm version Join the chat at https://gitter.im/tngan/express-saml2

High-level API for Single Sign On (SAML 2.0)

Description

This module provides high-level API for scalable Single Sign On (SSO) implementation. Developers can easily configure the Service Providers and Identity Providers by importing the corresponding metadata. SAML2.0 provides a standard guide but leaves a lot of options, so we provide a simple interface that's highly configurable.

Installation

To install the stable version

$ npm install express-saml2

Integrations

Get Started

var saml = require('express-saml2');

See full documentation here

Support algorithms

Signature algorithms

Data encryption algorithms

Key encryption algorithms

Demo

In the /examples folder, there are three entities (1 IdP and 2 SPs). They are at port 3001, 4002 and 4003.

Without using Single Sign On, users have to remember several pairs of username/password in order to log into different internal applications.

normal-login

SAML proposes two ways to initiate Single Sign On, they are respectively Service Provider Initiated SSO and Identity Provider Initiated SSO. In SP-initated SSO, the user attempts to access SP but their federated identity is authenticated by IdP, so they first have to log on IdP, then IdP sends back a SAML assertion response to SP, and finally SP creates a session to user in order to access the resources.

spinit-sso

In the approach of IdP-initated SSO, IdP provides links which refers to the resources in service providers. In this use case, users don't need to visit SP first.

idpinit-sso

IdP-initiated Single Logout is also provided and relied on relay state. IdP provides a link refers to the single logout endpoints in one of those participated service providers (SP1). The selected SP sends back a logout response to IdP with relay state which is the logout endpoint URL of next participated service provider (SP2), user finally log out IdP when all participated SP is logged out.

idpinit-slo

Talks

An introduction to Single Sign On

License

MIT

Copyright

Copyright (C) 2016-2017 Tony Ngan, released under the MIT License.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.