mirror of
https://github.com/netzbegruenung/meteor-accounts-saml.git
synced 2024-05-05 21:33:40 +02:00
tuned the examples
This commit is contained in:
parent
826fe5e0d1
commit
09ff550409
|
@ -9,7 +9,7 @@ SAML v2 login support for existing password based accounts
|
|||
|
||||
For OpenIDP, see the example app `example-openidp` and http://accounts-saml-example.meteor.com/ for a demo.
|
||||
|
||||
For OpenAM, see the example app `example-openam`.
|
||||
For OpenAM, see the example app `openam-example`.
|
||||
|
||||
## Important Notes
|
||||
|
||||
|
|
|
@ -1,48 +0,0 @@
|
|||
Meteor.startup(function () {
|
||||
var initialBoot = false;
|
||||
//
|
||||
var adminUserA = Meteor.users.findOne({
|
||||
"emails.address": "ida.zimt@gmail.com"
|
||||
});
|
||||
|
||||
var adminUserB = Meteor.users.findOne({
|
||||
"emails.address": "steffo.weber@gmail.com"
|
||||
});
|
||||
if (initialBoot && !(adminUserA)) {
|
||||
console.log("Will create new root user A - ENABLED. Please change code in config.js, Line 7");
|
||||
Accounts.createUser({
|
||||
email: "ida.zimt@gmail.com",
|
||||
password: "password",
|
||||
username: "Ida Zimt",
|
||||
profile: ""
|
||||
});
|
||||
adminUserA = Meteor.users.findOne({
|
||||
"emails.address": "ida.zimt@gmail.comm"
|
||||
});
|
||||
}
|
||||
|
||||
if (initialBoot && !(adminUserB)) {
|
||||
console.log("Will create new root user B - ENABLED. Please change code in config.js, Line 7");
|
||||
Accounts.createUser({
|
||||
email: "steffo.weber@gmail.com",
|
||||
password: "password",
|
||||
username: "Steffo (Feide Test Account)",
|
||||
profile: ""
|
||||
});
|
||||
adminUserB = Meteor.users.findOne({
|
||||
"emails.address": "steffo.weber@gmail.com"
|
||||
});
|
||||
}
|
||||
|
||||
for (i = 0; i < Meteor.settings.saml.length; i++) {
|
||||
// privateCert is weird name, I know.
|
||||
if (Meteor.settings.saml[i].privateKeyFile && Meteor.settings.saml[i].publicCertFile) {
|
||||
console.log("Set keys/certs for " + Meteor.settings.saml[i].provider);
|
||||
Meteor.settings.saml[i].privateCert = Assets.getText(Meteor.settings.saml[i].publicCertFile);
|
||||
Meteor.settings.saml[i].privateKey = Assets.getText(Meteor.settings.saml[i].privateKeyFile);
|
||||
} else {
|
||||
console.log("No keys/certs found for " + Meteor.settings.saml[i].provider);
|
||||
}
|
||||
}
|
||||
|
||||
});
|
36
openidp-example/example-openidp.html
Executable file
36
openidp-example/example-openidp.html
Executable file
|
@ -0,0 +1,36 @@
|
|||
<head>
|
||||
<title>accounts-saml-example-openidp</title>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
{{>samlDemo}}
|
||||
</body>
|
||||
|
||||
<template name="samlDemo">
|
||||
{{loginButtons}}
|
||||
|
||||
<br>
|
||||
|
||||
{{#unless currentUser}}
|
||||
<a href="#" class="saml-login" data-provider="openidp">Log in with OpenIDP</a>
|
||||
{{/unless}}
|
||||
|
||||
<hr>
|
||||
|
||||
<h2>Step 1</h2>
|
||||
Create a password based account.
|
||||
|
||||
<h2>Step 2</h2>
|
||||
Sign out / log out. You should see both the login buttons control 'Sign In' and the custom saml login link 'Log in with OpenIDP'
|
||||
|
||||
<h2>Step 3</h2>
|
||||
Create OpenIDP account if you don't already have one with same email address as the password account. https://openidp.feide.no/
|
||||
|
||||
<h2>Step 4</h2>
|
||||
Click the link 'Log in with OpenIDP'. In the pop up window, log in with your OpenIDP credentials.
|
||||
|
||||
<h2>Step 5</h2>
|
||||
If all goes well, the popup should close by itself. You should now be logged in just as if you had typed in your username and password.
|
||||
|
||||
|
||||
</template>
|
13
openidp-example/example-openidp.js
Executable file
13
openidp-example/example-openidp.js
Executable file
|
@ -0,0 +1,13 @@
|
|||
if (Meteor.isClient) {
|
||||
Template.samlDemo.events({
|
||||
'click .saml-login': function(event, template){
|
||||
event.preventDefault();
|
||||
var provider = $(event.target).data('provider');
|
||||
Meteor.loginWithSaml({
|
||||
provider:provider
|
||||
}, function(error, result){
|
||||
//handle errors and result
|
||||
});
|
||||
}
|
||||
});
|
||||
}
|
3
openidp-example/private/certs/mycert.pem
Executable file
3
openidp-example/private/certs/mycert.pem
Executable file
|
@ -0,0 +1,3 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
paste your cert here
|
||||
-----END CERTIFICATE-----
|
3
openidp-example/private/certs/mykey.pem
Executable file
3
openidp-example/private/certs/mykey.pem
Executable file
|
@ -0,0 +1,3 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
paste pem encoded priv key here
|
||||
-----END RSA PRIVATE KEY-----
|
34
openidp-example/server/config.js
Normal file
34
openidp-example/server/config.js
Normal file
|
@ -0,0 +1,34 @@
|
|||
Meteor.startup(function () {
|
||||
var initialBoot = false;
|
||||
// Change Fred Fredsen for your Google/OpenAM user
|
||||
|
||||
|
||||
var user = Meteor.users.findOne({
|
||||
"emails.address": "fred.fredsen@gmail.com"
|
||||
});
|
||||
if (initialBoot && !(user)) {
|
||||
console.log("Will create new root user - ENABLED. Please change code in config.js, Line 7");
|
||||
Accounts.createUser({
|
||||
email: "fred.fredsen@gmail.com",
|
||||
password: "password",
|
||||
username: "Fred Fredsen",
|
||||
profile: ""
|
||||
});
|
||||
adminUser = Meteor.users.findOne({
|
||||
"emails.address": "fred.fredsen@gmail.com"
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
for (i = 0; i < Meteor.settings.saml.length; i++) {
|
||||
// privateCert is weird name, I know. spCert is better one. Will need to refactor
|
||||
if (Meteor.settings.saml[i].privateKeyFile && Meteor.settings.saml[i].publicCertFile) {
|
||||
console.log("Set keys/certs for " + Meteor.settings.saml[i].provider);
|
||||
Meteor.settings.saml[i].privateCert = Assets.getText(Meteor.settings.saml[i].publicCertFile);
|
||||
Meteor.settings.saml[i].privateKey = Assets.getText(Meteor.settings.saml[i].privateKeyFile);
|
||||
} else {
|
||||
console.log("No keys/certs found for " + Meteor.settings.saml[i].provider);
|
||||
}
|
||||
}
|
||||
|
||||
});
|
43
openidp-example/server/lib/settings.js
Normal file
43
openidp-example/server/lib/settings.js
Normal file
|
@ -0,0 +1,43 @@
|
|||
// server/lib, are the first things that's loaded when the server is started
|
||||
|
||||
var settings = {}
|
||||
settings.galaxy = {
|
||||
"saml": [{
|
||||
"provider": "forgerock",
|
||||
"entryPoint": "http://id.init8.net:8080/openam/SSORedirect/metaAlias/zimt/idp",
|
||||
"logoutUrl": "http://id.init8.net:8080/openam/IDPSloInit?metaAlias=/zimt/idp&binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
|
||||
"idpSLORedirectURL": "http://id.init8.net:8080/openam/IDPSloRedirect/metaAlias/zimt/idp",
|
||||
"issuer": "http://shiva.meteor.com",
|
||||
"cert": "MIICQDCCAakCBEeNB0swDQYJKoZIhvcNAQEEBQAwZzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFDASBgNVBAcTC1NhbnRhIENsYXJhMQwwCgYDVQQKEwNTdW4xEDAOBgNVBAsTB09wZW5TU08xDTALBgNVBAMTBHRlc3QwHhcNMDgwMTE1MTkxOTM5WhcNMTgwMTEyMTkxOTM5WjBnMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEUMBIGA1UEBxMLU2FudGEgQ2xhcmExDDAKBgNVBAoTA1N1bjEQMA4GA1UECxMHT3BlblNTTzENMAsGA1UEAxMEdGVzdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArSQc/U75GB2AtKhbGS5piiLkmJzqEsp64rDxbMJ+xDrye0EN/q1U5Of+RkDsaN/igkAvV1cuXEgTL6RlafFPcUX7QxDhZBhsYF9pbwtMzi4A4su9hnxIhURebGEmxKW9qJNYJs0Vo5+IgjxuEWnjnnVgHTs1+mq5QYTA7E6ZyL8CAwEAATANBgkqhkiG9w0BAQQFAAOBgQB3Pw/UQzPKTPTYi9upbFXlrAKMwtFf2OW4yvGWWvlcwcNSZJmTJ8ARvVYOMEVNbsT4OFcfu2/PeYoAdiDAcGy/F2Zuj8XJJpuQRSE6PtQqBuDEHjjmOQJ0rV/r8mO1ZCtHRhpZ5zYRjhRC9eCbjx9VrFax0JDC/FfwWigmrW0Y0Q==",
|
||||
"privateKeyFile": "certs/mykey.pem",
|
||||
"publicCertFile": "certs/mycert.pem"
|
||||
},
|
||||
{
|
||||
"provider": "openidp",
|
||||
"entryPoint": "https://openidp.feide.no/simplesaml/saml2/idp/SSOService.php",
|
||||
"issuer": "http://shiva.meteor.com/",
|
||||
"cert": "MIICizCCAfQCCQCY8tKaMc0BMjANBgkqhkiG9w0BAQUFADCBiTELMAkGA1UEBhMCTk8xEjAQBgNVBAgTCVRyb25kaGVpbTEQMA4GA1UEChMHVU5JTkVUVDEOMAwGA1UECxMFRmVpZGUxGTAXBgNVBAMTEG9wZW5pZHAuZmVpZGUubm8xKTAnBgkqhkiG9w0BCQEWGmFuZHJlYXMuc29sYmVyZ0B1bmluZXR0Lm5vMB4XDTA4MDUwODA5MjI0OFoXDTM1MDkyMzA5MjI0OFowgYkxCzAJBgNVBAYTAk5PMRIwEAYDVQQIEwlUcm9uZGhlaW0xEDAOBgNVBAoTB1VOSU5FVFQxDjAMBgNVBAsTBUZlaWRlMRkwFwYDVQQDExBvcGVuaWRwLmZlaWRlLm5vMSkwJwYJKoZIhvcNAQkBFhphbmRyZWFzLnNvbGJlcmdAdW5pbmV0dC5ubzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAt8jLoqI1VTlxAZ2axiDIThWcAOXdu8KkVUWaN/SooO9O0QQ7KRUjSGKN9JK65AFRDXQkWPAu4HlnO4noYlFSLnYyDxI66LCr71x4lgFJjqLeAvB/GqBqFfIZ3YK/NrhnUqFwZu63nLrZjcUZxNaPjOOSRSDaXpv1kb5k3jOiSGECAwEAATANBgkqhkiG9w0BAQUFAAOBgQBQYj4cAafWaYfjBU2zi1ElwStIaJ5nyp/s/8B8SAPK2T79McMyccP3wSW13LHkmM1jwKe3ACFXBvqGQN0IbcH49hu0FKhYFM/GPDJcIHFBsiyMBXChpye9vBaTNEBCtU3KjjyG0hRT2mAQ9h+bkPmOvlEo/aH0xR68Z9hw4PF13w=="
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
settings.localhost = {
|
||||
"saml": [{
|
||||
"provider": "forgerock",
|
||||
"entryPoint": "http://id.init8.net:8080/openam/SSORedirect/metaAlias/zimt/idp",
|
||||
"idpSLORedirectURL": "http://id.init8.net:8080/openam/IDPSloRedirect/metaAlias/zimt/idp",
|
||||
"issuer": "http://shiva.init8.net:3000/",
|
||||
"cert": "MIICQDCCAakCBEeNB0swDQYJKoZIhvcNAQEEBQAwZzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFDASBgNVBAcTC1NhbnRhIENsYXJhMQwwCgYDVQQKEwNTdW4xEDAOBgNVBAsTB09wZW5TU08xDTALBgNVBAMTBHRlc3QwHhcNMDgwMTE1MTkxOTM5WhcNMTgwMTEyMTkxOTM5WjBnMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEUMBIGA1UEBxMLU2FudGEgQ2xhcmExDDAKBgNVBAoTA1N1bjEQMA4GA1UECxMHT3BlblNTTzENMAsGA1UEAxMEdGVzdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArSQc/U75GB2AtKhbGS5piiLkmJzqEsp64rDxbMJ+xDrye0EN/q1U5Of+RkDsaN/igkAvV1cuXEgTL6RlafFPcUX7QxDhZBhsYF9pbwtMzi4A4su9hnxIhURebGEmxKW9qJNYJs0Vo5+IgjxuEWnjnnVgHTs1+mq5QYTA7E6ZyL8CAwEAATANBgkqhkiG9w0BAQQFAAOBgQB3Pw/UQzPKTPTYi9upbFXlrAKMwtFf2OW4yvGWWvlcwcNSZJmTJ8ARvVYOMEVNbsT4OFcfu2/PeYoAdiDAcGy/F2Zuj8XJJpuQRSE6PtQqBuDEHjjmOQJ0rV/r8mO1ZCtHRhpZ5zYRjhRC9eCbjx9VrFax0JDC/FfwWigmrW0Y0Q==",
|
||||
"privateKeyFile": "certs/mykey.pem",
|
||||
"publicCertFile": "certs/mycert.pem"
|
||||
},
|
||||
{
|
||||
"provider": "openidp",
|
||||
"entryPoint": "https://openidp.feide.no/simplesaml/saml2/idp/SSOService.php",
|
||||
"issuer": "http://shiva.meteor.com/",
|
||||
"cert": "MIICizCCAfQCCQCY8tKaMc0BMjANBgkqhkiG9w0BAQUFADCBiTELMAkGA1UEBhMCTk8xEjAQBgNVBAgTCVRyb25kaGVpbTEQMA4GA1UEChMHVU5JTkVUVDEOMAwGA1UECxMFRmVpZGUxGTAXBgNVBAMTEG9wZW5pZHAuZmVpZGUubm8xKTAnBgkqhkiG9w0BCQEWGmFuZHJlYXMuc29sYmVyZ0B1bmluZXR0Lm5vMB4XDTA4MDUwODA5MjI0OFoXDTM1MDkyMzA5MjI0OFowgYkxCzAJBgNVBAYTAk5PMRIwEAYDVQQIEwlUcm9uZGhlaW0xEDAOBgNVBAoTB1VOSU5FVFQxDjAMBgNVBAsTBUZlaWRlMRkwFwYDVQQDExBvcGVuaWRwLmZlaWRlLm5vMSkwJwYJKoZIhvcNAQkBFhphbmRyZWFzLnNvbGJlcmdAdW5pbmV0dC5ubzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAt8jLoqI1VTlxAZ2axiDIThWcAOXdu8KkVUWaN/SooO9O0QQ7KRUjSGKN9JK65AFRDXQkWPAu4HlnO4noYlFSLnYyDxI66LCr71x4lgFJjqLeAvB/GqBqFfIZ3YK/NrhnUqFwZu63nLrZjcUZxNaPjOOSRSDaXpv1kb5k3jOiSGECAwEAATANBgkqhkiG9w0BAQUFAAOBgQBQYj4cAafWaYfjBU2zi1ElwStIaJ5nyp/s/8B8SAPK2T79McMyccP3wSW13LHkmM1jwKe3ACFXBvqGQN0IbcH49hu0FKhYFM/GPDJcIHFBsiyMBXChpye9vBaTNEBCtU3KjjyG0hRT2mAQ9h+bkPmOvlEo/aH0xR68Z9hw4PF13w=="
|
||||
}
|
||||
]
|
||||
}
|
||||
Meteor.settings = settings.localhost;
|
||||
Meteor.settings.debug = true;
|
8
openidp-example/settings.json
Executable file
8
openidp-example/settings.json
Executable file
|
@ -0,0 +1,8 @@
|
|||
{
|
||||
"saml":[{
|
||||
"provider":"openidp",
|
||||
"entryPoint":"https://openidp.feide.no/simplesaml/saml2/idp/SSOService.php",
|
||||
"issuer": "https://accounts-saml-example.meteor.com/",
|
||||
"cert":"MIICizCCAfQCCQCY8tKaMc0BMjANBgkqhkiG9w0BAQUFADCBiTELMAkGA1UEBhMCTk8xEjAQBgNVBAgTCVRyb25kaGVpbTEQMA4GA1UEChMHVU5JTkVUVDEOMAwGA1UECxMFRmVpZGUxGTAXBgNVBAMTEG9wZW5pZHAuZmVpZGUubm8xKTAnBgkqhkiG9w0BCQEWGmFuZHJlYXMuc29sYmVyZ0B1bmluZXR0Lm5vMB4XDTA4MDUwODA5MjI0OFoXDTM1MDkyMzA5MjI0OFowgYkxCzAJBgNVBAYTAk5PMRIwEAYDVQQIEwlUcm9uZGhlaW0xEDAOBgNVBAoTB1VOSU5FVFQxDjAMBgNVBAsTBUZlaWRlMRkwFwYDVQQDExBvcGVuaWRwLmZlaWRlLm5vMSkwJwYJKoZIhvcNAQkBFhphbmRyZWFzLnNvbGJlcmdAdW5pbmV0dC5ubzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAt8jLoqI1VTlxAZ2axiDIThWcAOXdu8KkVUWaN/SooO9O0QQ7KRUjSGKN9JK65AFRDXQkWPAu4HlnO4noYlFSLnYyDxI66LCr71x4lgFJjqLeAvB/GqBqFfIZ3YK/NrhnUqFwZu63nLrZjcUZxNaPjOOSRSDaXpv1kb5k3jOiSGECAwEAATANBgkqhkiG9w0BAQUFAAOBgQBQYj4cAafWaYfjBU2zi1ElwStIaJ5nyp/s/8B8SAPK2T79McMyccP3wSW13LHkmM1jwKe3ACFXBvqGQN0IbcH49hu0FKhYFM/GPDJcIHFBsiyMBXChpye9vBaTNEBCtU3KjjyG0hRT2mAQ9h+bkPmOvlEo/aH0xR68Z9hw4PF13w=="
|
||||
}]
|
||||
}
|
7
openidp-example/smart.json
Executable file
7
openidp-example/smart.json
Executable file
|
@ -0,0 +1,7 @@
|
|||
{
|
||||
"packages": {
|
||||
"accounts-saml": {
|
||||
"path":"../"
|
||||
}
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue