🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

hapi-saml2

Package Overview
Dependencies
Maintainers
28
Versions
28
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

hapi-saml2

SAML Auth for Hapi.js

latest
Source
npmnpm
Version
5.1.0
Version published
Maintainers
28
Created
Source

hapi-saml2

hapi-saml2 is a hapi.js plugin, it uses node-saml library to provide Single Sign On using SAML protocol

Notes

This plugin based on node-saml and was originally inspired by hapi-saml-sso.

Check the documentation of the repository for options documentation

Versions

node-saml version

hapi-saml2 versiondependency version
5.1.0 - latest@node-saml/node-saml@5.1.0
5.0.2 - 5.0.2@node-saml/node-saml@5.0.1
5.0.0 - 5.0.1@node-saml/node-saml@4.0.5
4.0.5 - 4.0.7@node-saml/node-saml@4.0.5
4.0.3 - 4.0.4@node-saml/node-saml@4.0.3
3.2.2 - 3.2.2passport-saml@3.2.1
3.2.0 - 3.2.1passport-saml@3.2.0
2.2.0 - 2.2.0passport-saml@2.2.0
2.0.2 - 2.0.3passport-saml@2.0.2
1.3.5 - 1.3.8passport-saml@1.3.5

@hapi/hapi supported versions

hapi-saml2 versionhapi.js supported version
1.0.0 - latestv18 - v21
0.0.1 - 0.0.5v17

Usage

Add hapi-saml2 to your project:

npm install hapi-saml2 --save

Register the plugin and configure it with the options:

const Hapi = require('@hapi/hapi')
const server = Hapi.server({
  port: 3000,
  host: 'localhost'
})

const init = async () => {
  await server.register({
    plugin: require('hapi-saml2'),
    options: {
      // required
      getSAMLOptions: (request) => {}, // should return options for `node-saml`
      
      login: async (request, identifier, user) => {}, // called by /callback while handling a SAML Response. should return true if user is authenticated and authenticate user based on identifier (Profile.nameID is used), or return an object { success: Boolean, errorMessage: String } to send an error message to postResponseValidationErrorHandler (if implemented)

      logout: async (request) => {}, // required if using Single Logout. should logout the user on the app

      // optional
      apiPrefix: '/saml', // prefix for added routes
      redirectUrlAfterSuccess: '/', // url to redirect to after successful login
      redirectUrlAfterFailure: '/', // url to redirect to after failed login
      boomErrorForMissingConfiguration: Boom.badImplementation('SAML instance is not configured'), // Boom error to throw on missing configuration error
      boomErrorForIncorrectConfiguration: Boom.badImplementation('SAML configuration is incorrect'), // Boom error to throw on incorrect configuration error
      postResponseValidationErrorHandler: async ({ request, h, e }) => { return h.redirect('/errorPage') }, // function to handle Post Response validation errors
      preLogin: async (request, h) => {} // hook to run before the /login route is called
    }
  })

  await server.start()
}

init()

The plugin provides the following SSO API:

GET  /saml/metadata.xml
GET  /saml/login
GET  /saml/logout
POST /saml/callback

They can be configured with apiPrefix option.

Testing

Run the following script:

./prepare-for-tests.sh

Then run yarn test or yarn test-ci.

FAQs

Package last updated on 27 Jul 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Software Engineering Daily Podcast: Feross on AI, Open Source, and Supply Chain Risk

Security News

Software Engineering Daily Podcast: Feross on AI, Open Source, and Supply Chain Risk

Socket CEO Feross Aboukhadijeh joins Software Engineering Daily to discuss modern software supply chain attacks and rising AI-driven security risks.

By Sarah Gooding  -  Dec 11, 2025