Samlify is a Node.js library that provides a comprehensive solution for implementing SAML (Security Assertion Markup Language) authentication. It allows developers to easily integrate SAML-based Single Sign-On (SSO) into their applications, supporting both Identity Provider (IdP) and Service Provider (SP) roles.
Service Provider (SP) Configuration
This feature allows you to configure a Service Provider (SP) in your application. The code sample demonstrates how to set up an SP with a specific entity ID and assertion consumer service URL.
{
"const saml = require('samlify');",
"const sp = saml.ServiceProvider({",
" entityID: 'sp.example.com',",
" assertionConsumerService: {",
" url: 'https://sp.example.com/acs',",
" binding: saml.Constants.namespace.binding.post",
" }",
"});"
}Identity Provider (IdP) Configuration
This feature allows you to configure an Identity Provider (IdP). The code sample shows how to set up an IdP with a specific entity ID and single sign-on service URL.
{
"const idp = saml.IdentityProvider({",
" entityID: 'idp.example.com',",
" singleSignOnService: {",
" url: 'https://idp.example.com/sso',",
" binding: saml.Constants.namespace.binding.redirect",
" }",
"});"
}SAML Request Generation
This feature enables the generation of SAML authentication requests. The code sample demonstrates how to create a login request from the Service Provider to the Identity Provider using the redirect binding.
{
"const { id, context } = sp.createLoginRequest(idp, 'redirect');"
}SAML Response Validation
This feature allows the validation of SAML responses received from the Identity Provider. The code sample shows how to parse and validate a login response using the POST binding.
{
"sp.parseLoginResponse(idp, 'post', {",
" body: req.body",
"}).then((parseResult) => {",
" console.log(parseResult);",
"});"
}Passport-SAML is a SAML authentication strategy for Passport, the popular Node.js authentication middleware. It provides similar functionalities to samlify, such as handling SAML authentication requests and responses. However, it is more tightly integrated with the Passport ecosystem, making it a good choice if you are already using Passport for other authentication strategies.
Node-SAML is a lightweight library for SAML authentication in Node.js. It offers basic functionalities for SAML authentication, similar to samlify, but with a simpler API. It may be more suitable for projects that require a straightforward implementation without the additional features provided by samlify.
Saml2-js is another Node.js library for SAML authentication. It provides functionalities for both Service Provider and Identity Provider roles, similar to samlify. While it offers a comprehensive set of features, samlify is often preferred for its more modern API and better documentation.
Highly configuarable Node.js SAML 2.0 library for Single Sign On
Welcome all PRs for maintaining this project, or provide a link to the repositories especially for use cases alongside with different frameworks.
Multiple schema validators are currently supported by our system, with couple validator modules available and the option to create custom ones. It is essential to utilize the setSchemaValidator function at the outset to avoid errors.
import * as samlify from 'samlify';
import * as validator from '@authenio/samlify-xsd-schema-validator';
// import * as validator from '@authenio/samlify-validate-with-xmllint';
// import * as validator from '@authenio/samlify-node-xmllint';
samlify.setSchemaValidator(validator);
Now you can create your own schema validator and even suppress it but you have to take the risk for accepting malicious response.
samlify.setSchemaValidator({
validate: (response: string) => {
/* implment your own or always returns a resolved promise to skip */
return Promise.resolve('skipped');
}
});
For those using Windows, windows-build-tools should be installed globally before installing samlify if you are using libxml validator.
yarn global add windows-build-tools
This project is now developed using TypeScript, also support Yarn which is a new package manager.
yarn global add typescript
yarn
const saml = require('samlify');
See full documentation here
react-samlify SP example powered by React, TypeScript and Webpack
An introduction to Single Sign On
Copyright (C) 2016-present Tony Ngan, released under the MIT License.
FAQs
High-level API for Single Sign On (SAML 2.0)
The npm package samlify receives a total of 170,637 weekly downloads. As such, samlify popularity was classified as popular.
We found that samlify demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.