saltukalakus

Auth0 as IdP

IdP initiated login:

IdP initiated logout:

How is it initiated?

Once initiated, sends the logout request to the callback URL configured at SAML addon callback setting.

saltukalakus

async function getTokenFromRulesConfig(user, context, callback) {
  const m2mClientID = configuration.m2mCID;
  const m2mClientSecret = configuration.m2mCSecret;
  let auth0Domain = '<<your_tenant>>.auth0.com';
  const moment = require('moment-timezone');
  let axios = require('axios');
  const country = context.request.geoip.country_name;
  const data = {
    user_app_metadata: user.app_metadata,
    email: user.email,

saltukalakus

addEventListener('fetch', event => {
  event.respondWith(handleRequest(event.request))
})

async function handleRequest(request) {
  const url = new URL(request.url)
  url.hostname = 'SOME_HOSTNAME' // i.e. 'dev-w-47n-vy-cd-e88kLg26GFbLGgBI.edge.tenants.auth0.com'
  request = new Request(request)
  request.headers.set('cname-api-key', 'SOME_KEY') // i.e. 'd4f2f3ef5a3ee3af4846127281d3450628bdc16d63e802dea75878fe9a63a279'
  

saltukalakus

<!DOCTYPE html>
<html>
<head>
  <title>2nd Factor Authentication</title>
  <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" />
  <meta http-equiv="X-UA-Compatible" content="IE=edge">
  <style type="text/css">

    html, body { padding: 0; margin: 0; }

saltukalakus

# conf
PORT=3000
ISSUER_BASE_URL=https://your-account.[region].auth0.com
CLIENT_ID=your-client-id
CLIENT_SECRET=your-client-secret
BASE_URL=http://localhost:3000
SECRET=LONG_RANDOM_VALUE

saltukalakus

<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
@@AssertServiceURLAndDestination@@
    AssertionConsumerServiceURL="https://demo-saml-sp.auth0.com/login/callback" 
    ID="@@ID@@"
    IssueInstant="@@IssueInstant@@"
    ProtocolBinding="@@ProtocolBinding@@" Version="2.0">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">@@Issuer@@</saml:Issuer>
</samlp:AuthnRequest>

saltukalakus

<!DOCTYPE html>
<html>
<head>
  <meta charset="utf-8">
  <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
  <title>Sign In with Auth0</title>
  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
  <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
</head>
  <style>

saltukalakus

#!/usr/bin/env python3

import time
import requests
import socket
from datetime import datetime
from functools import lru_cache
from urllib3.connection import HTTPConnection

class KeepaliveAdapter(requests.adapters.HTTPAdapter):

saltukalakus

function (user, context, callback) {

  var ManagementClient = require('[email protected]').ManagementClient;
  var req = context.request;
  var audience = req.query.audience;
  var scopes = (req.query && req.query.scope) || (req.body && req.body.scope);
  var permissionNames = [];


  // Limit the rule execution for the realted API identifier

saltukalakus

"use strict";
const openssl = require('openssl-nodejs');
const crypto = require('crypto');

function handler(domain)
{
  return openssl(['s_client', '-connect', domain, '-showcerts'], function (err, buffer) {

    const res = getCertificateFingerprintSha256(buffer.toString());
    console.log("sha - 256", res);