MCPcopy
hub / github.com/simstudioai/sim / buildSSOConfigFromEnv

Function buildSSOConfigFromEnv

packages/db/scripts/register-sso-provider.ts:162–323  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

160}
161
162function buildSSOConfigFromEnv(): SSOProviderConfig | null {
163 const enabled = process.env.SSO_ENABLED === 'true'
164 if (!enabled) return null
165
166 const providerId = process.env.SSO_PROVIDER_ID
167 const issuer = process.env.SSO_ISSUER
168 const domain = process.env.SSO_DOMAIN
169 const providerType = process.env.SSO_PROVIDER_TYPE as 'oidc' | 'saml'
170
171 if (!providerId || !issuer || !domain || !providerType) {
172 return null
173 }
174
175 const config: SSOProviderConfig = {
176 providerId,
177 issuer,
178 domain,
179 providerType,
180 }
181
182 config.mapping = {
183 id:
184 process.env.SSO_MAPPING_ID ||
185 (providerType === 'oidc'
186 ? 'sub'
187 : 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'),
188 email:
189 process.env.SSO_MAPPING_EMAIL ||
190 (providerType === 'oidc'
191 ? 'email'
192 : 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress'),
193 name:
194 process.env.SSO_MAPPING_NAME ||
195 (providerType === 'oidc'
196 ? 'name'
197 : 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name'),
198 image: process.env.SSO_MAPPING_IMAGE || (providerType === 'oidc' ? 'picture' : undefined),
199 }
200
201 if (providerType === 'oidc') {
202 const clientId = process.env.SSO_OIDC_CLIENT_ID
203 const clientSecret = process.env.SSO_OIDC_CLIENT_SECRET
204
205 if (!clientId || !clientSecret) {
206 return null
207 }
208
209 config.oidcConfig = {
210 clientId,
211 clientSecret,
212 scopes: process.env.SSO_OIDC_SCOPES?.split(',').map((s) => s.trim()) || [
213 'openid',
214 'profile',
215 'email',
216 ],
217 pkce: process.env.SSO_OIDC_PKCE !== 'false',
218 authorizationEndpoint: process.env.SSO_OIDC_AUTHORIZATION_ENDPOINT,
219 tokenEndpoint: process.env.SSO_OIDC_TOKEN_ENDPOINT,

Callers 1

registerSSOProviderFunction · 0.85

Calls 2

escapeXmlFunction · 0.70
replaceMethod · 0.65

Tested by

no test coverage detected