( providerType: 'oidc' | 'saml', provider?: string )
| 323 | } |
| 324 | |
| 325 | function getExampleEnvVars( |
| 326 | providerType: 'oidc' | 'saml', |
| 327 | provider?: string |
| 328 | ): Record<string, string> { |
| 329 | const baseVars = { |
| 330 | SSO_ENABLED: 'true', |
| 331 | SSO_PROVIDER_TYPE: providerType, |
| 332 | SSO_PROVIDER_ID: provider || (providerType === 'oidc' ? 'okta' : 'adfs'), |
| 333 | SSO_DOMAIN: 'yourcompany.com', |
| 334 | SSO_USER_EMAIL: 'admin@yourcompany.com', |
| 335 | } |
| 336 | |
| 337 | if (providerType === 'oidc') { |
| 338 | const examples: Record<string, Record<string, string>> = { |
| 339 | okta: { |
| 340 | ...baseVars, |
| 341 | SSO_PROVIDER_ID: 'okta', |
| 342 | SSO_ISSUER: 'https://dev-123456.okta.com/oauth2/default', |
| 343 | SSO_OIDC_CLIENT_ID: '0oavhncxymgOpe06E697', |
| 344 | SSO_OIDC_CLIENT_SECRET: 'your-client-secret', |
| 345 | SSO_OIDC_SCOPES: 'openid,profile,email', |
| 346 | }, |
| 347 | 'azure-ad': { |
| 348 | ...baseVars, |
| 349 | SSO_PROVIDER_ID: 'azure-ad', |
| 350 | SSO_ISSUER: 'https://login.microsoftonline.com/{tenant-id}/v2.0', |
| 351 | SSO_OIDC_CLIENT_ID: 'your-application-id', |
| 352 | SSO_OIDC_CLIENT_SECRET: 'your-client-secret', |
| 353 | SSO_MAPPING_ID: 'oid', |
| 354 | }, |
| 355 | generic: { |
| 356 | ...baseVars, |
| 357 | SSO_PROVIDER_ID: 'custom-oidc', |
| 358 | SSO_ISSUER: 'https://idp.example.com', |
| 359 | SSO_OIDC_CLIENT_ID: 'your-client-id', |
| 360 | SSO_OIDC_CLIENT_SECRET: 'your-client-secret', |
| 361 | SSO_OIDC_AUTHORIZATION_ENDPOINT: 'https://idp.example.com/auth', |
| 362 | SSO_OIDC_TOKEN_ENDPOINT: 'https://idp.example.com/token', |
| 363 | SSO_OIDC_USERINFO_ENDPOINT: 'https://idp.example.com/userinfo', |
| 364 | }, |
| 365 | } |
| 366 | return examples[provider || 'okta'] || examples.generic |
| 367 | } |
| 368 | |
| 369 | return { |
| 370 | ...baseVars, |
| 371 | SSO_PROVIDER_ID: 'adfs', |
| 372 | SSO_ISSUER: 'https://adfs.company.com', |
| 373 | SSO_SAML_ENTRY_POINT: 'https://adfs.company.com/adfs/ls/', |
| 374 | SSO_SAML_CERT: |
| 375 | '-----BEGIN CERTIFICATE-----\nMIIDBjCCAe4CAQAwDQYJKoZIhvcNAQEFBQAwEjEQMA4GA1UEAwwHYWRmcy...\n-----END CERTIFICATE-----', |
| 376 | SSO_SAML_AUDIENCE: 'https://yourapp.com', |
| 377 | SSO_SAML_WANT_ASSERTIONS_SIGNED: 'true', |
| 378 | SSO_MAPPING_ID: 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier', |
| 379 | SSO_MAPPING_EMAIL: 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress', |
| 380 | SSO_MAPPING_NAME: 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name', |
| 381 | } |
| 382 | } |
no outgoing calls
no test coverage detected