From 0d6746c984f1f66ad81ffe7a4b372466205f62b3 Mon Sep 17 00:00:00 2001 From: LoneRifle Date: Thu, 3 Nov 2022 15:30:30 +0800 Subject: [PATCH] refactor: drop need for assert endpoint env vars --- README.md | 21 ++++++--------------- index.js | 10 ---------- 2 files changed, 6 insertions(+), 25 deletions(-) diff --git a/README.md b/README.md index 48f7e98..12f9870 100644 --- a/README.md +++ b/README.md @@ -18,22 +18,18 @@ A mock SingPass/CorpPass/MyInfo server for dev purposes Configure your application to point to the following endpoints: SingPass: - - http://localhost:5156/singpass/logininitial - SAML login redirect with optional page - - http://localhost:5156/singpass/soap - receives SAML artifact and returns assertion - http://localhost:5156/singpass/authorize - OIDC login redirect with optional page - http://localhost:5156/singpass/token - receives OIDC authorization code and returns id_token CorpPass: - - http://localhost:5156/corppass/logininitial - - http://localhost:5156/corppass/soap - http://localhost:5156/corppass/authorize - OIDC login redirect with optional page - http://localhost:5156/corppass/token - receives OIDC authorization code and returns id_token MyInfo: - - http://localhost:5156/myinfo/{v2,v3}/person-basic (exclusive to government systems) - - http://localhost:5156/myinfo/{v2,v3}/authorise - - http://localhost:5156/myinfo/{v2,v3}/token - - http://localhost:5156/myinfo/{v2,v3}/person + - http://localhost:5156/myinfo/v3/person-basic (exclusive to government systems) + - http://localhost:5156/myinfo/v3/authorise + - http://localhost:5156/myinfo/v3/token + - http://localhost:5156/myinfo/v3/person sgID: - http://localhost:5156/sgid/v1/oauth/authorize @@ -49,11 +45,6 @@ Alternatively, provide the paths to your app cert as env vars ``` $ npm install @opengovsg/mockpass -# Some familiarity with SAML Artifact Binding is assumed -# Optional: Configure where MockPass should send SAML artifact to, default endpoint will be `PartnerId` in request query parameter. -$ export SINGPASS_ASSERT_ENDPOINT=http://localhost:5000/singpass/assert -$ export CORPPASS_ASSERT_ENDPOINT=http://localhost:5000/corppass/assert - # All values shown here are defaults $ export MOCKPASS_PORT=5156 @@ -69,7 +60,7 @@ $ export ENCRYPT_ASSERTION=false $ export SIGN_RESPONSE=false $ export RESOLVE_ARTIFACT_REQUEST_SIGNED=false -# Encrypt payloads returned by /myinfo/*/{person, person-basic}, +# Encrypt payloads returned by /myinfo/v3/{person, person-basic}, # equivalent to MyInfo Auth Level L2 (testing and production) $ export ENCRYPT_MYINFO=false @@ -89,7 +80,7 @@ who then need to connect to the staging servers hosted by SingPass/CorpPass, which may not always be available (eg, down for maintenance, or no Internet). MockPass tries to solves this by providing an extremely lightweight implementation -of a SAML 2.0 Identity Provider that returns mock SingPass and CorpPass assertions. +of an OIDC Provider that returns mock SingPass and CorpPass assertions. It optionally provides a mock login page that (badly) mimics the SingPass/CorpPass login experience. diff --git a/index.js b/index.js index 79395b2..bf72ea7 100755 --- a/index.js +++ b/index.js @@ -9,16 +9,6 @@ const { configOIDC, configMyInfo, configSGID } = require('./lib/express') const PORT = process.env.MOCKPASS_PORT || process.env.PORT || 5156 -if ( - !process.env.SINGPASS_ASSERT_ENDPOINT && - !process.env.CORPPASS_ASSERT_ENDPOINT -) { - console.warn( - 'SINGPASS_ASSERT_ENDPOINT or CORPPASS_ASSERT_ENDPOINT is not set. ' + - 'Value of `PartnerId` request query parameter in redirect URL will be used.', - ) -} - const serviceProvider = { cert: fs.readFileSync( path.resolve(