acs.jag

<%
(function () {
    var log = new Log(),
            configs = require('/config.json'),
            samlResponse = request.getParameter('SAMLResponse'),
            sessionId = session.getId(),
			process = require('process'),
            samlRequest = request.getParameter('SAMLRequest'),
            relayState = request.getParameter('RelayState'),
            sso = require('sso'),
            samlRespObj,
            keyStoreProps = {
                KEY_STORE_NAME: process.getProperty('carbon.home') + configs.ssoConfiguration.keyStoreName,
                KEY_STORE_PASSWORD: configs.ssoConfiguration.keyStorePassword,
                IDP_ALIAS: configs.ssoConfiguration.identityAlias
            },
            sso_sessions = application.get('sso_sessions');

    if (!sso_sessions) {
        application.put('sso_sessions', {});
        sso_sessions = application.get('sso_sessions');
    }

    if (samlResponse != null) {
        samlRespObj = sso.client.getSamlObject(samlResponse);
        if (!sso.client.isLogoutResponse(samlRespObj)) {

            // validating the signature
            if (configs.ssoConfiguration.responseSigningEnabled) {

                if (sso.client.validateSignature(samlRespObj, keyStoreProps)) {
                    var sessionObj = sso.client.decodeSAMLLoginResponse(samlRespObj, samlResponse, sessionId);
					log.info(stringify(sessionObj));
                    if (sessionObj.sessionIndex != null || sessionObj.sessionIndex != 'undefined') {
                        session.put("LOGGED_IN_USER", sessionObj.loggedInUser);
                        session.put("Loged", "true");

                        sso_sessions[sso_sessions[sessionObj.sessionIndex] = sessionObj.sessionId] = sessionObj.sessionIndex;


                        var user = require('/modules/user.js');

                        if (user.loginWithSAML(sessionObj.loggedInUser)) {
                            log.info('user is set :::' + sessionObj.loggedInUser);
                            response.sendRedirect('/mdm-dashboard');
                        }

                    }
                }
            }

        } else {
            session.invalidate();
            response.sendRedirect('/mdm-dashboard');
        }
    }

    // if saml request is a log out request, then invalidate session.
    if (samlRequest != null) {
        var index = sso.client.decodeSAMLLogoutRequest(sso.client.getSamlObject(samlRequest));
        log.info('BACKEND LOGOUT RECIEVED FROM STORE THE INDEX IS ######' + index);

        var jSessionId = application.get('sso_sessions')[index];

        delete application.get('sso_sessions')[index];


        log.info('store Session Id :::' + jSessionId);

        session.invalidate();
    }
}());
%>