-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathproxy.example.json
More file actions
52 lines (51 loc) · 3.36 KB
/
proxy.example.json
File metadata and controls
52 lines (51 loc) · 3.36 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
{
// run proxy on this port. Default is 3000, can be overriden with PORT environment variable
"port" : 3000,
// protocol the proxy uses. Can be 'http' or 'https'
"externalProtocol" : "https",
// only required if externalProtocol === 'https'
"ssl" : {
// path to SSL private key file. Can be absolute or relative to certDir. PEM format, unencrypted.
"privateKeyFile" : "node_https_proxy/private_key.pem",
// path to SSL certificate file. Can be absolute or relative to certDir. PEM format, unencrypted.
"certificateFile" : "node_https_proxy/cert.pem"
},
// name of HTTP header that will transport credentials
"credentialsHeader" : "X-Auth-Credentials",
// name of HTTP header that will transport credentials' signature
"signatureHeader" : "X-Auth-Signature",
// path to private key file to be used to sign credentials. Can be absolute or relative to certDir. PEM format, unencrypted.
// if not given, no signing will be performed
"credentialsSigningKeyFile" : "privateKey.pem",
// path to directory containing certificates and keys. Absolute or relative to application root.
"certDir" : "cert",
//settings for SAML authentication strategy
"saml" : {
// where to redirect user
"entryPoint": "http://sso.local/simplesaml/saml2/idp/SSOService.php",
// how do the proxy introduce itself to IdP
"issuer": "E2ESSOWebTest",
// in most cases should be equal to (externalProtocol + "://")
"protocol": "https://",
// certificate of IdP. PEM format without prolog and epilogue. If given, will be used to verify SAML response signature
"cert": "MIICgTCCAeoCCQCbOlrWDdX7FTANBgkqhkiG9w0BAQUFADCBhDELMAkGA1UEBhMCTk8xGDAWBgNVBAgTD0FuZHJlYXMgU29sYmVyZzEMMAoGA1UEBxMDRm9vMRAwDgYDVQQKEwdVTklORVRUMRgwFgYDVQQDEw9mZWlkZS5lcmxhbmcubm8xITAfBgkqhkiG9w0BCQEWEmFuZHJlYXNAdW5pbmV0dC5ubzAeFw0wNzA2MTUxMjAxMzVaFw0wNzA4MTQxMjAxMzVaMIGEMQswCQYDVQQGEwJOTzEYMBYGA1UECBMPQW5kcmVhcyBTb2xiZXJnMQwwCgYDVQQHEwNGb28xEDAOBgNVBAoTB1VOSU5FVFQxGDAWBgNVBAMTD2ZlaWRlLmVybGFuZy5ubzEhMB8GCSqGSIb3DQEJARYSYW5kcmVhc0B1bmluZXR0Lm5vMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDivbhR7P516x/S3BqKxupQe0LONoliupiBOesCO3SHbDrl3+q9IbfnfmE04rNuMcPsIxB161TdDpIesLCn7c8aPHISKOtPlAeTZSnb8QAu7aRjZq3+PbrP5uW3TcfCGPtKTytHOge/OlJbo078dVhXQ14d1EDwXJW1rRXuUt4C8QIDAQABMA0GCSqGSIb3DQEBBQUAA4GBACDVfp86HObqY+e8BUoWQ9+VMQx1ASDohBjwOsg2WykUqRXF+dLfcUH9dWR63CtZIKFDbStNomPnQz7nbK+onygwBspVEbnHuUihZq3ZUdmumQqCw4Uvs/1Uvq3orOo/WJVhTyvLgFVK2QarQ4/67OZfHd7R+POBXhophSMv1ZOo",
// private key file used to sign SAML request. If given, must match a certificate registered in IdP.
// Can be absolute path or relative to certDir
"privateKeyFile": "privateKey.pem"
},
// In case the authentication takes longer than our session (see sessionDuration), we forget where to redirect user to
// in that case this will be used as a safe default
"indexPath" : "/proxy/ui/HelloWorldUI.html",
// increase security by puttin some random characters here
"sessionSecret" : "x&^RYg97c7dngw97dcg7&6T&^t967NC69WDQ0W89",
// session duration in milliseconds. 0 means "browser session"
"sessionDuration" : 300000,
//define your routes here
"routes": [
{
"routedPrefix": "/proxy",
"destination": "services.local",
"destinationPort": 13333
}
]
}