in src/auth/auth-config.ts [1026:1133]
public static validate(options: Partial<SAMLAuthProviderConfig>, ignoreMissingFields = false): void {
const validKeys = {
enabled: true,
displayName: true,
providerId: true,
idpEntityId: true,
ssoURL: true,
x509Certificates: true,
rpEntityId: true,
callbackURL: true,
enableRequestSigning: true,
};
if (!validator.isNonNullObject(options)) {
throw new FirebaseAuthError(
AuthClientErrorCode.INVALID_CONFIG,
'"SAMLAuthProviderConfig" must be a valid non-null object.',
);
}
// Check for unsupported top level attributes.
for (const key in options) {
if (!(key in validKeys)) {
throw new FirebaseAuthError(
AuthClientErrorCode.INVALID_CONFIG,
`"${key}" is not a valid SAML config parameter.`,
);
}
}
// Required fields.
if (validator.isNonEmptyString(options.providerId)) {
if (options.providerId.indexOf('saml.') !== 0) {
throw new FirebaseAuthError(
AuthClientErrorCode.INVALID_PROVIDER_ID,
'"SAMLAuthProviderConfig.providerId" must be a valid non-empty string prefixed with "saml.".',
);
}
} else if (!ignoreMissingFields) {
// providerId is required and not provided correctly.
throw new FirebaseAuthError(
!options.providerId ? AuthClientErrorCode.MISSING_PROVIDER_ID : AuthClientErrorCode.INVALID_PROVIDER_ID,
'"SAMLAuthProviderConfig.providerId" must be a valid non-empty string prefixed with "saml.".',
);
}
if (!(ignoreMissingFields && typeof options.idpEntityId === 'undefined') &&
!validator.isNonEmptyString(options.idpEntityId)) {
throw new FirebaseAuthError(
AuthClientErrorCode.INVALID_CONFIG,
'"SAMLAuthProviderConfig.idpEntityId" must be a valid non-empty string.',
);
}
if (!(ignoreMissingFields && typeof options.ssoURL === 'undefined') &&
!validator.isURL(options.ssoURL)) {
throw new FirebaseAuthError(
AuthClientErrorCode.INVALID_CONFIG,
'"SAMLAuthProviderConfig.ssoURL" must be a valid URL string.',
);
}
if (!(ignoreMissingFields && typeof options.rpEntityId === 'undefined') &&
!validator.isNonEmptyString(options.rpEntityId)) {
throw new FirebaseAuthError(
!options.rpEntityId ? AuthClientErrorCode.MISSING_SAML_RELYING_PARTY_CONFIG :
AuthClientErrorCode.INVALID_CONFIG,
'"SAMLAuthProviderConfig.rpEntityId" must be a valid non-empty string.',
);
}
if (!(ignoreMissingFields && typeof options.callbackURL === 'undefined') &&
!validator.isURL(options.callbackURL)) {
throw new FirebaseAuthError(
AuthClientErrorCode.INVALID_CONFIG,
'"SAMLAuthProviderConfig.callbackURL" must be a valid URL string.',
);
}
if (!(ignoreMissingFields && typeof options.x509Certificates === 'undefined') &&
!validator.isArray(options.x509Certificates)) {
throw new FirebaseAuthError(
AuthClientErrorCode.INVALID_CONFIG,
'"SAMLAuthProviderConfig.x509Certificates" must be a valid array of X509 certificate strings.',
);
}
(options.x509Certificates || []).forEach((cert: string) => {
if (!validator.isNonEmptyString(cert)) {
throw new FirebaseAuthError(
AuthClientErrorCode.INVALID_CONFIG,
'"SAMLAuthProviderConfig.x509Certificates" must be a valid array of X509 certificate strings.',
);
}
});
if (typeof (options as any).enableRequestSigning !== 'undefined' &&
!validator.isBoolean((options as any).enableRequestSigning)) {
throw new FirebaseAuthError(
AuthClientErrorCode.INVALID_CONFIG,
'"SAMLAuthProviderConfig.enableRequestSigning" must be a boolean.',
);
}
if (typeof options.enabled !== 'undefined' &&
!validator.isBoolean(options.enabled)) {
throw new FirebaseAuthError(
AuthClientErrorCode.INVALID_CONFIG,
'"SAMLAuthProviderConfig.enabled" must be a boolean.',
);
}
if (typeof options.displayName !== 'undefined' &&
!validator.isString(options.displayName)) {
throw new FirebaseAuthError(
AuthClientErrorCode.INVALID_CONFIG,
'"SAMLAuthProviderConfig.displayName" must be a valid string.',
);
}
}