### Run DummyIDP locally Source: https://github.com/ssoready/dummyidp/blob/main/README.md Commands to install dependencies and start the development server for the Next.js application. ```bash npm install npm run dev ``` -------------------------------- ### GET /instant-setup Source: https://context7.com/ssoready/dummyidp/llms.txt Creates or configures a DummyIDP app in a single request and redirects to the login page. ```APIDOC ## GET /instant-setup ### Description Creates or configures a DummyIDP app in a single request with all necessary SAML settings and redirects directly to the login page. ### Method GET ### Endpoint /instant-setup ### Parameters #### Query Parameters - **appId** (string) - Required - The unique identifier for the app. - **spAcsUrl** (string) - Required - The Service Provider Assertion Consumer Service URL. - **spEntityId** (string) - Required - The Service Provider Entity ID. - **email** (string) - Required - The email address for the test user. - **firstName** (string) - Required - The first name of the test user. - **lastName** (string) - Required - The last name of the test user. ### Request Example curl "https://dummyidp.com/instant-setup?appId=my-test-app&spAcsUrl=https://myapp.com/saml/acs&spEntityId=https://myapp.com&email=test.user@example.com&firstName=Test&lastName=User" ``` -------------------------------- ### Setup Local Development Environment Source: https://context7.com/ssoready/dummyidp/llms.txt Commands to clone the repository, install dependencies, and manage the development server lifecycle. ```bash # Clone and install dependencies git clone https://github.com/ssoready/dummyidp.git cd dummyidp npm install # Create .env.development.local with required environment variables # For Vercel KV connection (or configure alternative storage) # Start development server npm run dev # Build for production npm run build # The app will be available at http://localhost:3000 ``` -------------------------------- ### Instant Setup for DummyIDP App Source: https://context7.com/ssoready/dummyidp/llms.txt Creates or configures a DummyIDP app with SAML settings in a single request and redirects to the login page. Useful for streamlined integration testing. ```bash # GET /instant-setup?appId={id}&spAcsUrl={url}&spEntityId={entityId}&email={email}&firstName={name}&lastName={name} # Create a fully-configured DummyIDP app and jump straight to login curl "https://dummyidp.com/instant-setup?" appId=my-test-app& spAcsUrl=https://myapp.com/saml/acs& spEntityId=https://myapp.com& email=test.user@example.com& firstName=Test& lastName=User" # Response: 302 Redirect to /apps/my-test-app/login # The app is created/updated with: # - Configured SP ACS URL and Entity ID # - Single test user ready for SAML login simulation ``` -------------------------------- ### GET /api/apps Source: https://context7.com/ssoready/dummyidp/llms.txt Retrieves the configuration for a specific DummyIDP application, including SAML and SCIM settings. ```APIDOC ## GET /api/apps ### Description Retrieves an app's configuration by ID including SP settings, SCIM settings, and configured users. ### Method GET ### Endpoint /api/apps?id={appId} ### Parameters #### Query Parameters - **id** (string) - Required - The unique identifier of the application. ### Response #### Success Response (200) - **id** (string) - App ID - **users** (array) - List of configured users - **spAcsUrl** (string) - Service Provider ACS URL - **spEntityId** (string) - Service Provider Entity ID - **scimBaseUrl** (string) - SCIM base URL - **scimBearerToken** (string) - SCIM bearer token #### Response Example { "id": "app_01j2xk3m4n5p6q7r8s9t0u1v2w", "users": [ { "email": "john.doe@example.com", "firstName": "John", "lastName": "Doe" } ], "spAcsUrl": "https://myapp.com/saml/acs", "spEntityId": "https://myapp.com", "scimBaseUrl": "https://myapp.com/scim/v2", "scimBearerToken": "scim_token_xyz" } ``` -------------------------------- ### GET /apps/{appId}/metadata Source: https://context7.com/ssoready/dummyidp/llms.txt Retrieves the SAML Identity Provider metadata XML document. ```APIDOC ## GET /apps/{appId}/metadata ### Description Returns the SAML Identity Provider metadata XML document containing the IDP entity ID, X.509 signing certificate, and SSO endpoints. ### Method GET ### Endpoint /apps/{appId}/metadata ### Parameters #### Path Parameters - **appId** (string) - Required - The unique identifier of the application. ### Response #### Success Response (200) - **Content-Type** (string) - application/xml ``` -------------------------------- ### Create a DummyIDP Application Source: https://context7.com/ssoready/dummyidp/llms.txt Uses a Next.js server action to generate a new app instance with default test users and redirect to the configuration page. ```typescript // Server Action - src/app/actions.ts "use server"; import { redirect } from "next/navigation"; import * as libapp from "@/lib/app"; export async function createApp() { const id = await libapp.createApp(); redirect(`/apps/${id}`); } // The createApp function generates an app with default users: // - john.doe@example.com (John Doe) // - abraham.lincoln@example.com (Abraham Lincoln) ``` -------------------------------- ### Retrieve App Configuration Source: https://context7.com/ssoready/dummyidp/llms.txt Fetches the full configuration object for a specific app, including SAML and SCIM settings. ```bash # GET /api/apps?id={appId} # Request curl "https://dummyidp.com/api/apps?id=app_01j2xk3m4n5p6q7r8s9t0u1v2w" # Response (200 OK) { "id": "app_01j2xk3m4n5p6q7r8s9t0u1v2w", "users": [ { "email": "john.doe@example.com", "firstName": "John", "lastName": "Doe" }, { "email": "abraham.lincoln@example.com", "firstName": "Abraham", "lastName": "Lincoln" } ], "spAcsUrl": "https://myapp.com/saml/acs", "spEntityId": "https://myapp.com", "scimBaseUrl": "https://myapp.com/scim/v2", "scimBearerToken": "scim_token_xyz" } # Response (404 Not Found) - if app doesn't exist {} ``` -------------------------------- ### POST /api/apps Source: https://context7.com/ssoready/dummyidp/llms.txt Updates the configuration for a specific DummyIDP application and triggers SCIM synchronization if configured. ```APIDOC ## POST /api/apps ### Description Updates an app's configuration including Service Provider settings, SCIM settings, and user list. Automatically syncs user changes to the Service Provider's SCIM endpoint if configured. ### Method POST ### Endpoint /api/apps?id={appId} ### Parameters #### Query Parameters - **id** (string) - Required - The unique identifier of the application. #### Request Body - **id** (string) - Required - App ID - **users** (array) - Required - List of users - **spAcsUrl** (string) - Required - Service Provider ACS URL - **spEntityId** (string) - Required - Service Provider Entity ID - **scimBaseUrl** (string) - Optional - SCIM base URL - **scimBearerToken** (string) - Optional - SCIM bearer token ### Request Example { "id": "app_01j2xk3m4n5p6q7r8s9t0u1v2w", "users": [ { "email": "jane.doe@example.com", "firstName": "Jane", "lastName": "Doe" } ], "spAcsUrl": "https://myapp.com/saml/acs", "spEntityId": "https://myapp.com" } ``` -------------------------------- ### Handle SP-Initiated SAML SSO Source: https://context7.com/ssoready/dummyidp/llms.txt This endpoint accepts SAMLRequest via HTTP POST and redirects to the DummyIDP login page. It's used for SP-initiated SAML authentication flows. ```bash # POST /apps/{appId}/sso # This endpoint handles the SAMLRequest from Service Providers # It extracts the SAMLRequest parameter and redirects to the login page # Example SP-initiated flow: # 1. User clicks "Login with SSO" in your application # 2. Your app generates a SAMLRequest and POSTs to DummyIDP curl -X POST "https://dummyidp.com/apps/app_01j2xk3m4n5p6q7r8s9t0u1v2w/sso" \ -d "SAMLRequest=PHNhbWxwOkF1dGhuUmVxdWVzdC..." # 3. DummyIDP redirects to: /apps/{appId}/login?SAMLRequest=... # 4. User selects identity on login page # 5. DummyIDP POSTs SAMLResponse to your app's ACS URL ``` -------------------------------- ### Manage App Configurations with React Hooks Source: https://context7.com/ssoready/dummyidp/llms.txt Uses TanStack Query to fetch and update app configurations with automatic cache invalidation. Requires the @tanstack/react-query library. ```typescript // src/lib/hooks.ts import { App } from "@/lib/app"; import { useMutation, useQuery, useQueryClient } from "@tanstack/react-query"; // Fetch an app's configuration function useApp(id: string | undefined): App | undefined { const { data } = useQuery({ enabled: !!id, queryKey: ["apps", id], queryFn: async () => { const response = await fetch(`/api/apps?id=${id}`); if (!response.ok) { return; } return response.json(); }, }); return data; } // Update an app's configuration function useUpsertApp() { const queryClient = useQueryClient(); return useMutation({ mutationFn: async (app: App) => { await fetch(`/api/apps?id=${app.id}`, { method: "POST", body: JSON.stringify(app), }); // Invalidate cache to refetch updated data await queryClient.invalidateQueries({ queryKey: ["apps", app.id], }); }, }); } // Usage example in a component: const app = useApp("app_01j2xk3m4n5p6q7r8s9t0u1v2w"); const upsertApp = useUpsertApp(); // Update app with new user await upsertApp.mutateAsync({ ...app, users: [...app.users, { email: "new@example.com", firstName: "New", lastName: "User" }] }); ``` -------------------------------- ### DummyIDP App Data Types Source: https://context7.com/ssoready/dummyidp/llms.txt Defines the core data structures for DummyIDP applications, including SAML Service Provider settings, SCIM configuration, and user management. Includes helper functions for generating IDP URLs. ```typescript // src/lib/app.ts // Core App type representing a DummyIDP application type App = { id: string; // Unique app identifier (e.g., "app_01j2xk3m4n...") users: AppUser[]; // List of users for SAML login simulation spAcsUrl?: string; // Service Provider Assertion Consumer Service URL spEntityId?: string; // Service Provider Entity ID scimBaseUrl?: string; // SCIM endpoint base URL (e.g., "https://app.com/scim/v2") scimBearerToken?: string; // Bearer token for SCIM authentication }; // User type for SAML assertions and SCIM provisioning type AppUser = { email: string; // User email (used as SAML NameID) firstName: string; // First name attribute lastName: string; // Last name attribute }; // Helper functions for generating IDP URLs function appIdpEntityId(app: App): string { return `https://dummyidp.com/apps/${app.id}`; } function appIdpRedirectUrl(app: App): string { return `https://dummyidp.com/apps/${app.id}/sso`; } function appIdpMetadataUrl(app: App): string { return `https://dummyidp.com/apps/${app.id}/metadata`; } function appLoginUrl(app: App): string { return `https://dummyidp.com/apps/${app.id}/login`; } ``` -------------------------------- ### Update App Configuration Source: https://context7.com/ssoready/dummyidp/llms.txt Updates settings and user lists. If SCIM is configured, it automatically triggers synchronization to the provided endpoint. ```bash # POST /api/apps?id={appId} # Request curl -X POST "https://dummyidp.com/api/apps?id=app_01j2xk3m4n5p6q7r8s9t0u1v2w" \ -H "Content-Type: application/json" \ -d '{ "id": "app_01j2xk3m4n5p6q7r8s9t0u1v2w", "users": [ { "email": "jane.doe@example.com", "firstName": "Jane", "lastName": "Doe" }, { "email": "new.user@example.com", "firstName": "New", "lastName": "User" } ], "spAcsUrl": "https://myapp.com/saml/acs", "spEntityId": "https://myapp.com", "scimBaseUrl": "https://myapp.com/scim/v2", "scimBearerToken": "your_scim_bearer_token" }' # Response (200 OK) {} # If SCIM is configured, DummyIDP automatically: # 1. Creates new users via POST to {scimBaseUrl}/Users # 2. Updates existing users via PUT to {scimBaseUrl}/Users/{id} # 3. Deletes removed users via DELETE to {scimBaseUrl}/Users/{id} ``` -------------------------------- ### POST /apps/{appId}/sso Source: https://context7.com/ssoready/dummyidp/llms.txt Handles SP-initiated SAML authentication requests by accepting a SAMLRequest and redirecting to the login page. ```APIDOC ## POST /apps/{appId}/sso ### Description Handles SP-initiated SAML authentication requests. Accepts a SAMLRequest via HTTP POST and redirects to the DummyIDP login page where users can select which identity to authenticate as. ### Method POST ### Endpoint /apps/{appId}/sso ### Parameters #### Path Parameters - **appId** (string) - Required - The unique identifier for the DummyIDP application. #### Request Body - **SAMLRequest** (string) - Required - The base64-encoded SAML AuthnRequest from the Service Provider. ### Request Example curl -X POST "https://dummyidp.com/apps/app_01j2xk3m4n5p6q7r8s9t0u1v2w/sso" \ -d "SAMLRequest=PHNhbWxwOkF1dGhuUmVxdWVzdC..." ``` -------------------------------- ### Retrieve SAML IDP Metadata Source: https://context7.com/ssoready/dummyidp/llms.txt Returns the XML metadata document required for Service Providers to configure their SAML integration. ```xml curl "https://dummyidp.com/apps/app_01j2xk3m4n5p6q7r8s9t0u1v2w/metadata" MIIDBzCCAe+gAwIBAgIUCLBK4f75EXEe4gyroYnVaqLoSp4wDQYJKoZIhvcNAQEL... urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress ``` -------------------------------- ### Generate Signed SAML Response Source: https://context7.com/ssoready/dummyidp/llms.txt Generates a signed SAML Response/Assertion using RSA-SHA256. Includes user identity attributes, validity timestamps, and audience restriction. Requires an RSA private key in JWK format. ```typescript // src/lib/saml.ts interface AssertionData { assertionId: string; // Unique ID for the assertion (UUID) idpEntityId: string; // DummyIDP entity ID (https://dummyidp.com/apps/{appId}) subjectId: string; // User's email address (NameID) firstName: string; // User's first name attribute lastName: string; // User's last name attribute sessionId: string; // InResponseTo (from AuthnRequest ID, empty for IDP-initiated) now: string; // NotBefore timestamp (ISO 8601) expire: string; // NotOnOrAfter timestamp (ISO 8601) spEntityId: string; // Service Provider's entity ID (Audience) } // Generate a base64-encoded, signed SAML Response const key = await window.crypto.subtle.importKey( "jwk", JSON.parse(atob(INSECURE_PRIVATE_KEY)), { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" }, true, ["sign"] ); const assertion = await encodeAssertion(key, { assertionId: crypto.randomUUID(), idpEntityId: "https://dummyidp.com/apps/app_01j2xk3m4n5p6q7r8s9t0u1v2w", subjectId: "john.doe@example.com", firstName: "John", lastName: "Doe", spEntityId: "https://myapp.com", sessionId: "_abc123", // From AuthnRequest ID, or empty string for IDP-initiated now: moment().add(-1, "hour").format(), expire: moment().add(1, "hour").format(), }); // The resulting assertion is base64-encoded and can be POSTed as SAMLResponse ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.