add error handling to saml-certs

Signed-off-by: Simeon Keske <git@n0emis.eu> Signed-off-by: Leo Maroni <git@em0lar.de>
2025-02-02 17:12:33 +00:00 · 2020-05-06 16:28:34 +02:00 · 2020-05-06 16:28:34 +02:00 · bab0409ed0
commit bab0409ed0
parent 35ec617007
1 changed files with 15 additions and 2 deletions
--- a/lib/web/auth/saml/index.js
+++ b/lib/web/auth/saml/index.js
@ -16,8 +16,21 @@ passport.use(new SamlStrategy({
  callbackUrl: config.serverURL + '/auth/saml/callback',
  entryPoint: config.saml.idpSsoUrl,
  issuer: config.saml.issuer || config.serverURL,
-  cert: fs.readFileSync(config.saml.idpCert, 'utf-8'),
-  privateCert: config.saml.clientCert === undefined ? undefined : fs.readFileSync(config.saml.clientCert, 'utf-8'),
+  privateCert: config.saml.clientCert === undefined ? undefined : (function () {
+    try {
+      return fs.readFileSync(config.saml.clientCert, 'utf-8')
+    } catch (e) {
+      logger.error('saml client certificate not found at: ' + config.saml.clientCert)
+    }
+  }()),
+  cert: (function () {
+    try {
+      return fs.readFileSync(config.saml.idpCert, 'utf-8')
+    } catch (e) {
+      logger.error('saml idp certificate not found at: ' + config.saml.idpCert)
+      process.exit(1)
+    }
+  }()),
  identifierFormat: config.saml.identifierFormat,
  disableRequestedAuthnContext: config.saml.disableRequestedAuthnContext
 }, function (user, done) {