Skip to content

Instantly share code, notes, and snippets.

@geekeren

geekeren/Auth0-AWS-Rule.js

Last active September 3, 2019 08:25
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save geekeren/13a40bdbd41caf60e995291dc784f0e7 to your computer and use it in GitHub Desktop.
Save geekeren/13a40bdbd41caf60e995291dc784f0e7 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Auth0-AWS-Rule.js
function (user, context, callback) {
const mapping = {
readonly: "arn:aws:iam::xxxx:role/ReadOnly,arn:aws:iam::xxxx:saml-provider/Auth0",
admin: "arn:aws:iam::xxxx:role/Admin,arn:aws:iam::xxxx:saml-provider/Auth0",
};
user.awsRole = mapping.readonly;
if (context.authorization.roles.findIndex(role => role === "Admin") >= 0) {
user.awsRole = mapping.admin;
}
user.awsRoleSession = user.email;
user.sessionDuration = 1800;
context.samlConfiguration.mappings = {
'https://aws.amazon.com/SAML/Attributes/Role': 'awsRole',
'https://aws.amazon.com/SAML/Attributes/RoleSessionName': 'awsRoleSession',
'https://aws.amazon.com/SAML/Attributes/SessionDuration': 'sessionDuration'
};
console.log(user);
callback(null, user, context);
}
Raw
Auth0-TencentCloud-Rule.js
function (user, context, callback) {
user.tencentCloudRole = 'qcs::cam::uin/1586320567:roleName/Admin,qcs::cam::uin/1586320567:saml-provider/Auth0';
user.tencentCloudRoleSession = user.name;
context.samlConfiguration.mappings = {
'https://cloud.tencent.com/SAML/Attributes/Role': 'tencentCloudRole',
'https://cloud.tencent.com/SAML/Attributes/RoleSessionName': 'tencentCloudRoleSession'
};
callback(null, user, context);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment