samlesa 2.12.10 → 2.12.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of samlesa might be problematic. Click here for more details.
- package/build/src/binding-post.js +2 -2
- package/build/src/binding-post.js.map +1 -1
- package/build/src/binding-redirect.js +2 -2
- package/build/src/binding-redirect.js.map +1 -1
- package/build/src/binding-simplesign.js +2 -2
- package/build/src/binding-simplesign.js.map +1 -1
- package/build/src/entity-idp.js +17 -22
- package/build/src/entity-idp.js.map +1 -1
- package/build/src/extractor.js +1 -1
- package/build/src/extractor.js.map +1 -1
- package/build/src/libsaml.js +148 -103
- package/build/src/libsaml.js.map +1 -1
- package/build/src/validator.js.map +1 -1
- package/package.json +70 -70
- package/src/binding-post.ts +2 -2
- package/src/binding-redirect.ts +2 -2
- package/src/binding-simplesign.ts +2 -2
- package/src/entity-idp.ts +4 -4
- package/src/extractor.ts +1 -1
- package/src/libsaml.ts +271 -207
- package/src/validator.ts +2 -7
- package/types/src/binding-post.d.ts +1 -1
- package/types/src/binding-redirect.d.ts +1 -1
- package/types/src/binding-simplesign.d.ts +1 -1
- package/types/src/entity-idp.d.ts +1 -1
- package/types/src/libsaml.d.ts +56 -47
package/src/binding-redirect.ts
CHANGED
|
@@ -146,7 +146,7 @@ function loginRequestRedirectURL(entity: {
|
|
|
146
146
|
* @param {function} customTagReplacement used when developers have their own login response template
|
|
147
147
|
* @param AttributeStatement
|
|
148
148
|
*/
|
|
149
|
-
function loginResponseRedirectURL(requestInfo: any, entity: any, user: any = {}, relayState?: string, customTagReplacement?: (template: string) => BindingContext,AttributeStatement=
|
|
149
|
+
function loginResponseRedirectURL(requestInfo: any, entity: any, user: any = {}, relayState?: string, customTagReplacement?: (template: string) => BindingContext,AttributeStatement =[]): BindingContext {
|
|
150
150
|
const idpSetting = entity.idp.entitySetting;
|
|
151
151
|
const spSetting = entity.sp.entitySetting;
|
|
152
152
|
const metadata = {
|
|
@@ -192,7 +192,7 @@ function loginResponseRedirectURL(requestInfo: any, entity: any, user: any = {},
|
|
|
192
192
|
NameID: user.NameID || '',
|
|
193
193
|
InResponseTo: get(requestInfo, 'extract.request.id', ''),
|
|
194
194
|
AuthnStatement: `<saml:AuthnStatement AuthnInstant="${now}" SessionNotOnOrAfter="${tenHoursLater}" SessionIndex="${sessionIndex}"><saml:AuthnContext><saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef></saml:AuthnContext></saml:AuthnStatement>`,
|
|
195
|
-
AttributeStatement: AttributeStatement,
|
|
195
|
+
AttributeStatement: libsaml.attributeStatementBuilder(AttributeStatement),
|
|
196
196
|
};
|
|
197
197
|
|
|
198
198
|
if (idpSetting.loginResponseTemplate && customTagReplacement) {
|
|
@@ -135,7 +135,7 @@ function base64LoginRequest(entity: any, customTagReplacement?: (template: strin
|
|
|
135
135
|
* @param {function} customTagReplacement used when developers have their own login response template
|
|
136
136
|
* @param AttributeStatement
|
|
137
137
|
*/
|
|
138
|
-
async function base64LoginResponse(requestInfo: any = {}, entity: any, user: any = {}, relayState?: string, customTagReplacement?: (template: string) => BindingContext,AttributeStatement=
|
|
138
|
+
async function base64LoginResponse(requestInfo: any = {}, entity: any, user: any = {}, relayState?: string, customTagReplacement?: (template: string) => BindingContext, AttributeStatement:[] = []): Promise<BindingSimpleSignContext> {
|
|
139
139
|
const idpSetting = entity.idp.entitySetting;
|
|
140
140
|
const spSetting = entity.sp.entitySetting;
|
|
141
141
|
const id = idpSetting.generateID();
|
|
@@ -176,7 +176,7 @@ async function base64LoginResponse(requestInfo: any = {}, entity: any, user: any
|
|
|
176
176
|
NameID: user.NameID || '',
|
|
177
177
|
InResponseTo: get(requestInfo, 'extract.request.id', ''),
|
|
178
178
|
AuthnStatement: `<saml:AuthnStatement AuthnInstant="${now}" SessionNotOnOrAfter="${tenHoursLater}" SessionIndex="${sessionIndex}"><saml:AuthnContext><saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef></saml:AuthnContext></saml:AuthnStatement>`,
|
|
179
|
-
AttributeStatement: AttributeStatement,
|
|
179
|
+
AttributeStatement: libsaml.attributeStatementBuilder(AttributeStatement),
|
|
180
180
|
};
|
|
181
181
|
if (idpSetting.loginResponseTemplate && customTagReplacement) {
|
|
182
182
|
const template = customTagReplacement(idpSetting.loginResponseTemplate.context);
|
package/src/entity-idp.ts
CHANGED
|
@@ -49,7 +49,7 @@ export class IdentityProvider extends Entity {
|
|
|
49
49
|
};
|
|
50
50
|
const entitySetting = Object.assign(defaultIdpEntitySetting, idpSetting);
|
|
51
51
|
// build attribute part
|
|
52
|
-
if (idpSetting.loginResponseTemplate) {
|
|
52
|
+
/* if (idpSetting.loginResponseTemplate) {
|
|
53
53
|
if (isString(idpSetting.loginResponseTemplate.context) && Array.isArray(idpSetting.loginResponseTemplate.attributes)) {
|
|
54
54
|
let attributeStatementTemplate;
|
|
55
55
|
let attributeTemplate;
|
|
@@ -73,7 +73,7 @@ export class IdentityProvider extends Entity {
|
|
|
73
73
|
} else {
|
|
74
74
|
console.warn('Invalid login response template');
|
|
75
75
|
}
|
|
76
|
-
}
|
|
76
|
+
}*/
|
|
77
77
|
super(entitySetting, 'idp');
|
|
78
78
|
}
|
|
79
79
|
|
|
@@ -90,10 +90,10 @@ export class IdentityProvider extends Entity {
|
|
|
90
90
|
encryptThenSign?: boolean,
|
|
91
91
|
relayState?: string,
|
|
92
92
|
context: Record<string, any>,
|
|
93
|
-
AttributeStatement:
|
|
93
|
+
AttributeStatement:[]
|
|
94
94
|
}) {
|
|
95
95
|
const bindType = params?.binding ?? 'post';
|
|
96
|
-
const { sp,requestInfo ={}, user = {},customTagReplacement,encryptThenSign = false ,relayState='',AttributeStatement=
|
|
96
|
+
const { sp,requestInfo ={}, user = {},customTagReplacement,encryptThenSign = false ,relayState='',AttributeStatement= [] } = params
|
|
97
97
|
const protocol = namespace.binding[bindType];
|
|
98
98
|
// can support post, redirect and post simple sign bindings for login response
|
|
99
99
|
let context: any = null;
|
package/src/extractor.ts
CHANGED
|
@@ -44,7 +44,7 @@ export const loginRequestFields: ExtractorFields = [
|
|
|
44
44
|
{
|
|
45
45
|
key: 'request',
|
|
46
46
|
localPath: ['AuthnRequest'],
|
|
47
|
-
attributes: ['ID', 'IssueInstant', 'Destination', 'AssertionConsumerServiceURL']
|
|
47
|
+
attributes: ['ID', 'IssueInstant', 'Destination', 'AssertionConsumerServiceURL','ProtocolBinding','ForceAuthn','IsPassive','AssertionConsumerServiceIndex','AttributeConsumingServiceIndex']
|
|
48
48
|
},
|
|
49
49
|
{
|
|
50
50
|
key: 'issuer',
|