samlesa 2.15.0 → 2.15.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/build/src/flow.js +25 -25
  2. package/package.json +1 -1
  3. package/types/src/flow.d.ts.map +1 -1
package/build/src/flow.js CHANGED
@@ -111,12 +111,14 @@ async function redirectFlow(options) {
111
111
  && !verifyTime(extractedProperties.conditions.notBefore, extractedProperties.conditions.notOnOrAfter, self.entitySetting.clockDrifts)) {
112
112
  return Promise.reject('ERR_SUBJECT_UNCONFIRMED');
113
113
  }
114
- let destination = extractedProperties?.response?.destination;
115
- let isExit = self.entitySetting?.assertionConsumerService?.filter((item) => {
116
- return item?.Location === destination;
117
- });
118
- if (isExit?.length === 0) {
119
- return Promise.reject('ERR_Destination_URL');
114
+ if (parserType === 'SAMLResponse') {
115
+ let destination = extractedProperties?.response?.destination;
116
+ let isExit = self.entitySetting?.assertionConsumerService?.filter((item) => {
117
+ return item?.Location === destination;
118
+ });
119
+ if (isExit?.length === 0) {
120
+ return Promise.reject('ERR_Destination_URL');
121
+ }
120
122
  }
121
123
  return Promise.resolve(parseResult);
122
124
  }
@@ -136,15 +138,11 @@ async function postFlow(options) {
136
138
  let extractorFields = [];
137
139
  // validate the xml first
138
140
  let res = await libsaml.isValidXml(samlContent);
139
- console.log(res);
140
- console.log("验证结果---------------");
141
141
  if (parserType !== urlParams.samlResponse) {
142
142
  extractorFields = getDefaultExtractorFields(parserType, null);
143
143
  }
144
- console.log(parserType);
145
144
  // check status based on different scenarios
146
145
  await checkStatus(samlContent, parserType);
147
- console.log("========走不到这里来=============");
148
146
  /**检查签名顺序 */
149
147
  /* if (
150
148
  checkSignature &&
@@ -162,10 +160,7 @@ async function postFlow(options) {
162
160
  extractorFields = getDefaultExtractorFields(parserType, verifiedAssertionNode);
163
161
  }
164
162
  }*/
165
- console.log("===============我走的这里=========================");
166
163
  const [verified, verifiedAssertionNode, isDecryptRequired] = libsaml.verifySignature(samlContent, verificationOptions);
167
- console.log(verified);
168
- console.log("verified");
169
164
  decryptRequired = isDecryptRequired;
170
165
  if (!verified) {
171
166
  return Promise.reject('ERR_FAIL_TO_VERIFY_ETS_SIGNATURE');
@@ -183,12 +178,6 @@ async function postFlow(options) {
183
178
  checkSignature &&
184
179
  from.entitySetting.messageSigningOrder === MessageSignatureOrder.STE
185
180
  ) {
186
- console.log("走不到这里来========================================")
187
- console.log("走不到这里来========================================")
188
- console.log("走不到这里来========================================")
189
- console.log("走不到这里来========================================")
190
- console.log("走不到这里来========================================")
191
-
192
181
  const [verified, verifiedAssertionNode,isDecryptRequired] = libsaml.verifySignature(samlContent, verificationOptions);
193
182
  decryptRequired = isDecryptRequired
194
183
  if (verified) {
@@ -238,6 +227,15 @@ async function postFlow(options) {
238
227
  if (isExit?.length === 0) {
239
228
  return Promise.reject('ERR_Destination_URL');
240
229
  }
230
+ if (parserType === 'SAMLResponse') {
231
+ let destination = extractedProperties?.response?.destination;
232
+ let isExit = self.entitySetting?.assertionConsumerService?.filter((item) => {
233
+ return item?.Location === destination;
234
+ });
235
+ if (isExit?.length === 0) {
236
+ return Promise.reject('ERR_Destination_URL');
237
+ }
238
+ }
241
239
  return Promise.resolve(parseResult);
242
240
  }
243
241
  // proceed the post simple sign binding flow
@@ -323,12 +321,14 @@ async function postSimpleSignFlow(options) {
323
321
  && !verifyTime(extractedProperties.conditions.notBefore, extractedProperties.conditions.notOnOrAfter, self.entitySetting.clockDrifts)) {
324
322
  return Promise.reject('ERR_SUBJECT_UNCONFIRMED');
325
323
  }
326
- let destination = extractedProperties?.response?.destination;
327
- let isExit = self.entitySetting?.assertionConsumerService?.filter((item) => {
328
- return item?.Location === destination;
329
- });
330
- if (isExit?.length === 0) {
331
- return Promise.reject('ERR_Destination_URL');
324
+ if (parserType === 'SAMLResponse') {
325
+ let destination = extractedProperties?.response?.destination;
326
+ let isExit = self.entitySetting?.assertionConsumerService?.filter((item) => {
327
+ return item?.Location === destination;
328
+ });
329
+ if (isExit?.length === 0) {
330
+ return Promise.reject('ERR_Destination_URL');
331
+ }
332
332
  }
333
333
  return Promise.resolve(parseResult);
334
334
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "samlesa",
3
- "version": "2.15.0",
3
+ "version": "2.15.1",
4
4
  "description": "High-level API for Single Sign On (SAML 2.0) baseed on samlify ",
5
5
  "main": "build/index.js",
6
6
  "keywords": [
package/types/src/flow.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"flow.d.ts","sourceRoot":"","sources":["../../src/flow.ts"],"names":[],"mappings":"AAyBA,MAAM,WAAW,UAAU;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,GAAG,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,GAAC,IAAI,CAAE;CACvB;AAqdD,wBAAgB,IAAI,CAAC,OAAO,KAAA,GAAG,OAAO,CAAC,UAAU,CAAC,CAyBjD"}
1
+ {"version":3,"file":"flow.d.ts","sourceRoot":"","sources":["../../src/flow.ts"],"names":[],"mappings":"AAyBA,MAAM,WAAW,UAAU;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,GAAG,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,GAAC,IAAI,CAAE;CACvB;AAwdD,wBAAgB,IAAI,CAAC,OAAO,KAAA,GAAG,OAAO,CAAC,UAAU,CAAC,CAyBjD"}