samlesa 2.17.0 → 2.17.1

package/build/src/schemaValidator.js

@@ -56,10 +56,9 @@ function detectXXEIndicators(samlString) {
 export const validate = async (xml, isSoap = false) => {
     const indicators = detectXXEIndicators(xml);
     if (indicators) {
-        console.log("----------------------绝对不会是这里---------------------");
         throw new Error('ERR_EXCEPTION_VALIDATE_XML');
     }
-    schemas = normal;
+    schemas = isSoap ? soapSchema : normal;
     const schemaPath = path.resolve(__dirname, 'schema');
     const [xmlParse, ...preload] = await Promise.all(schemas.map(async (file) => ({
         fileName: file,
@@ -78,14 +77,11 @@ export const validate = async (xml, isSoap = false) => {
             preload: [xmlParse, ...preload],
         });
         if (validationResult.valid) {
-            console.log("验证通过-------------------------");
             return true;
         }
         throw validationResult.errors;
     }
     catch (error) {
-        console.log(error);
-        console.log("----------------------绝333333333333333333333333对不会是这里---------------------");
         throw new Error('ERR_EXCEPTION_VALIDATE_XML');
     }
 };

package/build/src/soap.js

@@ -1,5 +1,8 @@
 import axios from 'axios';
 import https from 'node:https';
+import crypto from "node:crypto";
+import { Builder } from 'xml2js';
+import iconv from 'iconv-lite';
 // 2. 配置 Axios 实例（处理自签名证书）
 const axiosInstance = axios.create({
     httpsAgent: new https.Agent({
@@ -10,16 +13,133 @@ export async function sendArtifactResolve(url, soapRequest) {
     try {
         const response = await axiosInstance.post(url, soapRequest, {
             headers: {
-                'Content-Type': 'application/soap+xml; charset=utf-8',
+                'Content-Type': 'text/xml',
                 'SOAPAction': '"ArtifactResolve"'
             },
             timeout: 5000 // 5秒超时
         });
-        console.log('✅ Resolve请求成功');
         return response.data;
     }
     catch (error) {
-        console.error('❌ Resolve请求失败');
         throw error.response.data;
     }
 }
+export async function sendArtifactResponse(url, soapRequest) {
+    try {
+        const response = await axiosInstance.post(url, soapRequest, {
+            headers: {
+                'Content-Type': 'text/xml',
+                'SOAPAction': '"ArtifactResponse"'
+            },
+            timeout: 5000 // 5秒超时
+        });
+        return response.data;
+    }
+    catch (error) {
+        throw error.response.data;
+    }
+}
+/**
+ * @desc   generate Art id
+ *
+ * @param entityIDString
+ * @param endpointIndex
+ */
+export function createArt(entityIDString, endpointIndex = 0) {
+    // 安全获取 sourceEntityId
+    let sourceEntityId;
+    if (typeof entityIDString === "string") {
+        sourceEntityId = entityIDString;
+    }
+    else {
+        // 确保只在非字符串类型上访问 entityMeta
+        sourceEntityId = entityIDString.entityMeta.getEntityID();
+    }
+    // 1. 固定类型代码 (0x0004 - 2字节)
+    const typeCode = Buffer.from([0x00, 0x04]);
+    // 2. 端点索引 (2字节，大端序)
+    if (endpointIndex < 0 || endpointIndex > 65535) {
+        throw new Error("Endpoint index must be between 0 and 65535");
+    }
+    const endpointBuf = Buffer.alloc(2);
+    endpointBuf.writeUInt16BE(endpointIndex);
+    // 3. Source ID - 实体ID的SHA-1哈希 (20字节)
+    const sourceId = crypto
+        .createHash("sha1")
+        .update(sourceEntityId)
+        .digest();
+    // 4. Message Handler - 20字节随机值
+    const messageHandler = crypto.randomBytes(20);
+    // 组合所有组件 (2+2+20+20 = 44字节)
+    const artifact = Buffer.concat([
+        typeCode,
+        endpointBuf,
+        sourceId,
+        messageHandler,
+    ]);
+    // 返回Base64编码的Artifact
+    return {
+        artifact: artifact.toString("base64"),
+        origin: {
+            typeCode: typeCode.readUInt16BE(0), // 改为整数值
+            endpointIndex: endpointIndex, // 修复字段名并赋正确的值
+            sourceId: sourceId.toString("hex"), // 转为十六进制
+            messageHandle: messageHandler.toString("hex"), // 转为十六进制
+        },
+    };
+}
+/**
+ * @desc   generate Art id
+ * @param artifact
+ */
+export function parseArt(artifact) {
+    // 解码 Base64
+    console.log(Object.prototype.toString.call(artifact));
+    if (Object.prototype.toString.call(artifact) !== '[object String]') {
+        return;
+    }
+    const decoded = Buffer.from(artifact, 'base64');
+    // 确保长度正确（SAML 工件固定为 44 字节）
+    if (decoded.length !== 44) {
+        throw new Error(`Invalid artifact length: ${decoded.length}, expected 44 bytes`);
+    }
+    // 读取前 4 字节（TypeCode + EndpointIndex）
+    const typeCode = decoded.readUInt16BE(0);
+    const endpointIndex = decoded.readUInt16BE(2);
+    // 使用 Buffer.from() 替代 slice()
+    const sourceId = Buffer.from(decoded.buffer, // 底层 ArrayBuffer
+    decoded.byteOffset + 4, // 起始偏移量
+    20 // 长度
+    ).toString('hex');
+    const messageHandle = Buffer.from(decoded.buffer, // 底层 ArrayBuffer
+    decoded.byteOffset + 24, // 起始偏移量
+    20 // 长度
+    ).toString('hex');
+    return { typeCode, endpointIndex, sourceId, messageHandle };
+}
+/**
+* 将对象转换为 ISO-8859-1 编码的 XML 字符串
+* @param {Object} data - 要转换的数据对象
+* @returns {Buffer} - ISO-8859-1 编码的 XML 数据 (Buffer)
+*/
+export function encodeXmlToIso88591(data) {
+    try {
+        // 1. 创建 XML 构建器
+        const builder = new Builder({
+            headless: false, // 包含 XML 声明
+            renderOpts: { 'pretty': false }, // 紧凑格式
+            xmldec: {
+                version: '1.0',
+                encoding: 'ISO-8859-1',
+                standalone: true
+            }
+        });
+        // 2. 构建 XML 字符串 (UTF-8 格式)
+        const utf8Xml = builder.buildObject(data);
+        // 3. 转换为 ISO-8859-1 编码的 Buffer
+        return iconv.encode(utf8Xml, 'iso-8859-1');
+    }
+    catch (error) {
+        throw new Error(`XML 编码失败: ${error.message}`);
+    }
+}

package/package.json

@@ -1,75 +1,77 @@
-{
-  "name": "samlesa",
-  "version": "2.17.0",
-  "description": "High-level API for Single Sign On (SAML 2.0) baseed on samlify ",
-  "main": "build/index.js",
-  "keywords": [
-    "nodejs",
-    "saml2",
-    "sso",
-    "slo",
-    "metadata"
-  ],
-  "type": "module",
-  "typings": "types/index.d.ts",
-  "scripts": {
-    "build": "tsc && copyfiles -u 1 src/schema/**/* build/src",
-    "docs": "docsify serve -o docs",
-    "lint": "tslint -p .",
-    "lint:fix": "tslint -p . --fix",
-    "test": "vitest",
-    "test:watch": "vitest",
-    "test:coverage": "vitest run --coverage",
-    "hooks:postinstall": "mklink /J .git\\hooks\\pre-commit .pre-commit.sh || copy .pre-commit.sh .git\\hooks\\pre-commit"
-  },
-  "exports": {
-    ".": {
-      "types": "./types/index.d.ts",
-      "import": "./build/index.js"
-    }
-  },
-  "files": [
-    "build",
-    "types"
-  ],
-  "contributors": [
-    "Veclea <vemocle@gmail.com>"
-  ],
-  "author": "Veclea",
-  "repository": {
-    "url": "https://github.com/Veclea/samlify.git",
-    "type": "git"
-  },
-  "license": "MIT",
-  "dependencies": {
-    "@xmldom/xmldom": "^0.9.8",
-    "axios": "^1.10.0",
-    "camelcase": "^8.0.0",
-    "cross-env": "^7.0.3",
-    "node-rsa": "^1.1.1",
-    "pako": "^2.1.0",
-    "ts-node": "^10.9.2",
-    "uuid": "^11.1.0",
-    "vite-tsconfig-paths": "^5.1.4",
-    "xml": "^1.0.1",
-    "xml-crypto": "^6.1.2",
-    "xml-encryption": "^3.1.0",
-    "xml-escape": "^1.1.0",
-    "xmllint-wasm": "^5.0.0",
-    "xpath": "^0.0.32"
-  },
-  "devDependencies": {
-    "@microsoft/api-extractor": "7.52.8",
-    "@types/node": "^24.0.10",
-    "@types/pako": "2.0.3",
-    "@types/uuid": "10.0.0",
-    "@vitest/coverage-istanbul": "^3.2.4",
-    "copyfiles": "^2.4.1",
-    "coveralls": "^3.1.1",
-    "esbuild": "^0.25.5",
-    "jsdom": "^26.1.0",
-    "timekeeper": "^2.3.1",
-    "typescript": "5.8.3",
-    "vitest": "^3.2.4"
-  }
-}
+{
+  "name": "samlesa",
+  "version": "2.17.1",
+  "description": "High-level API for Single Sign On (SAML 2.0) baseed on samlify ",
+  "main": "build/index.js",
+  "keywords": [
+    "nodejs",
+    "saml2",
+    "sso",
+    "slo",
+    "metadata"
+  ],
+  "type": "module",
+  "typings": "types/index.d.ts",
+  "scripts": {
+    "build": "tsc && copyfiles -u 1 src/schema/**/* build/src",
+    "docs": "docsify serve -o docs",
+    "lint": "tslint -p .",
+    "lint:fix": "tslint -p . --fix",
+    "test": "vitest",
+    "test:watch": "vitest --watch",
+    "test:coverage": "vitest run --coverage",
+    "hooks:postinstall": "mklink /J .git\\hooks\\pre-commit .pre-commit.sh || copy .pre-commit.sh .git\\hooks\\pre-commit"
+  },
+  "exports": {
+    ".": {
+      "types": "./types/index.d.ts",
+      "import": "./build/index.js"
+    }
+  },
+  "files": [
+    "build",
+    "types"
+  ],
+  "contributors": [
+    "Veclea <vemocle@gmail.com>"
+  ],
+  "author": "Veclea",
+  "repository": {
+    "url": "https://github.com/Veclea/samlify.git",
+    "type": "git"
+  },
+  "license": "MIT",
+  "dependencies": {
+    "@xmldom/xmldom": "^0.9.8",
+    "axios": "^1.10.0",
+    "camelcase": "^8.0.0",
+    "cross-env": "^7.0.3",
+    "iconv-lite": "^0.6.3",
+    "node-rsa": "^1.1.1",
+    "pako": "^2.1.0",
+    "ts-node": "^10.9.2",
+    "uuid": "^11.1.0",
+    "vite-tsconfig-paths": "^5.1.4",
+    "xml": "^1.0.1",
+    "xml-crypto": "^6.1.2",
+    "xml-encryption": "^3.1.0",
+    "xml-escape": "^1.1.0",
+    "xml2js": "^0.6.2",
+    "xmllint-wasm": "^5.0.0",
+    "xpath": "^0.0.32"
+  },
+  "devDependencies": {
+    "@types/node": "^24.0.13",
+    "@types/pako": "2.0.3",
+    "@types/uuid": "10.0.0",
+    "@vitest/coverage-istanbul": "^3.2.4",
+    "@vitest/coverage-v8": "3.2.4",
+    "copyfiles": "^2.4.1",
+    "coveralls": "^3.1.1",
+    "esbuild": "^0.25.6",
+    "jsdom": "^26.1.0",
+    "timekeeper": "^2.3.1",
+    "typescript": "5.8.3",
+    "vitest": "^3.2.4"
+  }
+}

package/types/api.d.ts

@@ -0,0 +1,15 @@
+import { DOMParser as dom } from '@xmldom/xmldom';
+import type { Options as DOMParserOptions } from '@xmldom/xmldom';
+interface Context extends ValidatorContext, DOMParserContext {
+}
+interface ValidatorContext {
+    validate?: (xml: string) => Promise<any>;
+}
+interface DOMParserContext {
+    dom: dom;
+}
+export declare function getContext(): Context;
+export declare function setSchemaValidator(params: ValidatorContext): void;
+export declare function setDOMParserOptions(options?: DOMParserOptions): void;
+export {};
+//# sourceMappingURL=api.d.ts.map

package/types/api.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../src/api.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,IAAI,GAAG,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,KAAK,EAAE,OAAO,IAAI,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAElE,UAAU,OAAQ,SAAQ,gBAAgB,EAAE,gBAAgB;CAAG;AAE/D,UAAU,gBAAgB;IACxB,QAAQ,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,GAAG,CAAC,CAAC;CAC1C;AAED,UAAU,gBAAgB;IACxB,GAAG,EAAE,GAAG,CAAC;CACV;AAOD,wBAAgB,UAAU,IAAG,OAAO,CAEnC;AAED,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,gBAAgB,GAAE,IAAI,CAShE;AAED,wBAAgB,mBAAmB,CAAC,OAAO,GAAE,gBAAqB,GAAE,IAAI,CAEvE"}

package/types/binding-post.d.ts

@@ -0,0 +1,48 @@
+/**
+* @file binding-post.ts
+* @author tngan
+* @desc Binding-level API, declare the functions using POST binding
+*/
+import type { BindingContext } from './entity.js';
+/**
+* @desc Generate a base64 encoded login request
+* @param  {string} referenceTagXPath           reference uri
+* @param  {object} entity                      object includes both idp and sp
+* @param  {function} customTagReplacement     used when developers have their own login response template
+*/
+declare function base64LoginRequest(referenceTagXPath: string, entity: any, customTagReplacement?: (template: string) => BindingContext): BindingContext;
+/**
+ * @desc Generate a base64 encoded login response
+ * @param  {object} requestInfo                 corresponding request, used to obtain the id
+ * @param  {object} entity                      object includes both idp and sp
+ * @param  {object} user                        current logged user (e.g. req.user)
+ * @param  {function} customTagReplacement     used when developers have their own login response template
+ * @param  {boolean}  encryptThenSign           whether or not to encrypt then sign first (if signing). Defaults to sign-then-encrypt
+ * @param AttributeStatement
+ */
+declare function base64LoginResponse(requestInfo: any | undefined, entity: any, user?: any, customTagReplacement?: (template: string) => BindingContext, encryptThenSign?: boolean, AttributeStatement?: never[]): Promise<BindingContext>;
+/**
+* @desc Generate a base64 encoded logout request
+* @param  {object} user                         current logged user (e.g. req.user)
+* @param  {string} referenceTagXPath            reference uri
+* @param  {object} entity                       object includes both idp and sp
+* @param  {function} customTagReplacement      used when developers have their own login response template
+* @return {string} base64 encoded request
+*/
+declare function base64LogoutRequest(user: Record<string, unknown>, referenceTagXPath: string, entity: any, customTagReplacement?: (template: string) => BindingContext): BindingContext;
+/**
+* @desc Generate a base64 encoded logout response
+* @param  {object} requestInfo                 corresponding request, used to obtain the id
+* @param  {string} referenceTagXPath           reference uri
+* @param  {object} entity                      object includes both idp and sp
+* @param  {function} customTagReplacement     used when developers have their own login response template
+*/
+declare function base64LogoutResponse(requestInfo: any, entity: any, customTagReplacement: (template: string) => BindingContext): BindingContext;
+declare const postBinding: {
+    base64LoginRequest: typeof base64LoginRequest;
+    base64LoginResponse: typeof base64LoginResponse;
+    base64LogoutRequest: typeof base64LogoutRequest;
+    base64LogoutResponse: typeof base64LogoutResponse;
+};
+export default postBinding;
+//# sourceMappingURL=binding-post.d.ts.map

package/types/binding-post.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"binding-post.d.ts","sourceRoot":"","sources":["../src/binding-post.ts"],"names":[],"mappings":"AAAA;;;;EAIE;AAGF,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAMlD;;;;;EAKE;AACF,iBAAS,kBAAkB,CAAC,iBAAiB,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,cAAc,CAqD/I;AACD;;;;;;;;GAQG;AACH,iBAAe,mBAAmB,CAAC,WAAW,EAAE,GAAG,YAAK,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,GAAE,GAAQ,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,EAAE,eAAe,GAAE,OAAe,EAAG,kBAAkB,UAAG,GAAG,OAAO,CAAC,cAAc,CAAC,CAuIrO;AACD;;;;;;;EAOE;AACF,iBAAS,mBAAmB,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,iBAAiB,EAAC,MAAM,EAAE,MAAM,KAAA,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,cAAc,CAkDzK;AACD;;;;;;EAME;AACF,iBAAS,oBAAoB,CAAC,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,oBAAoB,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,cAAc,CAsDvI;AAED,QAAA,MAAM,WAAW;;;;;CAKhB,CAAC;AAEF,eAAe,WAAW,CAAC"}

package/types/binding-redirect.d.ts

@@ -0,0 +1,54 @@
+import type { BindingContext } from './entity.js';
+import { IdentityProvider as Idp } from './entity-idp.js';
+import { ServiceProvider as Sp } from './entity-sp.js';
+export interface BuildRedirectConfig {
+    baseUrl: string;
+    type: string;
+    isSigned: boolean;
+    context: string;
+    entitySetting: any;
+    relayState?: string;
+}
+/**
+ * @desc Redirect URL for login request
+ * @param  {object} entity                       object includes both idp and sp
+ * @param  {function} customTagReplacement      used when developers have their own login response template
+ * @return {string} redirect URL
+ */
+declare function loginRequestRedirectURL(entity: {
+    idp: Idp;
+    sp: Sp;
+}, customTagReplacement?: (template: string) => BindingContext): BindingContext;
+/**
+ * @desc Redirect URL for login response
+ * @param  {object} requestInfo             corresponding request, used to obtain the id
+ * @param  {object} entity                      object includes both idp and sp
+ * @param  {object} user                         current logged user (e.g. req.user)
+ * @param  {String} relayState                the relaystate sent by sp corresponding request
+ * @param  {function} customTagReplacement     used when developers have their own login response template
+ * @param AttributeStatement
+ */
+declare function loginResponseRedirectURL(requestInfo: any, entity: any, user?: any, relayState?: string, customTagReplacement?: (template: string) => BindingContext, AttributeStatement?: never[]): BindingContext;
+/**
+ * @desc Redirect URL for logout request
+ * @param  {object} user                        current logged user (e.g. req.user)
+ * @param  {object} entity                      object includes both idp and sp
+ * @param  {function} customTagReplacement     used when developers have their own login response template
+ * @return {string} redirect URL
+ */
+declare function logoutRequestRedirectURL(user: any, entity: any, relayState?: string, customTagReplacement?: (template: string, tags: object) => BindingContext): BindingContext;
+/**
+ * @desc Redirect URL for logout response
+ * @param  {object} requescorresponding request, used to obtain the id
+ * @param  {object} entity                      object includes both idp and sp
+ * @param  {function} customTagReplacement     used when developers have their own login response template
+ */
+declare function logoutResponseRedirectURL(requestInfo: any, entity: any, relayState?: string, customTagReplacement?: (template: string) => BindingContext): BindingContext;
+declare const redirectBinding: {
+    loginRequestRedirectURL: typeof loginRequestRedirectURL;
+    loginResponseRedirectURL: typeof loginResponseRedirectURL;
+    logoutRequestRedirectURL: typeof logoutRequestRedirectURL;
+    logoutResponseRedirectURL: typeof logoutResponseRedirectURL;
+};
+export default redirectBinding;
+//# sourceMappingURL=binding-redirect.d.ts.map

package/types/binding-redirect.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"binding-redirect.d.ts","sourceRoot":"","sources":["../src/binding-redirect.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,aAAa,CAAC;AAChD,OAAO,EAAC,gBAAgB,IAAI,GAAG,EAAC,MAAM,iBAAiB,CAAC;AACxD,OAAO,EAAC,eAAe,IAAI,EAAE,EAAC,MAAM,gBAAgB,CAAC;AAOrD,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,OAAO,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,GAAG,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAgED;;;;;GAKG;AACH,iBAAS,uBAAuB,CAAC,MAAM,EAAE;IACvC,GAAG,EAAE,GAAG,CAAC;IACT,EAAE,EAAE,EAAE,CAAA;CACP,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,cAAc,CAyC9E;AAED;;;;;;;;GAQG;AACH,iBAAS,wBAAwB,CAAC,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,GAAE,GAAQ,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,EAAC,kBAAkB,UAAI,GAAG,cAAc,CAoGxM;AAED;;;;;;GAMG;AACH,iBAAS,wBAAwB,CAAC,IAAI,KAAA,EAAE,MAAM,KAAA,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,cAAc,GAAG,cAAc,CAwC9J;AAED;;;;;GAKG;AACH,iBAAS,yBAAyB,CAAC,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,cAAc,CAyClK;AAED,QAAA,MAAM,eAAe;;;;;CAKpB,CAAC;AAEF,eAAe,eAAe,CAAC"}

package/types/binding-simplesign.d.ts

@@ -0,0 +1,41 @@
+/**
+* @file binding-simplesign.ts
+* @author Orange
+* @desc Binding-level API, declare the functions using POST SimpleSign binding
+*/
+import type { BindingContext, SimpleSignComputedContext } from './entity.js';
+export interface BuildSimpleSignConfig {
+    type: string;
+    context: string;
+    entitySetting: any;
+    relayState?: string;
+}
+export interface BindingSimpleSignContext {
+    id: string;
+    context: string;
+    signature: any;
+    sigAlg: string;
+}
+/**
+* @desc Generate a base64 encoded login request
+* @param  {string} referenceTagXPath           reference uri
+* @param  {object} entity                      object includes both idp and sp
+* @param  {function} customTagReplacement     used when developers have their own login response template
+*/
+declare function base64LoginRequest(entity: any, customTagReplacement?: (template: string) => BindingContext): SimpleSignComputedContext;
+/**
+ * @desc Generate a base64 encoded login response
+ * @param  {object} requestInfo                 corresponding request, used to obtain the id
+ * @param  {object} entity                      object includes both idp and sp
+ * @param  {object} user                        current logged user (e.g. req.user)
+ * @param  {string}  relayState               the relay state
+ * @param  {function} customTagReplacement     used when developers have their own login response template
+ * @param AttributeStatement
+ */
+declare function base64LoginResponse(requestInfo: any | undefined, entity: any, user?: any, relayState?: string, customTagReplacement?: (template: string) => BindingContext, AttributeStatement?: []): Promise<BindingSimpleSignContext>;
+declare const simpleSignBinding: {
+    base64LoginRequest: typeof base64LoginRequest;
+    base64LoginResponse: typeof base64LoginResponse;
+};
+export default simpleSignBinding;
+//# sourceMappingURL=binding-simplesign.d.ts.map

package/types/binding-simplesign.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"binding-simplesign.d.ts","sourceRoot":"","sources":["../src/binding-simplesign.ts"],"names":[],"mappings":"AAAA;;;;EAIE;AAGF,OAAQ,KAAK,EAAE,cAAc,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAC;AAO9E,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,GAAG,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,wBAAwB;IACvC,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,GAAG,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;CAChB;AA6CD;;;;;EAKE;AACF,iBAAS,kBAAkB,CAAC,MAAM,EAAE,GAAG,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,yBAAyB,CAkD/H;AACD;;;;;;;;GAQG;AACH,iBAAe,mBAAmB,CAAC,WAAW,EAAE,GAAG,YAAK,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,GAAE,GAAQ,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,EAAE,kBAAkB,GAAC,EAAO,GAAG,OAAO,CAAC,wBAAwB,CAAC,CA6FtO;AAED,QAAA,MAAM,iBAAiB;;;CAGpB,CAAC;AAEJ,eAAe,iBAAiB,CAAC"}

package/types/entity-idp.d.ts

@@ -0,0 +1,38 @@
+import Entity, { type ESamlHttpRequest } from './entity.js';
+import { ServiceProviderConstructor as ServiceProvider, IdentityProviderMetadata, type IdentityProviderSettings } from './types.js';
+import { type FlowResult } from './flow.js';
+import type { BindingContext } from './entity.js';
+/**
+ * Identity provider can be configured using either metadata importing or idpSetting
+ */
+export default function (props: IdentityProviderSettings): IdentityProvider;
+/**
+ * Identity provider can be configured using either metadata importing or idpSetting
+ */
+export declare class IdentityProvider extends Entity {
+    entityMeta: IdentityProviderMetadata;
+    constructor(idpSetting: IdentityProviderSettings);
+    /**
+     * @desc  Generates the login response for developers to design their own method
+     * @param params
+     */
+    createLoginResponse(params: {
+        sp: ServiceProvider;
+        requestInfo: Record<string, any>;
+        binding?: string;
+        user: Record<string, any>;
+        customTagReplacement?: (template: string) => BindingContext;
+        encryptThenSign?: boolean;
+        relayState?: string;
+        context: Record<string, any>;
+        AttributeStatement: [];
+    }): Promise<any>;
+    /**
+     * Validation of the parsed URL parameters
+     * @param sp ServiceProvider instance
+     * @param binding Protocol binding
+     * @param req RequesmessageSigningOrderst
+     */
+    parseLoginRequest(sp: ServiceProvider, binding: string, req: ESamlHttpRequest): Promise<FlowResult>;
+}
+//# sourceMappingURL=entity-idp.d.ts.map

package/types/entity-idp.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"entity-idp.d.ts","sourceRoot":"","sources":["../src/entity-idp.ts"],"names":[],"mappings":"AAYA,OAAO,MAAM,EAAE,EAAE,KAAK,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC5D,OAAO,EACL,0BAA0B,IAAI,eAAe,EAE7C,wBAAwB,EACxB,KAAK,wBAAwB,EAC9B,MAAM,YAAY,CAAC;AAMpB,OAAO,EAAQ,KAAK,UAAU,EAAE,MAAO,WAAW,CAAC;AAEnD,OAAO,KAAM,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAEnD;;GAEG;AACH,MAAM,CAAC,OAAO,WAAU,KAAK,EAAE,wBAAwB,oBAEtD;AAED;;GAEG;AACH,qBAAa,gBAAiB,SAAQ,MAAM;IAElC,UAAU,EAAE,wBAAwB,CAAC;gBAEjC,UAAU,EAAE,wBAAwB;IAqChD;;;OAGG;IACU,mBAAmB,CAAC,MAAM,EAAC;QACtC,EAAE,EAAE,eAAe,CAAC;QACpB,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QACjC,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAC1B,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,CAAC;QAC5D,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAC7B,kBAAkB,EAAC,EAAE,CAAA;KACtB;IAyCD;;;;;OAKG;IACH,iBAAiB,CAAC,EAAE,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,gBAAgB;CAY9E"}

package/types/entity-sp.d.ts

@@ -0,0 +1,38 @@
+/**
+* @file entity-sp.ts
+* @author tngan
+* @desc  Declares the actions taken by service provider
+*/
+import Entity from './entity.js';
+import type { BindingContext, PostBindingContext, ESamlHttpRequest, SimpleSignBindingContext } from './entity.js';
+import { IdentityProviderConstructor as IdentityProvider, ServiceProviderMetadata, type ServiceProviderSettings } from './types.js';
+import { type FlowResult } from './flow.js';
+export default function (props: ServiceProviderSettings): ServiceProvider;
+/**
+* @desc Service provider can be configured using either metadata importing or spSetting
+* @param  {object} spSettingimport { FlowResult } from '../types/src/flow.d';
+
+*/
+export declare class ServiceProvider extends Entity {
+    entityMeta: ServiceProviderMetadata;
+    /**
+    * @desc  Inherited from Entity
+    * @param {object} spSetting    setting of service provider
+    */
+    constructor(spSetting: ServiceProviderSettings);
+    /**
+    * @desc  Generates the login request for developers to design their own method
+    * @param  {IdentityProvider} idp               object of identity provider
+    * @param  {string}   binding                   protocol binding
+    * @param  {function} customTagReplacement     used when developers have their own login response template
+    */
+    createLoginRequest(idp: IdentityProvider, binding?: string, customTagReplacement?: (template: string) => BindingContext): BindingContext | PostBindingContext | SimpleSignBindingContext;
+    /**
+    * @desc   Validation of the parsed the URL parameters
+    * @param  {IdentityProvider}   idp             object of identity provider
+    * @param  {string}   binding                   protocol binding
+    * @param  {request}   req                      request
+    */
+    parseLoginResponse(idp: any, binding: any, request: ESamlHttpRequest): Promise<FlowResult>;
+}
+//# sourceMappingURL=entity-sp.d.ts.map

package/types/entity-sp.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"entity-sp.d.ts","sourceRoot":"","sources":["../src/entity-sp.ts"],"names":[],"mappings":"AAAA;;;;EAIE;AACF,OAAO,MAEN,MAAM,aAAa,CAAC;AACrB,OAAQ,KAAK,EAAG,cAAc,EAC5B,kBAAkB,EAClB,gBAAgB,EAChB,wBAAwB,EAAE,MAAK,aAAa,CAAC;AAC/C,OAAO,EACL,2BAA2B,IAAI,gBAAgB,EAC/C,uBAAuB,EACvB,KAAK,uBAAuB,EAC7B,MAAM,YAAY,CAAC;AAKpB,OAAO,EAAQ,KAAK,UAAU,EAAE,MAAO,WAAW,CAAC;AAKnD,MAAM,CAAC,OAAO,WAAU,KAAK,EAAE,uBAAuB,mBAErD;AAED;;;;EAIE;AACF,qBAAa,eAAgB,SAAQ,MAAM;IAChC,UAAU,EAAE,uBAAuB,CAAC;IAE7C;;;MAGE;gBACU,SAAS,EAAE,uBAAuB;IAS9C;;;;;MAKE;IACK,kBAAkB,CACvB,GAAG,EAAE,gBAAgB,EACrB,OAAO,SAAa,EACpB,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAC1D,cAAc,GAAG,kBAAkB,GAAE,wBAAwB;IAkChE;;;;;MAKE;IACK,kBAAkB,CAAC,GAAG,KAAA,EAAE,OAAO,KAAA,EAAE,OAAO,EAAE,gBAAgB;CAalE"}