samlesa 2.18.3 → 2.18.4

package/build/src/extractor.js

@@ -173,7 +173,24 @@ export const loginResponseFields = assertion => [
         attributePath: ['AttributeValue'],
         attributes: [],
         shortcut: assertion
-    }
+    },
+    {
+        key: 'subjectConfirmation',
+        localPath: ['Assertion', 'Subject', 'SubjectConfirmation', 'SubjectConfirmationData'],
+        attributes: ['Recipient', 'InResponseTo', 'NotOnOrAfter'],
+        shortcut: assertion
+    },
+    {
+        key: 'oneTimeUse',
+        localPath: ['Assertion', 'Conditions', 'OneTimeUse'],
+        attributes: [],
+        shortcut: assertion
+    },
+    {
+        key: 'status',
+        localPath: ['Response', 'Status', 'StatusCode'],
+        attributes: ['Value']
+    },
 ];
 export const logoutRequestFields = [
     {

package/build/src/flow.js

@@ -107,7 +107,7 @@ async function redirectFlow(options) {
     if (parserType === 'SAMLResponse'
         && extractedProperties.conditions
         && !verifyTime(extractedProperties.conditions.notBefore, extractedProperties.conditions.notOnOrAfter, self.entitySetting.clockDrifts)) {
-        return Promise.reject('ERR_SUBJECT_UNCONFIRMED');
+        return Promise.reject('ERR_CONDITION_UNCONFIRMED');
     }
     if (parserType === 'SAMLResponse') {
         let destination = extractedProperties?.response?.destination;
@@ -153,8 +153,6 @@ async function postFlow(options) {
     /**检查签名顺序 */
     // 改进的postFlow函数中关于签名验证的部分
     const verificationResult = await libsaml.verifySignature(samlContent, verificationOptions, self);
-    /*    console.log(verificationResult)
-        console.log("解析对象")*/
     let resultObject = {
         isMessageSigned: true, //是否有外层的消息签名（Response或者Request 等最外层的签名）
         MessageSignatureStatus: true, //外层的签名是否经过验证
@@ -227,30 +225,111 @@ async function postFlow(options) {
     if (parserType === 'SAMLResponse'
         && extractedProperties.conditions
         && !verifyTime(extractedProperties.conditions.notBefore, extractedProperties.conditions.notOnOrAfter, self.entitySetting.clockDrifts)) {
+        return Promise.reject('ERR_CONDITION_SESSION');
+    }
+    // invalid subjectConfirmation time
+    // invalid time
+    // 2.4.1.2 https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf
+    if (parserType === 'SAMLResponse'
+        && extractedProperties.subjectConfirmation
+        && !verifyTime(undefined, extractedProperties.subjectConfirmation.notOnOrAfter, self.entitySetting.clockDrifts)) {
         return Promise.reject('ERR_SUBJECT_UNCONFIRMED');
     }
     //valid destination
     //There is no validation of the response here. The upper-layer application
     // should verify the result by itself to see if the destination is equal to the SP acs and
     // whether the response.id is used to prevent replay attacks.
-    /*
-        let destination = extractedProperties?.response?.destination
-        let isExit = self.entitySetting?.assertionConsumerService?.filter((item) => {
-            return item?.Location === destination
-        })
-        if (isExit?.length === 0) {
-            return Promise.reject('ERR_Destination_URL');
-        }
-        if (parserType === 'SAMLResponse') {
-            let destination = extractedProperties?.response?.destination
-            let isExit = self.entitySetting?.assertionConsumerService?.filter((item: { Location: any; }) => {
+    console.log(extractedProperties);
+    console.log("牛逼属性");
+    /*        let destination = extractedProperties?.response?.destination
+            let isExit = self.entitySetting?.assertionConsumerService?.filter((item) => {
                 return item?.Location === destination
             })
             if (isExit?.length === 0) {
                 return Promise.reject('ERR_Destination_URL');
             }
-        }
-    */
+            if (parserType === 'SAMLResponse') {
+                let destination = extractedProperties?.response?.destination
+                let isExit = self.entitySetting?.assertionConsumerService?.filter((item: { Location: any; }) => {
+                    return item?.Location === destination
+                })
+                if (isExit?.length === 0) {
+                    return Promise.reject('ERR_Destination_URL');
+                }
+            }*/
+    // ============================
+    // VALIDATE Destination & Recipient
+    // ============================
+    const { type } = verificationResult;
+    const { response, subjectConfirmation } = extractedProperties || {};
+    // 获取 SP 配置的所有合法 ACS URLs（用于比对）
+    const validACSUrls = (self.entitySetting?.assertionConsumerService || [])
+        .map((item) => item.Location)
+        .filter(Boolean);
+    /**
+     * Helper: Check if a given URL is in the list of valid ACS endpoints
+     */
+    function isValidACSEndpoint(url) {
+        return url != null && validACSUrls.includes(url);
+    }
+    // 根据消息类型执行不同的验证
+    switch (type) {
+        case 'Response': // SAML Response (Login)
+            {
+                // 1. 验证协议层 Destination（必须匹配 ACS）
+                const destination = response?.destination;
+                if (!isValidACSEndpoint(destination)) {
+                    return Promise.reject('ERR_INVALID_DESTINATION');
+                }
+                // 2. 验证断言层 Recipient（必须匹配 ACS，且通常应等于 Destination）
+                const recipient = subjectConfirmation?.recipient;
+                if (!isValidACSEndpoint(recipient)) {
+                    return Promise.reject('ERR_INVALID_RECIPIENT');
+                }
+                // 可选：强制 Destination === Recipient（推荐）
+                if (destination !== recipient) {
+                    // 注意：某些 IdP 可能不严格一致，但安全起见建议开启
+                    return Promise.reject('ERR_DESTINATION_RECIPIENT_MISMATCH');
+                }
+            }
+            break;
+        case 'LogoutRequest': // IdP 发起的单点登出
+            {
+                // LogoutRequest 是 IdP → SP，SP 是接收方
+                // 必须验证 Destination 是否为 SP 的 SLO endpoint（Single Logout Service）
+                const destination = response?.destination; // 注意：LogoutRequest 的 root 元素是 <samlp:LogoutRequest>
+                const validSLOUrls = (self.entitySetting?.singleLogoutService || [])
+                    .map((item) => item.Location)
+                    .filter(Boolean);
+                if (destination && !validSLOUrls.includes(destination)) {
+                    return Promise.reject('ERR_INVALID_LOGOUT_DESTINATION');
+                }
+                // LogoutRequest 通常**不包含 Assertion**，所以无 Recipient
+                // 如果有嵌套断言（罕见），可额外处理，但一般不需要
+            }
+            break;
+        case 'LogoutResponse': // SP → IdP 的登出响应
+            {
+                // LogoutResponse 是 SP → IdP，IdP 是接收方
+                // 此时 SP 是发送方，**不应验证 Destination 是否属于自身**
+                // 而应由 IdP 验证。因此 SP 端通常**跳过 Destination 验证**
+                // 但如果你作为 SP 也要校验（比如防止发错），可对比 IdP 的 SLO URL
+                // —— 但你的 entityMeta 是 SP 自身，没有 IdP 的 SLO，所以一般不验
+                // ✅ 所以：LogoutResponse 在 SP 端通常**无需验证 Destination/Recipient**
+            }
+            break;
+        case 'AuthnRequest': // SP → IdP 的认证请求
+            {
+                // AuthnRequest 是 SP 发出的，不是接收的
+                // 此验证逻辑运行在 SP 接收响应时，**不会收到 AuthnRequest**
+                // 所以这个 case 实际不会触发，保留仅为完整性
+            }
+            break;
+        case 'Unknown':
+        default:
+            // 未知类型，保守拒绝
+            return Promise.reject('ERR_UNKNOWN_SAML_MESSAGE_TYPE');
+    }
     return Promise.resolve({
         ...parseResult,
         verificationResult: {
@@ -291,8 +370,6 @@ async function postArtifactFlow(options) {
     /**检查签名顺序 */
     // 改进的postFlow函数中关于签名验证的部分
     const verificationResult = await libsaml.verifySignature(samlContent, verificationOptions, self);
-    console.log(verificationResult);
-    console.log("最终结果====");
     // 检查验证结果
     if (!verificationResult.status) {
         // 如果验证失败，根据具体情况返回错误
@@ -346,7 +423,7 @@ async function postArtifactFlow(options) {
     if (parserType === 'SAMLResponse'
         && extractedProperties.conditions
         && !verifyTime(extractedProperties.conditions.notBefore, extractedProperties.conditions.notOnOrAfter, self.entitySetting.clockDrifts)) {
-        return Promise.reject('ERR_SUBJECT_UNCONFIRMED');
+        return Promise.reject('ERR_CONDITION_UNCONFIRMED');
     }
     //valid destination
     //There is no validation of the response here. The upper-layer application
@@ -451,7 +528,7 @@ async function postSimpleSignFlow(options) {
     if (parserType === 'SAMLResponse'
         && extractedProperties.conditions
         && !verifyTime(extractedProperties.conditions.notBefore, extractedProperties.conditions.notOnOrAfter, self.entitySetting.clockDrifts)) {
-        return Promise.reject('ERR_SUBJECT_UNCONFIRMED');
+        return Promise.reject('ERR_CONDITION_UNCONFIRMED');
     }
     if (parserType === 'SAMLResponse') {
         let destination = extractedProperties?.response?.destination;
@@ -486,7 +563,8 @@ export function checkStatus(content, parserType, soap) {
         throw new Error('ERR_UNDEFINED_STATUS');
     }
     // returns a detailed error for two-tier error code
-    throw new Error(`ERR_FAILED_STATUS with top tier code: ${top}, second tier code: ${second}`);
+    throw new Error('ERR_UNDEFINED_STATUS');
+    /*  throw new Error(`ERR_FAILED_STATUS with top tier code: ${top}, second tier code: ${second}`);*/
 }
 export function flow(options) {
     const binding = options.binding;

package/build/src/libsaml.js

@@ -314,7 +314,7 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
          * @desc Construct the XML signature for POST binding
          * @param  {string} rawSamlMessage      request/response xml string
          * @param  {string} referenceTagXPath    reference uri
-         * @param  {string} privateKey           declares the private key
+         * @param  {string} privateKey           declares the private key-
          * @param  {string} passphrase           passphrase of the private key [optional]
          * @param  {string|buffer} signingCert   signing certificate
          * @param  {string} signatureAlgorithm   signature algorithm
@@ -465,8 +465,6 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
             }
             let hasUnsafeSignatureAlgorithm = false;
             let unsafeSignatureAlgorithm = '';
-            console.log({ hasUnsafeSignatureAlgorithm, unsafeSignatureAlgorithm });
-            console.log("检查结果=====");
             // 特殊情况：带未签名断言的未签名SAML响应，应该拒绝
             if (!isMessageSigned && !isAssertionSigned && !encrypted) {
                 return {
@@ -612,7 +610,6 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
                         sig.publicCert = this.getKeyInfo(metadataCert[0]).getKey();
                     }
                 }
-                console.log(doc.toString());
                 sig.signatureAlgorithm = signatureAlgorithm.value;
                 // @ts-expect-error misssing Node properties are not needed
                 sig.loadSignature(signatureNode);

package/package.json

@@ -1,77 +1,77 @@
-{
-  "name": "samlesa",
-  "version": "2.18.3",
-  "description": "High-level API for Single Sign On (SAML 2.0) baseed on samlify ",
-  "main": "build/index.js",
-  "keywords": [
-    "nodejs",
-    "saml2",
-    "sso",
-    "slo",
-    "metadata"
-  ],
-  "type": "module",
-  "typings": "types/index.d.ts",
-  "scripts": {
-    "build": "tsc && copyfiles -u 1 src/schema/**/* build/src",
-    "docs": "docsify serve -o docs",
-    "lint": "tslint -p .",
-    "lint:fix": "tslint -p . --fix",
-    "test": "vitest",
-    "test:watch": "vitest --watch",
-    "test:coverage": "vitest run --coverage",
-    "hooks:postinstall": "mklink /J .git\\hooks\\pre-commit .pre-commit.sh || copy .pre-commit.sh .git\\hooks\\pre-commit"
-  },
-  "exports": {
-    ".": {
-      "types": "./types/index.d.ts",
-      "import": "./build/index.js"
-    }
-  },
-  "files": [
-    "build",
-    "types"
-  ],
-  "contributors": [
-    "Veclea <vemocle@gmail.com>"
-  ],
-  "author": "Veclea",
-  "repository": {
-    "url": "https://github.com/Veclea/samlify.git",
-    "type": "git"
-  },
-  "license": "MIT",
-  "dependencies": {
-    "@xmldom/xmldom": "^0.9.8",
-    "axios": "^1.13.5",
-    "camelcase": "^9.0.0",
-    "cross-env": "^10.1.0",
-    "iconv-lite": "^0.7.2",
-    "node-rsa": "^1.1.1",
-    "pako": "^2.1.0",
-    "ts-node": "^10.9.2",
-    "uuid": "^13.0.0",
-    "vite-tsconfig-paths": "^6.1.1",
-    "xml": "^1.0.1",
-    "xml-crypto": "^6.1.2",
-    "xml-encryption": "^3.1.0",
-    "xml-escape": "^1.1.0",
-    "xml2js": "^0.6.2",
-    "xmllint-wasm": "^5.1.0",
-    "xpath": "^0.0.32"
-  },
-  "devDependencies": {
-    "@types/node": "^25.3.2",
-    "@types/pako": "2.0.4",
-    "@types/uuid": "11.0.0",
-    "@vitest/coverage-istanbul": "^4.0.18",
-    "@vitest/coverage-v8": "4.0.18",
-    "copyfiles": "^2.4.1",
-    "coveralls": "^3.1.1",
-    "esbuild": "^0.27.3",
-    "jsdom": "^28.1.0",
-    "timekeeper": "^2.3.1",
-    "typescript": "5.9.3",
-    "vitest": "^4.0.18"
-  }
-}
+{
+  "name": "samlesa",
+  "version": "2.18.4",
+  "description": "High-level API for Single Sign On (SAML 2.0) baseed on samlify ",
+  "main": "build/index.js",
+  "keywords": [
+    "nodejs",
+    "saml2",
+    "sso",
+    "slo",
+    "metadata"
+  ],
+  "type": "module",
+  "typings": "types/index.d.ts",
+  "scripts": {
+    "build": "tsc && copyfiles -u 1 src/schema/**/* build/src",
+    "docs": "docsify serve -o docs",
+    "lint": "tslint -p .",
+    "lint:fix": "tslint -p . --fix",
+    "test": "vitest",
+    "test:watch": "vitest --watch",
+    "test:coverage": "vitest run --coverage",
+    "hooks:postinstall": "mklink /J .git\\hooks\\pre-commit .pre-commit.sh || copy .pre-commit.sh .git\\hooks\\pre-commit"
+  },
+  "exports": {
+    ".": {
+      "types": "./types/index.d.ts",
+      "import": "./build/index.js"
+    }
+  },
+  "files": [
+    "build",
+    "types"
+  ],
+  "contributors": [
+    "Veclea <vemocle@gmail.com>"
+  ],
+  "author": "Veclea",
+  "repository": {
+    "url": "https://github.com/Veclea/samlify.git",
+    "type": "git"
+  },
+  "license": "MIT",
+  "dependencies": {
+    "@xmldom/xmldom": "^0.9.8",
+    "axios": "^1.13.5",
+    "camelcase": "^9.0.0",
+    "cross-env": "^10.1.0",
+    "iconv-lite": "^0.7.2",
+    "node-rsa": "^1.1.1",
+    "pako": "^2.1.0",
+    "ts-node": "^10.9.2",
+    "uuid": "^13.0.0",
+    "vite-tsconfig-paths": "^6.1.1",
+    "xml": "^1.0.1",
+    "xml-crypto": "^6.1.2",
+    "xml-encryption": "^3.1.0",
+    "xml-escape": "^1.1.0",
+    "xml2js": "^0.6.2",
+    "xmllint-wasm": "^5.1.0",
+    "xpath": "^0.0.32"
+  },
+  "devDependencies": {
+    "@types/node": "^25.3.2",
+    "@types/pako": "2.0.4",
+    "@types/uuid": "11.0.0",
+    "@vitest/coverage-istanbul": "^4.0.18",
+    "@vitest/coverage-v8": "4.0.18",
+    "copyfiles": "^2.4.1",
+    "coveralls": "^3.1.1",
+    "esbuild": "^0.27.3",
+    "jsdom": "^28.1.0",
+    "timekeeper": "^2.3.1",
+    "typescript": "5.9.3",
+    "vitest": "^4.0.18"
+  }
+}

package/types/src/extractor.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"extractor.d.ts","sourceRoot":"","sources":["../../src/extractor.ts"],"names":[],"mappings":"AAKA,UAAU,cAAc;IACtB,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,EAAE,CAAC;IACjC,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,MAAM,eAAe,GAAG,cAAc,EAAE,CAAC;AA4B/C,eAAO,MAAM,kBAAkB,EAAE,eA2BhC,CAAC;AACF,eAAO,MAAM,qBAAqB;;;;;;;;;;IAiBjC,CAAC;AACF,eAAO,MAAM,sBAAsB;;;;;;;;;;IAiBlC,CAAC;AAEF,eAAO,MAAM,yBAAyB;;;;GAWrC,CAAC;AAEF,eAAO,MAAM,iCAAiC;;;;GAW7C,CAAC;AAGF,eAAO,MAAM,0BAA0B;;;;GAWtC,CAAC;AAEF,eAAO,MAAM,mBAAmB,EAAE,CAAC,CAAC,SAAS,EAAE,GAAG,KAAK,eAAe,CAiDrE,CAAC;AAEF,eAAO,MAAM,mBAAmB,EAAE,eA2BjC,CAAC;AAEF,eAAO,MAAM,oBAAoB,EAAE,eAiBlC,CAAC;AAEF,wBAAgB,OAAO,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,KAAA,OA6M9C"}
+{"version":3,"file":"extractor.d.ts","sourceRoot":"","sources":["../../src/extractor.ts"],"names":[],"mappings":"AAKA,UAAU,cAAc;IACtB,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,EAAE,CAAC;IACjC,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,MAAM,eAAe,GAAG,cAAc,EAAE,CAAC;AA4B/C,eAAO,MAAM,kBAAkB,EAAE,eA2BhC,CAAC;AACF,eAAO,MAAM,qBAAqB;;;;;;;;;;IAiBjC,CAAC;AACF,eAAO,MAAM,sBAAsB;;;;;;;;;;IAiBlC,CAAC;AAEF,eAAO,MAAM,yBAAyB;;;;GAWrC,CAAC;AAEF,eAAO,MAAM,iCAAiC;;;;GAW7C,CAAC;AAGF,eAAO,MAAM,0BAA0B;;;;GAWtC,CAAC;AAEF,eAAO,MAAM,mBAAmB,EAAE,CAAC,CAAC,SAAS,EAAE,GAAG,KAAK,eAAe,CAkErE,CAAC;AAEF,eAAO,MAAM,mBAAmB,EAAE,eA2BjC,CAAC;AAEF,eAAO,MAAM,oBAAoB,EAAE,eAiBlC,CAAC;AAEF,wBAAgB,OAAO,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,KAAA,OA6M9C"}

package/types/src/flow.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"flow.d.ts","sourceRoot":"","sources":["../../src/flow.ts"],"names":[],"mappings":"AAyBA,MAAM,WAAW,UAAU;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,GAAG,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AA+mBD,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CA6BhG;AAED,wBAAgB,IAAI,CAAC,OAAO,KAAA,GAAG,OAAO,CAAC,UAAU,CAAC,CA0BjD"}
+{"version":3,"file":"flow.d.ts","sourceRoot":"","sources":["../../src/flow.ts"],"names":[],"mappings":"AAyBA,MAAM,WAAW,UAAU;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,GAAG,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AAitBD,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CA8BhG;AAED,wBAAgB,IAAI,CAAC,OAAO,KAAA,GAAG,OAAO,CAAC,UAAU,CAAC,CA0BjD"}

package/types/src/libsaml.d.ts

@@ -160,7 +160,7 @@ declare const _default: {
      * @desc Construct the XML signature for POST binding
      * @param  {string} rawSamlMessage      request/response xml string
      * @param  {string} referenceTagXPath    reference uri
-     * @param  {string} privateKey           declares the private key
+     * @param  {string} privateKey           declares the private key-
      * @param  {string} passphrase           passphrase of the private key [optional]
      * @param  {string|buffer} signingCert   signing certificate
      * @param  {string} signatureAlgorithm   signature algorithm

package/types/src/libsaml.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"libsaml.d.ts","sourceRoot":"","sources":["../../src/libsaml.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAAC,iBAAiB,EAAC,MAAM,eAAe,CAAC;AAerD;;;;GAIG;AAGH,MAAM,WAAW,oBAAoB;IACjC,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,WAAW,EAAE,MAAM,GAAG,MAAM,CAAC;IAC7B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,eAAe,CAAC,EAAE,GAAG,CAAC;IACtB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,wBAAwB,CAAC,EAAE,MAAM,EAAE,CAAC;CACvC;AAED,MAAM,WAAW,wBAAwB;IACrC,QAAQ,CAAC,EAAE,iBAAiB,CAAC;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC/B;AAED,MAAM,WAAW,eAAe;IAC5B,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;IAEnB,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC9B,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC3B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACtB;AAED,MAAM,WAAW,sBAAsB;IACnC,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;CAC5B;AAED,MAAM,WAAW,gCAAgC;IAC7C,0BAA0B,CAAC,EAAE,0BAA0B,CAAC;IACxD,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;CACzC;AAED,MAAM,WAAW,gBAAgB;IAC7B,OAAO,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;IAC3D,UAAU,CAAC,EAAE,sBAAsB,EAAE,CAAC;IACtC,mBAAmB,CAAC,EAAE,gCAAgC,CAAC;CAC1D;AAED,MAAM,WAAW,0BAA2B,SAAQ,gBAAgB;CACnE;AAED,MAAM,WAAW,iBAAkB,SAAQ,gBAAgB;CAC1D;AAED,MAAM,WAAW,oBAAqB,SAAQ,gBAAgB;CAC7D;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;CAC9D;AAED,MAAM,WAAW,sBAAuB,SAAQ,gBAAgB;CAC/D;AAED,MAAM,MAAM,MAAM,GAAG,SAAS,GAAG,YAAY,CAAC;AAE9C,MAAM,WAAW,YAAY;IACzB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACtB;AAED,MAAM,WAAW,gBAAgB;IAC7B,mBAAmB,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,CAAC;IAC9C,WAAW,EAAE,CAAC,KAAK,KAAA,EAAE,YAAY,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IACvD,kBAAkB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,KAAK,MAAM,CAAC;IAC/D,yBAAyB,EAAE,CAAC,UAAU,EAAE,sBAAsB,EAAE,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,0BAA0B,EAAE,0BAA0B,KAAK,MAAM,CAAC;IAC1K,sBAAsB,EAAE,CAAC,IAAI,EAAE,oBAAoB,KAAK,MAAM,CAAC;IAC/D,eAAe,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,wBAAwB,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IACjF,gBAAgB,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,KAAK,EAAE,CAAC;IAC7D,yBAAyB,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,OAAO,EAAE,gBAAgB,CAAC,EAAE,MAAM,KAAK,MAAM,CAAC;IAE5I,sBAAsB,EAAE,CAAC,QAAQ,KAAA,EAAE,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC;IACzH,UAAU,EAAE,CAAC,eAAe,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,GAAG,KAAK,IAAI,CAAC;IACrE,gBAAgB,EAAE,CAAC,YAAY,KAAA,EAAE,YAAY,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IACrF,gBAAgB,EAAE,CAAC,IAAI,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;IAEtE,gBAAgB,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IACpD,eAAe,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IAEnD,gBAAgB,EAAE,GAAG,CAAC;IACtB,2BAA2B,EAAE,oBAAoB,CAAC;IAClD,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,iCAAiC,EAAE,0BAA0B,CAAC;IAC9D,wBAAwB,EAAE,iBAAiB,CAAC;IAC5C,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,6BAA6B,EAAE,sBAAsB,CAAC;CACzD;;6CAoN8C,OAAO,KAAG,MAAM;gCA5MxB,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;wDA8BkB,MAAM;;;;IA0N7D;;;;;OAKG;+BACwB,MAAM,aAAa,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM;IAS9E;;;;;;OAMG;IACH,eAAe;6CAC0B,GAAG,EAAE,GAAG,MAAM;IA0CvD;;;;;;;;;;OAUG;iCAC0B,oBAAoB;2CAiDV,MAAM,mBAAmB,MAAM;;;;;;;;;;;;;IAoCtE;;;;;;OAMG;yBACwB,MAAM,QAAQ,wBAAwB,QAAQ,GAAG;;;;;;;;;;;;;;6BAoYnD,MAAM,QAAQ,wBAAwB;IAoK/D;;;;;OAKG;0BACmB,MAAM,cAAc,MAAM,GAAG,MAAM,GAAG,YAAY;IAsBxE;;;;;;;;OAQG;2CAEc,MAAM,OACd,MAAM,eACE,MAAM,aACR,OAAO,qBACC,MAAM;IA8B7B;;;;;;;OAOG;uDAGc,MAAM,aACR,MAAM,GAAG,MAAM,oBACR,MAAM;IAO5B;;;;OAIG;gCACyB,MAAM,oBAAmB,GAAG;;;;IAWxD;;;;;;OAMG;iEAEgD,MAAM;IAsDzD;;;;;;;OAOG;2CAC+B,MAAM;IAoCxC;;OAEG;IACH;;OAEG;+CACmC,MAAM,SAAS,wBAAwB;;;;;;IAsH7E;;;;;OAKG;+BAC8B,GAAG,aAAa,MAAM,GAAG,OAAO,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAuEnF;;OAEG;sBACqB,MAAM,SAAQ,OAAO;;AA8BrD,wBAAyB"}
+{"version":3,"file":"libsaml.d.ts","sourceRoot":"","sources":["../../src/libsaml.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAAC,iBAAiB,EAAC,MAAM,eAAe,CAAC;AAerD;;;;GAIG;AAGH,MAAM,WAAW,oBAAoB;IACjC,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,WAAW,EAAE,MAAM,GAAG,MAAM,CAAC;IAC7B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,eAAe,CAAC,EAAE,GAAG,CAAC;IACtB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,wBAAwB,CAAC,EAAE,MAAM,EAAE,CAAC;CACvC;AAED,MAAM,WAAW,wBAAwB;IACrC,QAAQ,CAAC,EAAE,iBAAiB,CAAC;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC/B;AAED,MAAM,WAAW,eAAe;IAC5B,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;IAEnB,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC9B,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC3B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACtB;AAED,MAAM,WAAW,sBAAsB;IACnC,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;CAC5B;AAED,MAAM,WAAW,gCAAgC;IAC7C,0BAA0B,CAAC,EAAE,0BAA0B,CAAC;IACxD,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;CACzC;AAED,MAAM,WAAW,gBAAgB;IAC7B,OAAO,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;IAC3D,UAAU,CAAC,EAAE,sBAAsB,EAAE,CAAC;IACtC,mBAAmB,CAAC,EAAE,gCAAgC,CAAC;CAC1D;AAED,MAAM,WAAW,0BAA2B,SAAQ,gBAAgB;CACnE;AAED,MAAM,WAAW,iBAAkB,SAAQ,gBAAgB;CAC1D;AAED,MAAM,WAAW,oBAAqB,SAAQ,gBAAgB;CAC7D;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;CAC9D;AAED,MAAM,WAAW,sBAAuB,SAAQ,gBAAgB;CAC/D;AAED,MAAM,MAAM,MAAM,GAAG,SAAS,GAAG,YAAY,CAAC;AAE9C,MAAM,WAAW,YAAY;IACzB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACtB;AAED,MAAM,WAAW,gBAAgB;IAC7B,mBAAmB,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,CAAC;IAC9C,WAAW,EAAE,CAAC,KAAK,KAAA,EAAE,YAAY,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IACvD,kBAAkB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,KAAK,MAAM,CAAC;IAC/D,yBAAyB,EAAE,CAAC,UAAU,EAAE,sBAAsB,EAAE,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,0BAA0B,EAAE,0BAA0B,KAAK,MAAM,CAAC;IAC1K,sBAAsB,EAAE,CAAC,IAAI,EAAE,oBAAoB,KAAK,MAAM,CAAC;IAC/D,eAAe,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,wBAAwB,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IACjF,gBAAgB,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,KAAK,EAAE,CAAC;IAC7D,yBAAyB,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,OAAO,EAAE,gBAAgB,CAAC,EAAE,MAAM,KAAK,MAAM,CAAC;IAE5I,sBAAsB,EAAE,CAAC,QAAQ,KAAA,EAAE,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC;IACzH,UAAU,EAAE,CAAC,eAAe,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,GAAG,KAAK,IAAI,CAAC;IACrE,gBAAgB,EAAE,CAAC,YAAY,KAAA,EAAE,YAAY,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IACrF,gBAAgB,EAAE,CAAC,IAAI,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;IAEtE,gBAAgB,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IACpD,eAAe,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IAEnD,gBAAgB,EAAE,GAAG,CAAC;IACtB,2BAA2B,EAAE,oBAAoB,CAAC;IAClD,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,iCAAiC,EAAE,0BAA0B,CAAC;IAC9D,wBAAwB,EAAE,iBAAiB,CAAC;IAC5C,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,6BAA6B,EAAE,sBAAsB,CAAC;CACzD;;6CAoN8C,OAAO,KAAG,MAAM;gCA5MxB,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;wDA8BkB,MAAM;;;;IA0N7D;;;;;OAKG;+BACwB,MAAM,aAAa,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM;IAS9E;;;;;;OAMG;IACH,eAAe;6CAC0B,GAAG,EAAE,GAAG,MAAM;IA0CvD;;;;;;;;;;OAUG;iCAC0B,oBAAoB;2CAiDV,MAAM,mBAAmB,MAAM;;;;;;;;;;;;;IAoCtE;;;;;;OAMG;yBACwB,MAAM,QAAQ,wBAAwB,QAAQ,GAAG;;;;;;;;;;;;;;6BA6XnD,MAAM,QAAQ,wBAAwB;IAoK/D;;;;;OAKG;0BACmB,MAAM,cAAc,MAAM,GAAG,MAAM,GAAG,YAAY;IAsBxE;;;;;;;;OAQG;2CAEc,MAAM,OACd,MAAM,eACE,MAAM,aACR,OAAO,qBACC,MAAM;IA8B7B;;;;;;;OAOG;uDAGc,MAAM,aACR,MAAM,GAAG,MAAM,oBACR,MAAM;IAO5B;;;;OAIG;gCACyB,MAAM,oBAAmB,GAAG;;;;IAWxD;;;;;;OAMG;iEAEgD,MAAM;IAsDzD;;;;;;;OAOG;2CAC+B,MAAM;IAoCxC;;OAEG;IACH;;OAEG;+CACmC,MAAM,SAAS,wBAAwB;;;;;;IAsH7E;;;;;OAKG;+BAC8B,GAAG,aAAa,MAAM,GAAG,OAAO,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAuEnF;;OAEG;sBACqB,MAAM,SAAQ,OAAO;;AA8BrD,wBAAyB"}

package/types/api.d.ts

@@ -1,15 +0,0 @@
-import { DOMParser as dom } from '@xmldom/xmldom';
-import type { Options as DOMParserOptions } from '@xmldom/xmldom';
-interface Context extends ValidatorContext, DOMParserContext {
-}
-interface ValidatorContext {
-    validate?: (xml: string) => Promise<any>;
-}
-interface DOMParserContext {
-    dom: dom;
-}
-export declare function getContext(): Context;
-export declare function setSchemaValidator(params: ValidatorContext): void;
-export declare function setDOMParserOptions(options?: DOMParserOptions): void;
-export {};
-//# sourceMappingURL=api.d.ts.map

package/types/api.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../src/api.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,IAAI,GAAG,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,KAAK,EAAE,OAAO,IAAI,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAElE,UAAU,OAAQ,SAAQ,gBAAgB,EAAE,gBAAgB;CAAG;AAE/D,UAAU,gBAAgB;IACxB,QAAQ,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,GAAG,CAAC,CAAC;CAC1C;AAED,UAAU,gBAAgB;IACxB,GAAG,EAAE,GAAG,CAAC;CACV;AAOD,wBAAgB,UAAU,IAAG,OAAO,CAEnC;AAED,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,gBAAgB,GAAE,IAAI,CAShE;AAED,wBAAgB,mBAAmB,CAAC,OAAO,GAAE,gBAAqB,GAAE,IAAI,CAEvE"}

package/types/binding-post.d.ts

@@ -1,48 +0,0 @@
-/**
-* @file binding-post.ts
-* @author tngan
-* @desc Binding-level API, declare the functions using POST binding
-*/
-import type { BindingContext } from './entity.js';
-/**
-* @desc Generate a base64 encoded login request
-* @param  {string} referenceTagXPath           reference uri
-* @param  {object} entity                      object includes both idp and sp
-* @param  {function} customTagReplacement     used when developers have their own login response template
-*/
-declare function base64LoginRequest(referenceTagXPath: string, entity: any, customTagReplacement?: (template: string) => BindingContext): BindingContext;
-/**
- * @desc Generate a base64 encoded login response
- * @param  {object} requestInfo                 corresponding request, used to obtain the id
- * @param  {object} entity                      object includes both idp and sp
- * @param  {object} user                        current logged user (e.g. req.user)
- * @param  {function} customTagReplacement     used when developers have their own login response template
- * @param  {boolean}  encryptThenSign           whether or not to encrypt then sign first (if signing). Defaults to sign-then-encrypt
- * @param AttributeStatement
- */
-declare function base64LoginResponse(requestInfo: any | undefined, entity: any, user?: any, customTagReplacement?: (template: string) => BindingContext, encryptThenSign?: boolean, AttributeStatement?: never[]): Promise<BindingContext>;
-/**
-* @desc Generate a base64 encoded logout request
-* @param  {object} user                         current logged user (e.g. req.user)
-* @param  {string} referenceTagXPath            reference uri
-* @param  {object} entity                       object includes both idp and sp
-* @param  {function} customTagReplacement      used when developers have their own login response template
-* @return {string} base64 encoded request
-*/
-declare function base64LogoutRequest(user: Record<string, unknown>, referenceTagXPath: string, entity: any, customTagReplacement?: (template: string) => BindingContext): BindingContext;
-/**
-* @desc Generate a base64 encoded logout response
-* @param  {object} requestInfo                 corresponding request, used to obtain the id
-* @param  {string} referenceTagXPath           reference uri
-* @param  {object} entity                      object includes both idp and sp
-* @param  {function} customTagReplacement     used when developers have their own login response template
-*/
-declare function base64LogoutResponse(requestInfo: any, entity: any, customTagReplacement: (template: string) => BindingContext): BindingContext;
-declare const postBinding: {
-    base64LoginRequest: typeof base64LoginRequest;
-    base64LoginResponse: typeof base64LoginResponse;
-    base64LogoutRequest: typeof base64LogoutRequest;
-    base64LogoutResponse: typeof base64LogoutResponse;
-};
-export default postBinding;
-//# sourceMappingURL=binding-post.d.ts.map

package/types/binding-post.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"binding-post.d.ts","sourceRoot":"","sources":["../src/binding-post.ts"],"names":[],"mappings":"AAAA;;;;EAIE;AAGF,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAMlD;;;;;EAKE;AACF,iBAAS,kBAAkB,CAAC,iBAAiB,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,cAAc,CAqD/I;AACD;;;;;;;;GAQG;AACH,iBAAe,mBAAmB,CAAC,WAAW,EAAE,GAAG,YAAK,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,GAAE,GAAQ,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,EAAE,eAAe,GAAE,OAAe,EAAG,kBAAkB,UAAG,GAAG,OAAO,CAAC,cAAc,CAAC,CAuIrO;AACD;;;;;;;EAOE;AACF,iBAAS,mBAAmB,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,iBAAiB,EAAC,MAAM,EAAE,MAAM,KAAA,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,cAAc,CAkDzK;AACD;;;;;;EAME;AACF,iBAAS,oBAAoB,CAAC,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,oBAAoB,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,cAAc,CAsDvI;AAED,QAAA,MAAM,WAAW;;;;;CAKhB,CAAC;AAEF,eAAe,WAAW,CAAC"}

package/types/binding-redirect.d.ts

@@ -1,54 +0,0 @@
-import type { BindingContext } from './entity.js';
-import { IdentityProvider as Idp } from './entity-idp.js';
-import { ServiceProvider as Sp } from './entity-sp.js';
-export interface BuildRedirectConfig {
-    baseUrl: string;
-    type: string;
-    isSigned: boolean;
-    context: string;
-    entitySetting: any;
-    relayState?: string;
-}
-/**
- * @desc Redirect URL for login request
- * @param  {object} entity                       object includes both idp and sp
- * @param  {function} customTagReplacement      used when developers have their own login response template
- * @return {string} redirect URL
- */
-declare function loginRequestRedirectURL(entity: {
-    idp: Idp;
-    sp: Sp;
-}, customTagReplacement?: (template: string) => BindingContext): BindingContext;
-/**
- * @desc Redirect URL for login response
- * @param  {object} requestInfo             corresponding request, used to obtain the id
- * @param  {object} entity                      object includes both idp and sp
- * @param  {object} user                         current logged user (e.g. req.user)
- * @param  {String} relayState                the relaystate sent by sp corresponding request
- * @param  {function} customTagReplacement     used when developers have their own login response template
- * @param AttributeStatement
- */
-declare function loginResponseRedirectURL(requestInfo: any, entity: any, user?: any, relayState?: string, customTagReplacement?: (template: string) => BindingContext, AttributeStatement?: never[]): BindingContext;
-/**
- * @desc Redirect URL for logout request
- * @param  {object} user                        current logged user (e.g. req.user)
- * @param  {object} entity                      object includes both idp and sp
- * @param  {function} customTagReplacement     used when developers have their own login response template
- * @return {string} redirect URL
- */
-declare function logoutRequestRedirectURL(user: any, entity: any, relayState?: string, customTagReplacement?: (template: string, tags: object) => BindingContext): BindingContext;
-/**
- * @desc Redirect URL for logout response
- * @param  {object} requescorresponding request, used to obtain the id
- * @param  {object} entity                      object includes both idp and sp
- * @param  {function} customTagReplacement     used when developers have their own login response template
- */
-declare function logoutResponseRedirectURL(requestInfo: any, entity: any, relayState?: string, customTagReplacement?: (template: string) => BindingContext): BindingContext;
-declare const redirectBinding: {
-    loginRequestRedirectURL: typeof loginRequestRedirectURL;
-    loginResponseRedirectURL: typeof loginResponseRedirectURL;
-    logoutRequestRedirectURL: typeof logoutRequestRedirectURL;
-    logoutResponseRedirectURL: typeof logoutResponseRedirectURL;
-};
-export default redirectBinding;
-//# sourceMappingURL=binding-redirect.d.ts.map

package/types/binding-redirect.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"binding-redirect.d.ts","sourceRoot":"","sources":["../src/binding-redirect.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,aAAa,CAAC;AAChD,OAAO,EAAC,gBAAgB,IAAI,GAAG,EAAC,MAAM,iBAAiB,CAAC;AACxD,OAAO,EAAC,eAAe,IAAI,EAAE,EAAC,MAAM,gBAAgB,CAAC;AAOrD,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,OAAO,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,GAAG,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAgED;;;;;GAKG;AACH,iBAAS,uBAAuB,CAAC,MAAM,EAAE;IACvC,GAAG,EAAE,GAAG,CAAC;IACT,EAAE,EAAE,EAAE,CAAA;CACP,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,cAAc,CAyC9E;AAED;;;;;;;;GAQG;AACH,iBAAS,wBAAwB,CAAC,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,GAAE,GAAQ,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,EAAC,kBAAkB,UAAI,GAAG,cAAc,CAoGxM;AAED;;;;;;GAMG;AACH,iBAAS,wBAAwB,CAAC,IAAI,KAAA,EAAE,MAAM,KAAA,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,cAAc,GAAG,cAAc,CAwC9J;AAED;;;;;GAKG;AACH,iBAAS,yBAAyB,CAAC,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,cAAc,CAyClK;AAED,QAAA,MAAM,eAAe;;;;;CAKpB,CAAC;AAEF,eAAe,eAAe,CAAC"}

package/types/binding-simplesign.d.ts

@@ -1,41 +0,0 @@
-/**
-* @file binding-simplesign.ts
-* @author Orange
-* @desc Binding-level API, declare the functions using POST SimpleSign binding
-*/
-import type { BindingContext, SimpleSignComputedContext } from './entity.js';
-export interface BuildSimpleSignConfig {
-    type: string;
-    context: string;
-    entitySetting: any;
-    relayState?: string;
-}
-export interface BindingSimpleSignContext {
-    id: string;
-    context: string;
-    signature: any;
-    sigAlg: string;
-}
-/**
-* @desc Generate a base64 encoded login request
-* @param  {string} referenceTagXPath           reference uri
-* @param  {object} entity                      object includes both idp and sp
-* @param  {function} customTagReplacement     used when developers have their own login response template
-*/
-declare function base64LoginRequest(entity: any, customTagReplacement?: (template: string) => BindingContext): SimpleSignComputedContext;
-/**
- * @desc Generate a base64 encoded login response
- * @param  {object} requestInfo                 corresponding request, used to obtain the id
- * @param  {object} entity                      object includes both idp and sp
- * @param  {object} user                        current logged user (e.g. req.user)
- * @param  {string}  relayState               the relay state
- * @param  {function} customTagReplacement     used when developers have their own login response template
- * @param AttributeStatement
- */
-declare function base64LoginResponse(requestInfo: any | undefined, entity: any, user?: any, relayState?: string, customTagReplacement?: (template: string) => BindingContext, AttributeStatement?: []): Promise<BindingSimpleSignContext>;
-declare const simpleSignBinding: {
-    base64LoginRequest: typeof base64LoginRequest;
-    base64LoginResponse: typeof base64LoginResponse;
-};
-export default simpleSignBinding;
-//# sourceMappingURL=binding-simplesign.d.ts.map

package/types/binding-simplesign.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"binding-simplesign.d.ts","sourceRoot":"","sources":["../src/binding-simplesign.ts"],"names":[],"mappings":"AAAA;;;;EAIE;AAGF,OAAQ,KAAK,EAAE,cAAc,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAC;AAO9E,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,GAAG,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,wBAAwB;IACvC,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,GAAG,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;CAChB;AA6CD;;;;;EAKE;AACF,iBAAS,kBAAkB,CAAC,MAAM,EAAE,GAAG,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,yBAAyB,CAkD/H;AACD;;;;;;;;GAQG;AACH,iBAAe,mBAAmB,CAAC,WAAW,EAAE,GAAG,YAAK,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,GAAE,GAAQ,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,EAAE,kBAAkB,GAAC,EAAO,GAAG,OAAO,CAAC,wBAAwB,CAAC,CA6FtO;AAED,QAAA,MAAM,iBAAiB;;;CAGpB,CAAC;AAEJ,eAAe,iBAAiB,CAAC"}