samlesa 3.4.2 → 3.5.0

package/package.json

@@ -1,75 +1,88 @@
-{
-  "name": "samlesa",
-  "version": "3.4.2",
-  "description": "High-level API for Single Sign On (SAML 2.0) baseed on samlify ",
-  "main": "build/index.js",
-  "keywords": [
-    "nodejs",
-    "saml2",
-    "sso",
-    "slo",
-    "metadata"
-  ],
-  "type": "module",
-  "typings": "types/index.d.ts",
-  "scripts": {
-    "build": "tsc && copyfiles -u 1 src/schema/**/* build/src",
-    "docs": "docsify serve -o docs",
-    "lint": "tslint -p .",
-    "lint:fix": "tslint -p . --fix",
-    "test": "vitest",
-    "test:watch": "vitest --watch",
-    "test:coverage": "vitest run --coverage",
-    "hooks:postinstall": "mklink /J .git\\hooks\\pre-commit .pre-commit.sh || copy .pre-commit.sh .git\\hooks\\pre-commit"
-  },
-  "exports": {
-    ".": {
-      "types": "./types/index.d.ts",
-      "import": "./build/index.js"
-    }
-  },
-  "files": [
-    "build",
-    "types"
-  ],
-  "contributors": [
-    "Veclea <vemocle@gmail.com>"
-  ],
-  "author": "Veclea",
-  "repository": {
-    "url": "https://github.com/Veclea/samlify.git",
-    "type": "git"
-  },
-  "license": "MIT",
-  "dependencies": {
-    "@xmldom/xmldom": "^0.9.8",
-    "axios": "^1.13.5",
-    "camelcase": "^9.0.0",
-    "cross-env": "^10.1.0",
-    "iconv-lite": "^0.7.2",
-    "ts-node": "^10.9.2",
-    "vite-tsconfig-paths": "^6.1.1",
-    "xml": "^1.0.1",
-    "xml-crypto": "^6.1.2",
-    "xml-crypto-next": "^7.0.4",
-    "xml-encryption-next": "^4.6.0",
-    "xml-escape": "^1.1.0",
-    "xml2js": "^0.6.2",
-    "xmllint-wasm": "^5.1.0",
-    "xpath": "^0.0.34"
-  },
-  "devDependencies": {
-    "@types/node": "^25.3.2",
-    "@types/pako": "2.0.4",
-    "@types/uuid": "11.0.0",
-    "@vitest/coverage-istanbul": "^4.0.18",
-    "@vitest/coverage-v8": "4.0.18",
-    "copyfiles": "^2.4.1",
-    "coveralls": "^3.1.1",
-    "esbuild": "^0.27.3",
-    "jsdom": "^28.1.0",
-    "timekeeper": "^2.3.1",
-    "typescript": "5.9.3",
-    "vitest": "^4.0.18"
-  }
-}
+{
+  "name": "samlesa",
+  "version": "3.5.0",
+  "description": "High-level API for Single Sign On (SAML 2.0) baseed on samlify ",
+  "main": "build/index.js",
+  "keywords": [
+    "nodejs",
+    "saml2",
+    "sso",
+    "slo",
+    "metadata"
+  ],
+  "type": "module",
+  "typings": "types/index.d.ts",
+  "homepage": "https://saml.veclea.com",
+  "scripts": {
+    "build": "tsc && copyfiles -u 1 src/schema/**/* build/src",
+    "build:fast": "tsc",
+    "build:clean": "tsc --build --clean && pnpm run build",
+    "docs:dev": "cd docs && npm run docs:dev",
+    "docs:build": "cd docs && npm run docs:build",
+    "docs:preview": "cd docs && npm run docs:preview",
+    "docs:deploy": "vercel --prod",
+    "lint": "tslint -p .",
+    "lint:fix": "tslint -p . --fix",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "test:coverage": "vitest run --coverage",
+    "test:fast": "vitest run --pool=forks",
+    "test:artifact": "vitest run test/artifact.test.ts",
+    "generate-certs": "node scripts/generate-certs.js",
+    "hooks:postinstall": "mklink /J .git\\hooks\\pre-commit .pre-commit.sh || copy .pre-commit.sh .git\\hooks\\pre-commit"
+  },
+  "exports": {
+    ".": {
+      "types": "./types/index.d.ts",
+      "import": "./build/index.js"
+    }
+  },
+  "files": [
+    "build",
+    "types"
+  ],
+  "contributors": [
+    "Veclea <vemocle@gmail.com>"
+  ],
+  "author": "Veclea",
+  "repository": {
+    "url": "https://github.com/Veclea/samlify.git",
+    "type": "git"
+  },
+  "bugs": {
+    "url": "https://github.com/Veclea/samlify/issues"
+  },
+  "docs": "https://saml.veclea.com",
+  "license": "MIT",
+  "dependencies": {
+    "@xmldom/xmldom": "^0.9.8",
+    "axios": "^1.13.6",
+    "camelcase": "^9.0.0",
+    "cross-env": "^10.1.0",
+    "iconv-lite": "^0.7.2",
+    "ts-node": "^10.9.2",
+    "vite-tsconfig-paths": "^6.1.1",
+    "xml": "^1.0.1",
+    "xml-crypto": "^6.1.2",
+    "xml-crypto-next": "^7.0.4",
+    "xml-encryption-next": "^4.6.0",
+    "xml-escape": "^1.1.0",
+    "xml2js": "^0.6.2",
+    "xmllint-wasm": "^5.2.0",
+    "xpath": "^0.0.34"
+  },
+  "devDependencies": {
+    "@types/node": "^25.5.0",
+    "@types/pako": "2.0.4",
+    "@types/uuid": "11.0.0",
+    "@vitest/coverage-istanbul": "^4.1.2",
+    "@vitest/coverage-v8": "4.1.2",
+    "copyfiles": "^2.4.1",
+    "coveralls": "^3.1.1",
+    "esbuild": "^0.27.4",
+    "jsdom": "^29.0.1",
+    "timekeeper": "^2.3.1",
+    "typescript": "6.0.2",
+    "vitest": "^4.1.2"
+  }
+}

package/types/src/binding-artifact.d.ts

@@ -1,43 +1,71 @@
+/**
+ * @file binding-artifact.ts
+ * @author tngan
+ * @desc Binding-level API for SAML 2.0 Artifact Binding
+ * @see https://docs.oasis-open.org/security/saml/v2.0/saml-bind-2.0-os.pdf
+ */
 import type { BindingContext } from './entity.js';
 import { IdentityProviderConstructor as IdentityProvider, ServiceProviderConstructor as ServiceProvider } from "./types.js";
+import { Base64LoginResponseParams } from "./types.js";
+/**
+ * Generate a SAML 2.0 compliant Artifact ID
+ * Format: [TypeCode: 2 bytes] + [EndpointIndex: 2 bytes] + [SourceID: 20 bytes] + [MessageHandle: 20 bytes]
+ * @param issuerId The entity ID of the issuing party (IdP)
+ * @param endpointIndex The index of the destination endpoint (default is 1 for Artifact Resolution Service)
+ * @returns The Base64 encoded Artifact ID string
+ */
+export declare function generateArtifactId(issuerId: string, endpointIndex?: number): string;
+/**
+ * @desc Generate a SOAP-encoded login request for Artifact binding
+ * @param {string} referenceTagXPath           reference uri
+ * @param {object} entity                      object includes both idp and sp
+ * @param {function} customTagReplacement     used when developers have their own login request template
+ * @returns {BindingContext}
+ */
+declare function soapLoginRequest(referenceTagXPath: string, entity: {
+    idp: IdentityProvider;
+    sp: ServiceProvider;
+    inResponse?: string;
+    relayState?: string;
+}, customTagReplacement?: (template: string) => BindingContext): BindingContext;
 /**
- * @desc Generate a base64 encoded login request
- * @param  {string} referenceTagXPath           reference uri
- * @param  {object} entity                      object includes both idp and sp
- * @param customTagReplacement
+ * @desc Generate a SOAP-encoded login response for Artifact binding
+ * @param {Base64LoginResponseParams} params  parameters for generating login response
+ * @returns {BindingContext}
  */
-declare function soapLoginRequest(referenceTagXPath: string, entity: any, customTagReplacement?: (template: string) => BindingContext): any;
+declare function soapLoginResponse(params: Base64LoginResponseParams): Promise<BindingContext>;
 /**
- * @desc Generate a base64 encoded login response
- * @param  {object} requestInfo                 corresponding request, used to obtain the id
- * @param  {object} entity                      object includes both idp and sp
- * @param  {object} user                        current logged user (e.g. req.user)
- * @param  {function} customTagReplacement     used when developers have their own login response template
- * @param  {boolean}  encryptThenSign           whether or not to encrypt then sign first (if signing). Defaults to sign-then-encrypt
- * @param AttributeStatement
+ * @desc Parse and validate Artifact Resolve request
+ * @param {object} params
+ * @param {IdentityProvider} params.idp Identity Provider instance
+ * @param {ServiceProvider} params.sp Service Provider instance
+ * @param {string} params.xml SOAP request XML string
+ * @returns {Promise}
  */
-declare function soapLoginResponse(requestInfo: any | undefined, entity: any, user?: any, customTagReplacement?: (template: string) => BindingContext, encryptThenSign?: boolean, AttributeStatement?: never[]): Promise<BindingContext>;
 declare function parseLoginRequestResolve(params: {
     idp: IdentityProvider;
     sp: ServiceProvider;
     xml: string;
-}): Promise<{
-    samlContent: any;
-    extract: any;
-}>;
+}): Promise<any>;
+/**
+ * @desc Parse and validate Artifact Resolve response
+ * @param {object} params
+ * @param {IdentityProvider} params.idp Identity Provider instance
+ * @param {ServiceProvider} params.sp Service Provider instance
+ * @param {string} params.art Artifact string
+ * @returns {Promise}
+ */
 declare function parseLoginResponseResolve(params: {
     idp: IdentityProvider;
     sp: ServiceProvider;
     art: string;
-}): Promise<{
-    samlContent: string;
-    extract: any;
-}>;
-declare const artifactSignBinding: {
-    parseLoginRequestResolve: typeof parseLoginRequestResolve;
+}): Promise<any>;
+declare const artifactBinding: {
     soapLoginRequest: typeof soapLoginRequest;
-    parseLoginResponseResolve: typeof parseLoginResponseResolve;
     soapLoginResponse: typeof soapLoginResponse;
+    parseLoginRequestResolve: typeof parseLoginRequestResolve;
+    parseLoginResponseResolve: typeof parseLoginResponseResolve;
+    generateArtifactId: typeof generateArtifactId;
 };
-export default artifactSignBinding;
+export default artifactBinding;
 //# sourceMappingURL=binding-artifact.d.ts.map

package/types/src/binding-artifact.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"binding-artifact.d.ts","sourceRoot":"","sources":["../../src/binding-artifact.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,aAAa,CAAC;AAMhD,OAAO,EACH,2BAA2B,IAAI,gBAAgB,EAC/C,0BAA0B,IAAI,eAAe,EAChD,MAAM,YAAY,CAAC;AAwCpB;;;;;GAKG;AACH,iBAAS,gBAAgB,CAAC,iBAAiB,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,GAAG,CAkGlI;AAED;;;;;;;;GAQG;AACH,iBAAe,iBAAiB,CAAC,WAAW,EAAE,GAAG,YAAK,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,GAAE,GAAQ,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,EAAE,eAAe,GAAE,OAAe,EAAE,kBAAkB,UAAK,GAAG,OAAO,CAAC,cAAc,CAAC,CAuIpO;AAED,iBAAe,wBAAwB,CAAC,MAAM,EAAE;IAC5C,GAAG,EAAE,gBAAgB,CAAC;IACtB,EAAE,EAAE,eAAe,CAAC;IACpB,GAAG,EAAE,MAAM,CAAA;CACd;;;GAqDA;AAED,iBAAe,yBAAyB,CAAC,MAAM,EAAE;IAAE,GAAG,EAAE,gBAAgB,CAAC;IAAC,EAAE,EAAE,eAAe,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE;;;GAgP3G;AAED,QAAA,MAAM,mBAAmB;;;;;CAOxB,CAAC;AAEF,eAAe,mBAAmB,CAAC"}
+{"version":3,"file":"binding-artifact.d.ts","sourceRoot":"","sources":["../../src/binding-artifact.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAOlD,OAAO,EACH,2BAA2B,IAAI,gBAAgB,EAC/C,0BAA0B,IAAI,eAAe,EAChD,MAAM,YAAY,CAAC;AAYpB,OAAO,EAAE,yBAAyB,EAAE,MAAM,YAAY,CAAC;AA0BvD;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,aAAa,GAAE,MAAU,GAAG,MAAM,CAoBtF;AAED;;;;;;GAMG;AACH,iBAAS,gBAAgB,CACrB,iBAAiB,EAAE,MAAM,EACzB,MAAM,EAAE;IACJ,GAAG,EAAE,gBAAgB,CAAC;IACtB,EAAE,EAAE,eAAe,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;CACvB,EACD,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAC5D,cAAc,CAsGhB;AAED;;;;GAIG;AACH,iBAAe,iBAAiB,CAAC,MAAM,EAAE,yBAAyB,GAAG,OAAO,CAAC,cAAc,CAAC,CAuE3F;AAED;;;;;;;GAOG;AACH,iBAAe,wBAAwB,CAAC,MAAM,EAAE;IAC5C,GAAG,EAAE,gBAAgB,CAAC;IACtB,EAAE,EAAE,eAAe,CAAC;IACpB,GAAG,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC,GAAG,CAAC,CA6Cf;AAED;;;;;;;GAOG;AACH,iBAAe,yBAAyB,CAAC,MAAM,EAAE;IAC7C,GAAG,EAAE,gBAAgB,CAAC;IACtB,EAAE,EAAE,eAAe,CAAC;IACpB,GAAG,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC,GAAG,CAAC,CAyJf;AAED,QAAA,MAAM,eAAe;;;;;;CAMpB,CAAC;AAEF,eAAe,eAAe,CAAC"}

package/types/src/entity-idp.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"entity-idp.d.ts","sourceRoot":"","sources":["../../src/entity-idp.ts"],"names":[],"mappings":"AAYA,OAAO,MAAM,EAAE,EAAC,KAAK,gBAAgB,EAAC,MAAM,aAAa,CAAC;AAC1D,OAAO,EACH,0BAA0B,IAAI,eAAe,EAE7C,wBAAwB,EACxB,KAAK,wBAAwB,EAChC,MAAM,YAAY,CAAC;AAMpB,OAAO,EAAO,KAAK,UAAU,EAAC,MAAM,WAAW,CAAC;AAEhD,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,aAAa,CAAC;AAEhD;;GAEG;AACH,MAAM,CAAC,OAAO,WAAW,KAAK,EAAE,wBAAwB,oBAEvD;AAED;;GAEG;AACH,qBAAa,gBAAiB,SAAQ,MAAM;IAEhC,UAAU,EAAE,wBAAwB,CAAC;gBAEjC,UAAU,EAAE,wBAAwB;IAWhD;;;OAGG;IACU,mBAAmB,CAAC,MAAM,EAAE;QACrC,EAAE,EAAE,eAAe,CAAC;QACpB,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAClC,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAC3B,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,CAAC;QAC5D,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,kBAAkB,CAAC,EAAE,EAAE,CAAC;QACxB,OAAO,CAAC,EAAE,KAAK,CAAC;KACnB;IAuDD;;;;;OAKG;IACH,iBAAiB,CAAC,EAAE,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,gBAAgB;CAYhF"}
+{"version":3,"file":"entity-idp.d.ts","sourceRoot":"","sources":["../../src/entity-idp.ts"],"names":[],"mappings":"AAYA,OAAO,MAAM,EAAE,EAAC,KAAK,gBAAgB,EAAC,MAAM,aAAa,CAAC;AAC1D,OAAO,EACH,0BAA0B,IAAI,eAAe,EAE7C,wBAAwB,EACxB,KAAK,wBAAwB,EAChC,MAAM,YAAY,CAAC;AAOpB,OAAO,EAAO,KAAK,UAAU,EAAC,MAAM,WAAW,CAAC;AAChD,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,aAAa,CAAC;AAEhD;;GAEG;AACH,MAAM,CAAC,OAAO,WAAW,KAAK,EAAE,wBAAwB,oBAEvD;AAED;;GAEG;AACH,qBAAa,gBAAiB,SAAQ,MAAM;IAEhC,UAAU,EAAE,wBAAwB,CAAC;gBAEjC,UAAU,EAAE,wBAAwB;IAWhD;;;OAGG;IACU,mBAAmB,CAAC,MAAM,EAAE;QACrC,EAAE,EAAE,eAAe,CAAC;QACpB,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAClC,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAC3B,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,CAAC;QAC5D,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,kBAAkB,CAAC,EAAE,EAAE,CAAC;QACxB,OAAO,CAAC,EAAE,KAAK,CAAC;KACnB;IAiED;;;;;OAKG;IACH,iBAAiB,CAAC,EAAE,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,gBAAgB;CAYhF"}

package/types/src/entity-sp.d.ts

@@ -10,8 +10,7 @@ import { type FlowResult } from './flow.js';
 export default function (props: ServiceProviderSettings): ServiceProvider;
 /**
  * @desc Service provider can be configured using either metadata importing or spSetting
- * @param  {object} spSettingimport { FlowResult } from '../types/src/flow.d';
-
+ * @param  {object} spSetting
  */
 export declare class ServiceProvider extends Entity {
     entityMeta: ServiceProviderMetadata;
@@ -27,11 +26,11 @@ export declare class ServiceProvider extends Entity {
      * @param  {function} customTagReplacement     used when developers have their own login response template
      */
     createLoginRequest(idp: IdentityProvider, binding?: string, customTagReplacement?: (template: string) => BindingContext): BindingContext | PostBindingContext | SimpleSignBindingContext;
-    createLoginSoapRequest(idp: IdentityProvider, binding: string | undefined, config: {
+    createLoginSoapRequest(idp: IdentityProvider, binding?: string, config?: {
         customTagReplacement?: (template: string) => BindingContext;
         inResponseTo?: string;
         relayState?: string;
-    }): Promise<any>;
+    }): Promise<BindingContext>;
     /**
      * @desc   Validation of the parsed the URL parameters
      * @param  {IdentityProvider}   idp             object of identity provider
@@ -40,18 +39,17 @@ export declare class ServiceProvider extends Entity {
      */
     parseLoginResponse(idp: any, binding: any, request: ESamlHttpRequest): Promise<FlowResult>;
     /**
-     * @desc   request SamlResponse by Arc id
+     * @desc   Parse and validate Artifact Resolve request
      * @param  {IdentityProvider}   idp             object of identity provider
-     * @param  {string}   binding                   protocol binding
+     * @param  {string}   xml                       SOAP request XML string
+     */
+    parseLoginRequestResolve(idp: IdentityProvider, xml: string): Promise<any>;
+    /**
+     * @desc   Resolve SAML Response by Artifact ID
+     * @param  {IdentityProvider}   idp             object of identity provider
+     * @param  {string}   art                       Artifact string
      * @param  {request}   req                      request
      */
-    parseLoginRequestResolve(idp: any, xml: any): Promise<{
-        samlContent: any;
-        extract: any;
-    }>;
-    parseLoginResponseResolve(idp: IdentityProvider, art: string, request: ESamlHttpRequest): Promise<{
-        samlContent: string;
-        extract: any;
-    }>;
+    parseLoginResponseResolve(idp: IdentityProvider, art: string, request: ESamlHttpRequest): Promise<any>;
 }
 //# sourceMappingURL=entity-sp.d.ts.map

package/types/src/entity-sp.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"entity-sp.d.ts","sourceRoot":"","sources":["../../src/entity-sp.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,MAAU,MAAM,aAAa,CAAC;AAGrC,OAAO,KAAK,EACV,cAAc,EACd,kBAAkB,EAClB,gBAAgB,EAChB,wBAAwB,EACzB,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,2BAA2B,IAAI,gBAAgB,EAC/C,uBAAuB,EACvB,KAAK,uBAAuB,EAC7B,MAAM,YAAY,CAAC;AAMpB,OAAO,EAAO,KAAK,UAAU,EAAC,MAAM,WAAW,CAAC;AAKhD,MAAM,CAAC,OAAO,WAAW,KAAK,EAAE,uBAAuB,mBAEtD;AAED;;;;GAIG;AACH,qBAAa,eAAgB,SAAQ,MAAM;IACjC,UAAU,EAAE,uBAAuB,CAAC;IAE5C;;;OAGG;gBACS,SAAS,EAAE,uBAAuB;IAS9C;;;;;OAKG;IACI,kBAAkB,CACrB,GAAG,EAAE,gBAAgB,EACrB,OAAO,SAAa,EACpB,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAC5D,cAAc,GAAG,kBAAkB,GAAG,wBAAwB;IAkCpD,sBAAsB,CAC/B,GAAG,EAAE,gBAAgB,EACrB,OAAO,oBAAa,EACpB,MAAM,EAAC;QACL,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,CAAC;QAC5D,YAAY,CAAC,EAAC,MAAM,CAAC;QACrB,UAAU,CAAC,EAAC,MAAM,CAAC;KACpB,GACH,OAAO,CAAC,GAAG,CAAC;IAsBd;;;;;OAKG;IACI,kBAAkB,CAAC,GAAG,KAAA,EAAE,OAAO,KAAA,EAAE,OAAO,EAAE,gBAAgB;IAcjE;;;;;OAKG;IACI,wBAAwB,CAAC,GAAG,KAAA,EAAC,GAAG,KAAA;;;;IAQhC,yBAAyB,CAAC,GAAG,EAAC,gBAAgB,EAAE,GAAG,EAAC,MAAM,EAAE,OAAO,EAAE,gBAAgB;;;;CAS7F"}
+{"version":3,"file":"entity-sp.d.ts","sourceRoot":"","sources":["../../src/entity-sp.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,MAAM,MAAM,aAAa,CAAC;AAEjC,OAAO,KAAK,EACV,cAAc,EACd,kBAAkB,EAClB,gBAAgB,EAChB,wBAAwB,EACzB,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,2BAA2B,IAAI,gBAAgB,EAC/C,uBAAuB,EACvB,KAAK,uBAAuB,EAC7B,MAAM,YAAY,CAAC;AAMpB,OAAO,EAAO,KAAK,UAAU,EAAC,MAAM,WAAW,CAAC;AAKhD,MAAM,CAAC,OAAO,WAAW,KAAK,EAAE,uBAAuB,mBAEtD;AAED;;;GAGG;AACH,qBAAa,eAAgB,SAAQ,MAAM;IACjC,UAAU,EAAE,uBAAuB,CAAC;IAE5C;;;OAGG;gBACS,SAAS,EAAE,uBAAuB;IAS9C;;;;;OAKG;IACI,kBAAkB,CACrB,GAAG,EAAE,gBAAgB,EACrB,OAAO,SAAa,EACpB,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAC5D,cAAc,GAAG,kBAAkB,GAAG,wBAAwB;IAuCpD,sBAAsB,CAC/B,GAAG,EAAE,gBAAgB,EACrB,OAAO,SAAa,EACpB,MAAM,CAAC,EAAE;QACP,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,CAAC;QAC5D,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,UAAU,CAAC,EAAE,MAAM,CAAC;KACrB,GACF,OAAO,CAAC,cAAc,CAAC;IAmB1B;;;;;OAKG;IACI,kBAAkB,CAAC,GAAG,KAAA,EAAE,OAAO,KAAA,EAAE,OAAO,EAAE,gBAAgB;IAajE;;;;OAIG;IACI,wBAAwB,CAAC,GAAG,EAAE,gBAAgB,EAAE,GAAG,EAAE,MAAM;IASlE;;;;;OAKG;IACI,yBAAyB,CAAC,GAAG,EAAE,gBAAgB,EAAE,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,gBAAgB;CAS/F"}

package/types/src/extractor.d.ts

@@ -32,6 +32,7 @@ export declare function extractSpData(context: string): any;
 export declare function extractIdp(context: string): any;
 export declare function extractSp(context: string): any;
 export declare function extractAuthRequest(context: string): any;
-export declare function extractResponse(context: string, ass: any): any;
+export declare function extractResponse(context: string): any;
+export declare function extractArtifactResolve(context: string): any;
 export {};
 //# sourceMappingURL=extractor.d.ts.map

package/types/src/extractor.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"extractor.d.ts","sourceRoot":"","sources":["../../src/extractor.ts"],"names":[],"mappings":"AAMA,UAAU,cAAc;IACtB,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,EAAE,CAAC;IAClC,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,aAAa,CAAC,EAAE,CAAC,IAAI,EAAE,GAAG,KAAK,GAAG,CAAC;IAEnC,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAOD,MAAM,MAAM,eAAe,GAAG,cAAc,EAAE,CAAC;AA4B/C,eAAO,MAAM,kBAAkB,EAAE,eAsFhC,CAAC;AAKF,eAAO,MAAM,qBAAqB,EAAE,eAKnC,CAAC;AAEF,eAAO,MAAM,sBAAsB,EAAE,eAKpC,CAAC;AAEF,eAAO,MAAM,yBAAyB,EAAE,eAGvC,CAAC;AAEF,eAAO,MAAM,iCAAiC,EAAE,eAG/C,CAAC;AAEF,eAAO,MAAM,0BAA0B,EAAE,eAGxC,CAAC;AAEF,eAAO,MAAM,mBAAmB,EAAE,CAAC,CAAC,SAAS,EAAE,GAAG,KAAK,eAAe,CAWrE,CAAC;AAqMF,eAAO,MAAM,mBAAmB,EAAE,eAMjC,CAAC;AAEF,eAAO,MAAM,oBAAoB,EAAE,eAIlC,CAAC;AAKF,eAAO,MAAM,iBAAiB,EAAE,eAiI/B,CAAC;AAOF,eAAO,MAAM,gBAAgB,EAAE,eAyL9B,CAAC;AAEF,wBAAgB,OAAO,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,OAiN/D;AASD,eAAO,MAAM,2BAA2B,EAAE,eAkZzC,CAAC;AAIF;;GAEG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,OAkRrE;AAKD,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,OAE5C;AAED,wBAAgB,UAAU,CAAC,OAAO,EAAE,MAAM,OAEzC;AAGD,wBAAgB,SAAS,CAAC,OAAO,EAAE,MAAM,OAExC;AACD,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,OAEjD;AACD,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,EAAC,GAAG,EAAC,GAAG,OAEtD"}
+{"version":3,"file":"extractor.d.ts","sourceRoot":"","sources":["../../src/extractor.ts"],"names":[],"mappings":"AAMA,UAAU,cAAc;IACtB,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,EAAE,CAAC;IAClC,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,aAAa,CAAC,EAAE,CAAC,IAAI,EAAE,GAAG,KAAK,GAAG,CAAC;IAEnC,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAOD,MAAM,MAAM,eAAe,GAAG,cAAc,EAAE,CAAC;AA4B/C,eAAO,MAAM,kBAAkB,EAAE,eAsFhC,CAAC;AAKF,eAAO,MAAM,qBAAqB,EAAE,eAsBnC,CAAC;AAEF,eAAO,MAAM,sBAAsB,EAAE,eAKpC,CAAC;AAEF,eAAO,MAAM,yBAAyB,EAAE,eAGvC,CAAC;AAEF,eAAO,MAAM,iCAAiC,EAAE,eAG/C,CAAC;AAEF,eAAO,MAAM,0BAA0B,EAAE,eAGxC,CAAC;AAEF,eAAO,MAAM,mBAAmB,EAAE,CAAC,CAAC,SAAS,EAAE,GAAG,KAAK,eAAe,CAWrE,CAAC;AAqMF,eAAO,MAAM,mBAAmB,EAAE,eAMjC,CAAC;AAEF,eAAO,MAAM,oBAAoB,EAAE,eAIlC,CAAC;AAKF,eAAO,MAAM,iBAAiB,EAAE,eAiI/B,CAAC;AAOF,eAAO,MAAM,gBAAgB,EAAE,eAyL9B,CAAC;AAEF,wBAAgB,OAAO,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,OAiN/D;AASD,eAAO,MAAM,2BAA2B,EAAE,eAkZzC,CAAC;AAIF;;GAEG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,OAkRrE;AAKD,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,OAE5C;AAED,wBAAgB,UAAU,CAAC,OAAO,EAAE,MAAM,OAEzC;AAGD,wBAAgB,SAAS,CAAC,OAAO,EAAE,MAAM,OAExC;AACD,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,OAEjD;AACD,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,OAE9C;AACD,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,MAAM,OAErD"}

package/types/src/flow.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"flow.d.ts","sourceRoot":"","sources":["../../src/flow.ts"],"names":[],"mappings":"AAuBA,MAAM,WAAW,UAAU;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,GAAG,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AAqsBD,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CA8BhG;AAED,wBAAgB,IAAI,CAAC,OAAO,KAAA,GAAG,OAAO,CAAC,UAAU,CAAC,CA0BjD"}
+{"version":3,"file":"flow.d.ts","sourceRoot":"","sources":["../../src/flow.ts"],"names":[],"mappings":"AAuBA,MAAM,WAAW,UAAU;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,GAAG,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AA8rBD,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CA8BhG;AAED,wBAAgB,IAAI,CAAC,OAAO,KAAA,GAAG,OAAO,CAAC,UAAU,CAAC,CA0BjD"}

package/types/src/schemaValidator.d.ts

@@ -1,3 +1,20 @@
+/**
+ * 验证 SAML 消息（普通或 SOAP）
+ * @param xml XML 字符串
+ * @param isSoap 是否为 SOAP 消息，默认 false
+ * @returns true 表示验证通过，否则抛出错误
+ * @throws 当检测到 XXE 或验证失败时抛出错误
+ */
 export declare const validate: (xml: string, isSoap?: boolean) => Promise<boolean>;
-export declare const validateMetadata: (xml: string, isParse?: boolean) => Promise<any>;
+/**
+ * 验证 SAML 元数据，并可选择解析元数据类型
+ * @param xml XML 字符串
+ * @param isParse 是否解析并返回元数据类型，默认 false
+ * @returns 验证通过时：若 isParse 为 true 返回 { isValid: true, metadataType: string }，否则返回 true；
+ *          验证失败时返回 Error 对象（保持原行为）
+ */
+export declare const validateMetadata: (xml: string, isParse?: boolean) => Promise<true | Error | readonly import("xmllint-wasm").XMLValidationError[] | {
+    isValid: boolean;
+    metadataType: string;
+}>;
 //# sourceMappingURL=schemaValidator.d.ts.map

package/types/src/schemaValidator.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"schemaValidator.d.ts","sourceRoot":"","sources":["../../src/schemaValidator.ts"],"names":[],"mappings":"AA8EA,eAAO,MAAM,QAAQ,GAAU,KAAK,MAAM,EAAC,SAAQ,OAAe,qBAmCjE,CAAC;AACF,eAAO,MAAM,gBAAgB,GAAU,KAAK,MAAM,EAAC,UAAS,OAAe,iBA6D1E,CAAC"}
+{"version":3,"file":"schemaValidator.d.ts","sourceRoot":"","sources":["../../src/schemaValidator.ts"],"names":[],"mappings":"AAoFA;;;;;;GAMG;AACH,eAAO,MAAM,QAAQ,GAAU,KAAK,MAAM,EAAE,SAAQ,OAAe,qBA4BlE,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,gBAAgB,GAAU,KAAK,MAAM,EAAE,UAAS,OAAe;;;EA+D3E,CAAC"}

package/types/src/urn.d.ts

@@ -9,6 +9,8 @@ export declare enum BindingNamespace {
     SimpleSign = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign",
     Artifact = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
 }
+export declare const NamespaceBindingMap: Record<string, 'redirect' | 'post' | 'simplesign' | 'artifact'>;
+declare function getBindingName(uri: string): 'redirect' | 'post' | 'simplesign' | 'artifact' | undefined;
 export declare enum MessageSignatureOrder {
     STE = "sign-then-encrypt",
     ETS = "encrypt-then-sign"
@@ -46,6 +48,12 @@ declare const namespace: {
         artifact: string;
         soap: string;
     };
+    bindMap: {
+        'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect': string;
+        'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST': string;
+        'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign': string;
+        'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact': string;
+    };
     names: {
         protocol: string;
         assertion: string;
@@ -156,19 +164,20 @@ declare const messageConfigurations: {
 };
 declare const algorithms: {
     signature: {
-        ECDSA_SHA256: string;
-        ECDSA_SHA384: string;
-        ECDSA_SHA512: string;
-        DSA_SHA1: string;
         RSA_SHA1: string;
+        DSA_SHA1: string;
         RSA_SHA224: string;
         RSA_SHA256: string;
         RSA_SHA384: string;
         RSA_SHA512: string;
+        ECDSA_SHA256: string;
+        ECDSA_SHA384: string;
+        ECDSA_SHA512: string;
         RSA_PSS_SHA256: string;
         EDDSA_ED25519: string;
         EDDSA_ED488: string;
     };
+    unsafeAlgorithms: string[];
     digest: {
         SHA1: string;
         SHA224: string;
@@ -260,5 +269,52 @@ declare const elementsOrder: {
     onelogin: string[];
     shibboleth: string[];
 };
-export { namespace, tags, algorithms, wording, elementsOrder, messageConfigurations };
+/**
+ * 安全配置选项
+ */
+interface SecurityOptions {
+    /** 是否允许 SHA-1 算法（默认 false） */
+    allowSHA1: boolean;
+    /** 是否允许 RSA-1_5 密钥加密（默认 false） */
+    allowRSA15: boolean;
+    /** 是否允许 TripleDES 加密（默认 false） */
+    allowTripleDES: boolean;
+}
+/**
+ * 默认安全配置
+ */
+declare const defaultSecurityOptions: SecurityOptions;
+/**
+ * 设置安全配置
+ * @param options 安全配置选项
+ */
+declare function setSecurityOptions(options: Partial<SecurityOptions>): void;
+/**
+ * 获取当前安全配置
+ * @returns 安全配置对象
+ */
+declare function getSecurityOptions(): SecurityOptions;
+/**
+ * 重置为默认安全配置
+ */
+declare function resetSecurityOptions(): void;
+/**
+ * 验证算法是否安全
+ * @param algorithm 算法 URI
+ * @returns 验证结果
+ */
+declare function validateAlgorithm(algorithm: string): {
+    valid: boolean;
+    reason?: string;
+};
+/**
+ * 检查算法是否为不安全算法
+ * @param algorithm 算法 URI
+ * @returns 检查结果
+ */
+declare function checkUnsafeAlgorithm(algorithm: string): {
+    isUnsafe: boolean;
+    algorithm?: string;
+};
+export { namespace, tags, algorithms, wording, elementsOrder, messageConfigurations, getBindingName, SecurityOptions, defaultSecurityOptions, setSecurityOptions, getSecurityOptions, resetSecurityOptions, validateAlgorithm, checkUnsafeAlgorithm };
 //# sourceMappingURL=urn.d.ts.map

package/types/src/urn.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"urn.d.ts","sourceRoot":"","sources":["../../src/urn.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,oBAAY,gBAAgB;IAC1B,QAAQ,uDAAuD;IAC/D,IAAI,mDAAmD;IACvD,UAAU,8DAA8D;IACxE,QAAQ,uDAAuD;CAChE;AAED,oBAAY,qBAAqB;IAC/B,GAAG,sBAAsB;IACzB,GAAG,sBAAsB;CAC1B;AAED,oBAAY,UAAU;IAEpB,OAAO,+CAA+C;IACtD,SAAS,iDAAiD;IAC1D,SAAS,iDAAiD;IAC1D,eAAe,uDAAuD;IAEtE,UAAU,mDAAmD;IAC7D,sBAAsB,8DAA8D;IACpF,mBAAmB,2DAA2D;IAC9E,cAAc,sDAAsD;IACpE,cAAc,sDAAsD;IACpE,SAAS,iDAAiD;IAC1D,cAAc,sDAAsD;IACpE,aAAa,qDAAqD;IAClE,kBAAkB,0DAA0D;IAC5E,aAAa,qDAAqD;IAClE,kBAAkB,0DAA0D;IAC5E,wBAAwB,gEAAgE;IACxF,qBAAqB,6DAA6D;IAClF,oBAAoB,4DAA4D;IAChF,qBAAqB,6DAA6D;IAClF,gBAAgB,wDAAwD;IACxE,kBAAkB,0DAA0D;IAC5E,gBAAgB,wDAAwD;IACxE,kBAAkB,0DAA0D;CAC7E;AAED,QAAA,MAAM,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA8Fd,CAAC;AAEF,QAAA,MAAM,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA+BT,CAAC;AAEF,QAAA,MAAM,qBAAqB;;;;;CAK1B,CAAC;AAEF,QAAA,MAAM,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;QAmFZ;;;WAGG;;;;;;;;;;;;;CAwBN,CAAC;AAaF,oBAAY,UAAU;IACpB,WAAW,gBAAgB;IAC3B,YAAY,iBAAiB;IAC7B,aAAa,kBAAkB;IAC/B,cAAc,mBAAmB;CAClC;AAED,QAAA,MAAM,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;CAyBZ,CAAC;AAIF,QAAA,MAAM,aAAa;;;;CAIlB,CAAC;AAEF,OAAO,EAAC,SAAS,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,aAAa,EAAE,qBAAqB,EAAC,CAAC"}
+{"version":3,"file":"urn.d.ts","sourceRoot":"","sources":["../../src/urn.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,oBAAY,gBAAgB;IAC1B,QAAQ,uDAAuD;IAC/D,IAAI,mDAAmD;IACvD,UAAU,8DAA8D;IACxE,QAAQ,uDAAuD;CAChE;AACD,eAAO,MAAM,mBAAmB,EAAE,MAAM,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,GAAG,YAAY,GAAG,UAAU,CAK/F,CAAC;AAGD,iBAAS,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,GAAG,MAAM,GAAG,YAAY,GAAG,UAAU,GAAG,SAAS,CAEjG;AAED,oBAAY,qBAAqB;IAC/B,GAAG,sBAAsB;IACzB,GAAG,sBAAsB;CAC1B;AAED,oBAAY,UAAU;IAEpB,OAAO,+CAA+C;IACtD,SAAS,iDAAiD;IAC1D,SAAS,iDAAiD;IAC1D,eAAe,uDAAuD;IAEtE,UAAU,mDAAmD;IAC7D,sBAAsB,8DAA8D;IACpF,mBAAmB,2DAA2D;IAC9E,cAAc,sDAAsD;IACpE,cAAc,sDAAsD;IACpE,SAAS,iDAAiD;IAC1D,cAAc,sDAAsD;IACpE,aAAa,qDAAqD;IAClE,kBAAkB,0DAA0D;IAC5E,aAAa,qDAAqD;IAClE,kBAAkB,0DAA0D;IAC5E,wBAAwB,gEAAgE;IACxF,qBAAqB,6DAA6D;IAClF,oBAAoB,4DAA4D;IAChF,qBAAqB,6DAA6D;IAClF,gBAAgB,wDAAwD;IACxE,kBAAkB,0DAA0D;IAC5E,gBAAgB,wDAAwD;IACxE,kBAAkB,0DAA0D;CAC7E;AAED,QAAA,MAAM,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAoGd,CAAC;AAEF,QAAA,MAAM,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA+BT,CAAC;AAEF,QAAA,MAAM,qBAAqB;;;;;CAK1B,CAAC;AAEF,QAAA,MAAM,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;QA6FZ;;;WAGG;;;;;;;;;;;;;CAwBN,CAAC;AAaF,oBAAY,UAAU;IACpB,WAAW,gBAAgB;IAC3B,YAAY,iBAAiB;IAC7B,aAAa,kBAAkB;IAC/B,cAAc,mBAAmB;CAClC;AAED,QAAA,MAAM,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;CAyBZ,CAAC;AAIF,QAAA,MAAM,aAAa;;;;CAIlB,CAAC;AAEF;;GAEG;AACH,UAAU,eAAe;IACvB,8BAA8B;IAC9B,SAAS,EAAE,OAAO,CAAC;IACnB,kCAAkC;IAClC,UAAU,EAAE,OAAO,CAAC;IACpB,kCAAkC;IAClC,cAAc,EAAE,OAAO,CAAC;CACzB;AAED;;GAEG;AACH,QAAA,MAAM,sBAAsB,EAAE,eAI7B,CAAC;AAOF;;;GAGG;AACH,iBAAS,kBAAkB,CAAC,OAAO,EAAE,OAAO,CAAC,eAAe,CAAC,QAE5D;AAED;;;GAGG;AACH,iBAAS,kBAAkB,IAAI,eAAe,CAE7C;AAED;;GAEG;AACH,iBAAS,oBAAoB,SAE5B;AAED;;;;GAIG;AACH,iBAAS,iBAAiB,CAAC,SAAS,EAAE,MAAM,GAAG;IAAE,KAAK,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,CA0BjF;AAED;;;;GAIG;AACH,iBAAS,oBAAoB,CAAC,SAAS,EAAE,MAAM,GAAG;IAAE,QAAQ,EAAE,OAAO,CAAC;IAAC,SAAS,CAAC,EAAE,MAAM,CAAA;CAAE,CAS1F;AAED,OAAO,EACL,SAAS,EACT,IAAI,EACJ,UAAU,EACV,OAAO,EACP,aAAa,EACb,qBAAqB,EACrB,cAAc,EACd,eAAe,EACf,sBAAsB,EACtB,kBAAkB,EAClB,kBAAkB,EAClB,oBAAoB,EACpB,iBAAiB,EACjB,oBAAoB,EACrB,CAAC"}

package/types/src/utility.d.ts

@@ -113,6 +113,21 @@ declare function convertToString(input: any, isOutputString: any): any;
 export declare function isNonEmptyArray(a: any): boolean;
 export declare function castArrayOpt<T>(a?: T | T[]): T[];
 export declare function notEmpty<TValue>(value: TValue | null | undefined): value is TValue;
+/**
+ * @desc 验证 RelayState 是否符合 SAML 2.0 规范
+ * @param {string} relayState - RelayState 值
+ * @returns {{ valid: boolean; error?: string }} 验证结果
+ */
+export declare function validateRelayState(relayState: string): {
+    valid: boolean;
+    error?: string;
+};
+/**
+ * @desc 日志脱敏函数，过滤敏感信息
+ * @param {any} data - 需要脱敏的数据
+ * @returns {any} 脱敏后的数据
+ */
+export declare function sanitizeLog(data: any): any;
 declare const utility: {
     isString: typeof isString;
     base64Encode: typeof base64Encode;
@@ -128,6 +143,8 @@ declare const utility: {
     readPrivateKey: typeof readPrivateKey;
     convertToString: typeof convertToString;
     isNonEmptyArray: typeof isNonEmptyArray;
+    validateRelayState: typeof validateRelayState;
+    sanitizeLog: typeof sanitizeLog;
 };
 export default utility;
 //# sourceMappingURL=utility.d.ts.map

package/types/src/utility.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"utility.d.ts","sourceRoot":"","sources":["../../src/utility.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAOH;;;;GAIG;AACH,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,cAAc,UAAO,MAmB3E;AAED;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,GAAG,EAAE,OAIvC;AAED;;;;GAIG;AACH,wBAAgB,IAAI,CAAC,KAAK,EAAE,GAAG,EAAE,OAEhC;AAED;;;;GAIG;AACH,wBAAgB,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,YAGnC;AAED;;;;;;GAMG;AACH,wBAAgB,GAAG,CAAC,GAAG,KAAA,EAAE,IAAI,KAAA,EAAE,YAAY,KAAA,OAG1C;AAED;;;GAGG;AACH,wBAAgB,QAAQ,CAAC,KAAK,EAAE,GAAG,mBAElC;AAED;;;;GAIG;AACH,iBAAS,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,UAE/C;AAED;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,aAAa,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,CAGtF;AAED;;;;GAIG;AACH,iBAAS,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,CAKhD;AAED;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,gBAAgB,EAAE,MAAM,GAAG,MAAM,CAc9D;AAYD;;;;GAIG;AACH,iBAAS,kBAAkB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,UAEtD;AAED;;;;GAIG;AACH,iBAAS,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,UAErD;AAED;;;;GAIG;AACH,iBAAS,UAAU,CAAC,GAAG,KAAA,UAEtB;AAED;;;;GAIG;AACH,iBAAS,WAAW,CAAC,GAAG,KAAA,EAAE,YAAY,SAAK,OAE1C;AAED;;;;;GAKG;AACH,iBAAS,YAAY,CAAC,IAAI,KAAA,EAAE,IAAI,KAAA,OAE/B;AAED;;;;GAIG;AACH,iBAAS,8BAA8B,CAAC,qBAAqB,EAAE,MAAM,UAWpE;AAuED,wBAAgB,cAAc,CAC1B,SAAS,EAAE,MAAM,GAAG,MAAM,EAC1B,UAAU,CAAC,EAAE,MAAM,EACnB,cAAc,GAAE,OAAc,GAC/B,MAAM,GAAG,MAAM,CAyCjB;AACD;;GAEG;AACH,iBAAS,eAAe,CAAC,KAAK,KAAA,EAAE,cAAc,KAAA,OAE7C;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,CAAC,EAAE,GAAG,WAErC;AAED,wBAAgB,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,EAAE,CAGhD;AAED,wBAAgB,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,KAAK,IAAI,MAAM,CAElF;AAED,QAAA,MAAM,OAAO;;;;;;;;;;;;;;;CAeZ,CAAC;AAEF,eAAe,OAAO,CAAC"}
+{"version":3,"file":"utility.d.ts","sourceRoot":"","sources":["../../src/utility.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAOH;;;;GAIG;AACH,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,cAAc,UAAO,MAmB3E;AAED;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,GAAG,EAAE,OAIvC;AAED;;;;GAIG;AACH,wBAAgB,IAAI,CAAC,KAAK,EAAE,GAAG,EAAE,OAEhC;AAED;;;;GAIG;AACH,wBAAgB,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,YAGnC;AAED;;;;;;GAMG;AACH,wBAAgB,GAAG,CAAC,GAAG,KAAA,EAAE,IAAI,KAAA,EAAE,YAAY,KAAA,OAG1C;AAED;;;GAGG;AACH,wBAAgB,QAAQ,CAAC,KAAK,EAAE,GAAG,mBAElC;AAED;;;;GAIG;AACH,iBAAS,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,UAE/C;AAED;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,aAAa,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,CAGtF;AAED;;;;GAIG;AACH,iBAAS,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,CAKhD;AAED;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,gBAAgB,EAAE,MAAM,GAAG,MAAM,CAc9D;AAYD;;;;GAIG;AACH,iBAAS,kBAAkB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,UAEtD;AAED;;;;GAIG;AACH,iBAAS,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,UAErD;AAED;;;;GAIG;AACH,iBAAS,UAAU,CAAC,GAAG,KAAA,UAEtB;AAED;;;;GAIG;AACH,iBAAS,WAAW,CAAC,GAAG,KAAA,EAAE,YAAY,SAAK,OAE1C;AAED;;;;;GAKG;AACH,iBAAS,YAAY,CAAC,IAAI,KAAA,EAAE,IAAI,KAAA,OAE/B;AAED;;;;GAIG;AACH,iBAAS,8BAA8B,CAAC,qBAAqB,EAAE,MAAM,UAWpE;AAuED,wBAAgB,cAAc,CAC1B,SAAS,EAAE,MAAM,GAAG,MAAM,EAC1B,UAAU,CAAC,EAAE,MAAM,EACnB,cAAc,GAAE,OAAc,GAC/B,MAAM,GAAG,MAAM,CAyCjB;AACD;;GAEG;AACH,iBAAS,eAAe,CAAC,KAAK,KAAA,EAAE,cAAc,KAAA,OAE7C;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,CAAC,EAAE,GAAG,WAErC;AAED,wBAAgB,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,EAAE,CAGhD;AAED,wBAAgB,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,KAAK,IAAI,MAAM,CAElF;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,UAAU,EAAE,MAAM,GAAG;IAAE,KAAK,EAAE,OAAO,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CA2BzF;AAgBD;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,GAAG,GAAG,GAAG,CAoB1C;AAED,QAAA,MAAM,OAAO;;;;;;;;;;;;;;;;;CAiBZ,CAAC;AAEF,eAAe,OAAO,CAAC"}