samlesa 3.5.0 → 4.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/src/libsaml.js +10 -36
- package/build/src/utility.js +132 -3
- package/package.json +1 -1
- package/types/src/libsaml.d.ts.map +1 -1
- package/types/src/utility.d.ts +18 -0
- package/types/src/utility.d.ts.map +1 -1
package/build/src/libsaml.js
CHANGED
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
*/
|
|
6
6
|
import { X509Certificate } from 'node:crypto';
|
|
7
7
|
import xml from 'xml';
|
|
8
|
-
import utility, {
|
|
8
|
+
import utility, { inflateString, isString, normalizeCertificates } from './utility.js';
|
|
9
9
|
;
|
|
10
10
|
import * as crypto from 'node:crypto';
|
|
11
11
|
import { algorithms, namespace, wording } from './urn.js';
|
|
@@ -524,13 +524,7 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
|
|
|
524
524
|
else if (opts.metadata) {
|
|
525
525
|
const certificateNode = select(".//*[local-name() = 'X509Certificate']", signatureNode);
|
|
526
526
|
let metadataCert = opts.metadata.getX509Certificate(certUse.signing);
|
|
527
|
-
|
|
528
|
-
metadataCert = flattenDeep(metadataCert);
|
|
529
|
-
}
|
|
530
|
-
else if (typeof metadataCert === 'string') {
|
|
531
|
-
metadataCert = [metadataCert];
|
|
532
|
-
}
|
|
533
|
-
metadataCert = metadataCert.map(utility.normalizeCerString);
|
|
527
|
+
metadataCert = normalizeCertificates(metadataCert);
|
|
534
528
|
if (certificateNode.length === 0 && metadataCert.length === 0) {
|
|
535
529
|
throw new Error('NO_SELECTED_CERTIFICATE');
|
|
536
530
|
}
|
|
@@ -580,14 +574,12 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
|
|
|
580
574
|
}
|
|
581
575
|
else if (opts.metadata) {
|
|
582
576
|
const certificateNode = select(".//*[local-name() = 'X509Certificate']", signatureNode);
|
|
577
|
+
console.log(opts.metadata.getX509Certificate);
|
|
578
|
+
console.log(certUse.signing);
|
|
579
|
+
console.log("执行情况");
|
|
580
|
+
console.log(opts);
|
|
583
581
|
let metadataCert = opts.metadata.getX509Certificate(certUse.signing);
|
|
584
|
-
|
|
585
|
-
metadataCert = flattenDeep(metadataCert);
|
|
586
|
-
}
|
|
587
|
-
else if (typeof metadataCert === 'string') {
|
|
588
|
-
metadataCert = [metadataCert];
|
|
589
|
-
}
|
|
590
|
-
metadataCert = metadataCert.map(utility.normalizeCerString);
|
|
582
|
+
metadataCert = normalizeCertificates(metadataCert);
|
|
591
583
|
if (certificateNode.length === 0 && metadataCert.length === 0) {
|
|
592
584
|
throw new Error('NO_SELECTED_CERTIFICATE');
|
|
593
585
|
}
|
|
@@ -627,13 +619,7 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
|
|
|
627
619
|
else if (opts.metadata) {
|
|
628
620
|
const certificateNode = select(".//*[local-name() = 'X509Certificate']", signatureNode);
|
|
629
621
|
let metadataCert = opts.metadata.getX509Certificate(certUse.signing);
|
|
630
|
-
|
|
631
|
-
metadataCert = flattenDeep(metadataCert);
|
|
632
|
-
}
|
|
633
|
-
else if (typeof metadataCert === 'string') {
|
|
634
|
-
metadataCert = [metadataCert];
|
|
635
|
-
}
|
|
636
|
-
metadataCert = metadataCert.map(utility.normalizeCerString);
|
|
622
|
+
metadataCert = normalizeCertificates(metadataCert);
|
|
637
623
|
if (certificateNode.length === 0 && metadataCert.length === 0) {
|
|
638
624
|
throw new Error('NO_SELECTED_CERTIFICATE');
|
|
639
625
|
}
|
|
@@ -791,13 +777,7 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
|
|
|
791
777
|
const certificateNode = select(".//*[local-name(.)='X509Certificate']", signatureNode);
|
|
792
778
|
// 证书处理逻辑
|
|
793
779
|
let metadataCert = opts.metadata.getX509Certificate(certUse.signing);
|
|
794
|
-
|
|
795
|
-
metadataCert = flattenDeep(metadataCert);
|
|
796
|
-
}
|
|
797
|
-
else if (typeof metadataCert === 'string') {
|
|
798
|
-
metadataCert = [metadataCert];
|
|
799
|
-
}
|
|
800
|
-
metadataCert = metadataCert.map(utility.normalizeCerString);
|
|
780
|
+
metadataCert = normalizeCertificates(metadataCert);
|
|
801
781
|
// 没有证书的情况
|
|
802
782
|
if (certificateNode.length === 0 && metadataCert.length === 0) {
|
|
803
783
|
throw new Error('NO_SELECTED_CERTIFICATE');
|
|
@@ -1070,13 +1050,7 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
|
|
|
1070
1050
|
else if (opts.metadata) {
|
|
1071
1051
|
const certificateNode = select(".//*[local-name(.)='X509Certificate']", signatureNode);
|
|
1072
1052
|
let metadataCert = opts.metadata.getX509Certificate(certUse.signing);
|
|
1073
|
-
|
|
1074
|
-
metadataCert = flattenDeep(metadataCert);
|
|
1075
|
-
}
|
|
1076
|
-
else if (typeof metadataCert === 'string') {
|
|
1077
|
-
metadataCert = [metadataCert];
|
|
1078
|
-
}
|
|
1079
|
-
metadataCert = metadataCert.map(utility.normalizeCerString);
|
|
1053
|
+
metadataCert = normalizeCertificates(metadataCert);
|
|
1080
1054
|
if (certificateNode.length === 0 && metadataCert.length === 0) {
|
|
1081
1055
|
throw new Error('NO_SELECTED_CERTIFICATE');
|
|
1082
1056
|
}
|
package/build/src/utility.js
CHANGED
|
@@ -178,11 +178,21 @@ function applyDefault(obj1, obj2) {
|
|
|
178
178
|
* @return {string} public key fetched from the certificate
|
|
179
179
|
*/
|
|
180
180
|
function getPublicKeyPemFromCertificate(x509CertificateString) {
|
|
181
|
-
|
|
181
|
+
// 清理证书字符串:移除 PEM 头尾、换行符、空格等
|
|
182
|
+
const cleanCert = x509CertificateString
|
|
183
|
+
.replace(/-----BEGIN CERTIFICATE-----/g, '')
|
|
184
|
+
.replace(/-----END CERTIFICATE-----/g, '')
|
|
185
|
+
.replace(/\r\n/g, '')
|
|
186
|
+
.replace(/\n/g, '')
|
|
187
|
+
.replace(/\r/g, '')
|
|
188
|
+
.replace(/ /g, '')
|
|
189
|
+
.trim();
|
|
190
|
+
// 将 Base64 字符串转换为 PEM 格式(添加头尾标记)
|
|
191
|
+
const pemCert = `-----BEGIN CERTIFICATE-----\n${cleanCert}\n-----END CERTIFICATE-----`;
|
|
182
192
|
// 解析 X.509 证书
|
|
183
|
-
const cert2 = new X509Certificate(
|
|
193
|
+
const cert2 = new X509Certificate(pemCert);
|
|
184
194
|
const publicKeyObject = cert2.publicKey;
|
|
185
|
-
//
|
|
195
|
+
// 导出为 PEM 格式
|
|
186
196
|
return publicKeyObject.export({
|
|
187
197
|
type: 'spki', // 使用 Subject Public Key Info 结构
|
|
188
198
|
format: 'pem' // 输出 PEM 格式
|
|
@@ -356,6 +366,123 @@ const sensitiveKeys = [
|
|
|
356
366
|
'signingCert',
|
|
357
367
|
'encryptCert'
|
|
358
368
|
];
|
|
369
|
+
/**
|
|
370
|
+
* @desc 验证并标准化证书数组,处理 null、undefined、空字符串、非数组等边界情况
|
|
371
|
+
* @param {any} metadataCert - 证书输入,可能是 string、string[]、null、undefined 或其他类型
|
|
372
|
+
* @returns {string[]} 标准化后的证书字符串数组(纯 Base64 格式,无 PEM 头尾和换行)
|
|
373
|
+
* @throws {Error} 当证书格式无效时抛出错误
|
|
374
|
+
*/
|
|
375
|
+
export function normalizeCertificates(metadataCert) {
|
|
376
|
+
// 处理 null 或 undefined
|
|
377
|
+
if (metadataCert === null || metadataCert === undefined) {
|
|
378
|
+
return [];
|
|
379
|
+
}
|
|
380
|
+
let certArray;
|
|
381
|
+
// 转换为数组
|
|
382
|
+
if (Array.isArray(metadataCert)) {
|
|
383
|
+
// 扁平化嵌套数组
|
|
384
|
+
certArray = flattenDeep(metadataCert);
|
|
385
|
+
}
|
|
386
|
+
else if (typeof metadataCert === 'string') {
|
|
387
|
+
// 单个字符串转为数组
|
|
388
|
+
certArray = [metadataCert];
|
|
389
|
+
}
|
|
390
|
+
else {
|
|
391
|
+
// 不支持的类型
|
|
392
|
+
console.warn(`normalizeCertificates: 不支持的证书类型 ${typeof metadataCert},返回空数组`);
|
|
393
|
+
return [];
|
|
394
|
+
}
|
|
395
|
+
// 过滤和清理证书
|
|
396
|
+
const cleanedCerts = certArray
|
|
397
|
+
.filter((cert) => {
|
|
398
|
+
// 过滤 null、undefined、空字符串
|
|
399
|
+
if (cert === null || cert === undefined) {
|
|
400
|
+
return false;
|
|
401
|
+
}
|
|
402
|
+
if (typeof cert !== 'string') {
|
|
403
|
+
console.warn(`normalizeCertificates: 跳过非字符串证书类型 ${typeof cert}`);
|
|
404
|
+
return false;
|
|
405
|
+
}
|
|
406
|
+
const trimmed = cert.trim();
|
|
407
|
+
if (trimmed.length === 0) {
|
|
408
|
+
return false;
|
|
409
|
+
}
|
|
410
|
+
return true;
|
|
411
|
+
})
|
|
412
|
+
.map((cert) => {
|
|
413
|
+
// 清理证书字符串:移除 PEM 头尾、换行符、空格等
|
|
414
|
+
return cert
|
|
415
|
+
.replace(/-----BEGIN CERTIFICATE-----/g, '')
|
|
416
|
+
.replace(/-----END CERTIFICATE-----/g, '')
|
|
417
|
+
.replace(/\r\n/g, '')
|
|
418
|
+
.replace(/\n/g, '')
|
|
419
|
+
.replace(/\r/g, '')
|
|
420
|
+
.replace(/ /g, '')
|
|
421
|
+
.trim();
|
|
422
|
+
})
|
|
423
|
+
.filter((cert) => cert.length > 0); // 再次过滤空字符串
|
|
424
|
+
// 验证证书格式(可选,仅验证 Base64 格式)
|
|
425
|
+
const base64Regex = /^[A-Za-z0-9+/]+=*$/;
|
|
426
|
+
for (const cert of cleanedCerts) {
|
|
427
|
+
if (!base64Regex.test(cert)) {
|
|
428
|
+
throw new Error(`无效的证书格式:证书必须是有效的 Base64 编码,当前值:${cert.substring(0, 50)}...`);
|
|
429
|
+
}
|
|
430
|
+
}
|
|
431
|
+
return cleanedCerts;
|
|
432
|
+
}
|
|
433
|
+
/**
|
|
434
|
+
* @desc 验证证书是否有效(可选,用于更严格的验证)
|
|
435
|
+
* @param {string} certificateBase64 - Base64 编码的证书(不含 PEM 头尾)
|
|
436
|
+
* @returns {{ isValid: boolean; error?: string }} 验证结果
|
|
437
|
+
*/
|
|
438
|
+
export function validateCertificate(certificateBase64) {
|
|
439
|
+
try {
|
|
440
|
+
// 清理证书
|
|
441
|
+
const cleanCert = certificateBase64
|
|
442
|
+
.replace(/-----BEGIN CERTIFICATE-----/g, '')
|
|
443
|
+
.replace(/-----END CERTIFICATE-----/g, '')
|
|
444
|
+
.replace(/\r\n/g, '')
|
|
445
|
+
.replace(/\n/g, '')
|
|
446
|
+
.replace(/\r/g, '')
|
|
447
|
+
.replace(/ /g, '')
|
|
448
|
+
.trim();
|
|
449
|
+
// 验证 Base64 格式
|
|
450
|
+
const base64Regex = /^[A-Za-z0-9+/]+=*$/;
|
|
451
|
+
if (!base64Regex.test(cleanCert)) {
|
|
452
|
+
return {
|
|
453
|
+
isValid: false,
|
|
454
|
+
error: '无效的 Base64 编码'
|
|
455
|
+
};
|
|
456
|
+
}
|
|
457
|
+
// 转换为 PEM 格式
|
|
458
|
+
const pemCert = `-----BEGIN CERTIFICATE-----\n${cleanCert}\n-----END CERTIFICATE-----`;
|
|
459
|
+
// 尝试解析证书
|
|
460
|
+
const cert = new X509Certificate(pemCert);
|
|
461
|
+
// 检查有效期
|
|
462
|
+
const now = new Date();
|
|
463
|
+
if (new Date(cert.validFrom) > now || new Date(cert.validTo) < now) {
|
|
464
|
+
return {
|
|
465
|
+
isValid: false,
|
|
466
|
+
error: '证书已过期或尚未生效'
|
|
467
|
+
};
|
|
468
|
+
}
|
|
469
|
+
// 检查公钥类型
|
|
470
|
+
const keyType = cert.publicKey.asymmetricKeyType;
|
|
471
|
+
if (keyType && !['rsa', 'ec'].includes(keyType)) {
|
|
472
|
+
return {
|
|
473
|
+
isValid: false,
|
|
474
|
+
error: '证书使用不支持的公钥类型'
|
|
475
|
+
};
|
|
476
|
+
}
|
|
477
|
+
return { isValid: true };
|
|
478
|
+
}
|
|
479
|
+
catch (error) {
|
|
480
|
+
return {
|
|
481
|
+
isValid: false,
|
|
482
|
+
error: error instanceof Error ? error.message : '未知错误'
|
|
483
|
+
};
|
|
484
|
+
}
|
|
485
|
+
}
|
|
359
486
|
/**
|
|
360
487
|
* @desc 日志脱敏函数,过滤敏感信息
|
|
361
488
|
* @param {any} data - 需要脱敏的数据
|
|
@@ -398,5 +525,7 @@ const utility = {
|
|
|
398
525
|
isNonEmptyArray,
|
|
399
526
|
validateRelayState,
|
|
400
527
|
sanitizeLog,
|
|
528
|
+
normalizeCertificates,
|
|
529
|
+
validateCertificate,
|
|
401
530
|
};
|
|
402
531
|
export default utility;
|
package/package.json
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"libsaml.d.ts","sourceRoot":"","sources":["../../src/libsaml.ts"],"names":[],"mappings":"AAQA,OAAQ,KAAK,MAAM,MAAM,aAAa,CAAA;AAItC,OAAO,KAAK,EAAC,iBAAiB,EAAC,MAAM,eAAe,CAAC;AAoBrD;;;;GAIG;AAGH,MAAM,WAAW,oBAAoB;IACnC,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,WAAW,EAAE,MAAM,GAAG,MAAM,CAAC;IAC7B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,eAAe,CAAC,EAAE,GAAG,CAAC;IACtB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,wBAAwB,CAAC,EAAE,MAAM,EAAE,CAAC;CACrC;AAED,MAAM,WAAW,wBAAwB;IACvC,QAAQ,CAAC,EAAE,iBAAiB,CAAC;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED,MAAM,WAAW,eAAe;IAC9B,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;IAEnB,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC9B,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC3B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,sBAAsB;IACrC,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;CAC1B;AAED,MAAM,WAAW,gCAAgC;IAC/C,0BAA0B,CAAC,EAAE,0BAA0B,CAAC;IACxD,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;CACvC;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;IAC7D,UAAU,CAAC,EAAE,sBAAsB,EAAE,CAAC;IACtC,mBAAmB,CAAC,EAAE,gCAAgC,CAAC;CACxD;AAED,MAAM,WAAW,0BAA2B,SAAQ,gBAAgB;CACnE;AAED,MAAM,WAAW,iBAAkB,SAAQ,gBAAgB;CAC1D;AAED,MAAM,WAAW,oBAAqB,SAAQ,gBAAgB;CAC7D;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;CAC9D;AAED,MAAM,WAAW,sBAAuB,SAAQ,gBAAgB;CAC/D;AAED,MAAM,MAAM,MAAM,GAAG,SAAS,GAAG,YAAY,CAAC;AAE9C,MAAM,WAAW,YAAY;IAC3B,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACpB;AAED,MAAM,WAAW,gBAAgB;IAC/B,mBAAmB,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,CAAC;IAC9C,WAAW,EAAE,CAAC,KAAK,KAAA,EAAE,YAAY,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IACvD,kBAAkB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,KAAK,MAAM,CAAC;IAC/D,yBAAyB,EAAE,CAAC,UAAU,EAAE,sBAAsB,EAAE,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,0BAA0B,EAAE,0BAA0B,KAAK,MAAM,CAAC;IAC1K,sBAAsB,EAAE,CAAC,IAAI,EAAE,oBAAoB,KAAK,MAAM,CAAC;IAC/D,eAAe,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,wBAAwB,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IACjF,gBAAgB,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,KAAK,EAAE,CAAC;IAC7D,yBAAyB,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,OAAO,EAAE,gBAAgB,CAAC,EAAE,MAAM,KAAK,MAAM,CAAC;IAE5I,sBAAsB,EAAE,CAAC,QAAQ,KAAA,EAAE,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC;IACzH,UAAU,EAAE,CAAC,eAAe,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,GAAG,KAAK,IAAI,CAAC;IACrE,gBAAgB,EAAE,CAAC,YAAY,KAAA,EAAE,YAAY,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IACrF,gBAAgB,EAAE,CAAC,IAAI,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;IAEtE,gBAAgB,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IACpD,eAAe,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IAEnD,2BAA2B,EAAE,oBAAoB,CAAC;IAClD,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,iCAAiC,EAAE,0BAA0B,CAAC;IAC9D,wBAAwB,EAAE,iBAAiB,CAAC;IAC5C,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,6BAA6B,EAAE,sBAAsB,CAAC;CACvD;;6CAwN4C,OAAO,KAAG,MAAM;gCA3MxB,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;wDAgBkB,MAAM;;;;IAwO/D;;;;;OAKG;+BACwB,MAAM,aAAa,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM;IAS9E;;;;;;OAMG;IACH,eAAe;6CAC0B,GAAG,EAAE,GAAG,MAAM;IA0CvD;;;OAGG;iCAC0B;QAC3B,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,UAAU,EAAE,MAAM,GAAG,MAAM,CAAC;QAC5B,cAAc,CAAC,EAAE,MAAM,CAAC;QACxB,kBAAkB,EAAE,MAAM,CAAC;QAC3B,WAAW,EAAE,GAAG,CAAC;QACjB,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,cAAc,EAAE,GAAG,CAAC;QACpB,wBAAwB,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAC;QAChD,iBAAiB,EAAE,MAAM,CAAC;QAC1B,eAAe,EAAE;YAAE,MAAM,EAAE,MAAM,CAAC;YAAC,QAAQ,EAAE;gBAAE,SAAS,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,MAAM,CAAA;aAAE,CAAA;SAAE,CAAA;KACrF,GAAG,MAAM;2CA0D6B,MAAM,mBAAmB,MAAM;;;;;;;;;;;;;IAmCtE;;;;;;OAMG;yBAEwB,MAAM,QAAQ,wBAAwB,QAAQ,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;
|
|
1
|
+
{"version":3,"file":"libsaml.d.ts","sourceRoot":"","sources":["../../src/libsaml.ts"],"names":[],"mappings":"AAQA,OAAQ,KAAK,MAAM,MAAM,aAAa,CAAA;AAItC,OAAO,KAAK,EAAC,iBAAiB,EAAC,MAAM,eAAe,CAAC;AAoBrD;;;;GAIG;AAGH,MAAM,WAAW,oBAAoB;IACnC,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,WAAW,EAAE,MAAM,GAAG,MAAM,CAAC;IAC7B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,eAAe,CAAC,EAAE,GAAG,CAAC;IACtB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,wBAAwB,CAAC,EAAE,MAAM,EAAE,CAAC;CACrC;AAED,MAAM,WAAW,wBAAwB;IACvC,QAAQ,CAAC,EAAE,iBAAiB,CAAC;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED,MAAM,WAAW,eAAe;IAC9B,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;IAEnB,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC9B,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC3B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,sBAAsB;IACrC,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;CAC1B;AAED,MAAM,WAAW,gCAAgC;IAC/C,0BAA0B,CAAC,EAAE,0BAA0B,CAAC;IACxD,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;CACvC;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;IAC7D,UAAU,CAAC,EAAE,sBAAsB,EAAE,CAAC;IACtC,mBAAmB,CAAC,EAAE,gCAAgC,CAAC;CACxD;AAED,MAAM,WAAW,0BAA2B,SAAQ,gBAAgB;CACnE;AAED,MAAM,WAAW,iBAAkB,SAAQ,gBAAgB;CAC1D;AAED,MAAM,WAAW,oBAAqB,SAAQ,gBAAgB;CAC7D;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;CAC9D;AAED,MAAM,WAAW,sBAAuB,SAAQ,gBAAgB;CAC/D;AAED,MAAM,MAAM,MAAM,GAAG,SAAS,GAAG,YAAY,CAAC;AAE9C,MAAM,WAAW,YAAY;IAC3B,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACpB;AAED,MAAM,WAAW,gBAAgB;IAC/B,mBAAmB,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,CAAC;IAC9C,WAAW,EAAE,CAAC,KAAK,KAAA,EAAE,YAAY,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IACvD,kBAAkB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,KAAK,MAAM,CAAC;IAC/D,yBAAyB,EAAE,CAAC,UAAU,EAAE,sBAAsB,EAAE,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,0BAA0B,EAAE,0BAA0B,KAAK,MAAM,CAAC;IAC1K,sBAAsB,EAAE,CAAC,IAAI,EAAE,oBAAoB,KAAK,MAAM,CAAC;IAC/D,eAAe,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,wBAAwB,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IACjF,gBAAgB,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,KAAK,EAAE,CAAC;IAC7D,yBAAyB,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,OAAO,EAAE,gBAAgB,CAAC,EAAE,MAAM,KAAK,MAAM,CAAC;IAE5I,sBAAsB,EAAE,CAAC,QAAQ,KAAA,EAAE,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC;IACzH,UAAU,EAAE,CAAC,eAAe,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,GAAG,KAAK,IAAI,CAAC;IACrE,gBAAgB,EAAE,CAAC,YAAY,KAAA,EAAE,YAAY,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IACrF,gBAAgB,EAAE,CAAC,IAAI,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;IAEtE,gBAAgB,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IACpD,eAAe,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IAEnD,2BAA2B,EAAE,oBAAoB,CAAC;IAClD,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,iCAAiC,EAAE,0BAA0B,CAAC;IAC9D,wBAAwB,EAAE,iBAAiB,CAAC;IAC5C,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,6BAA6B,EAAE,sBAAsB,CAAC;CACvD;;6CAwN4C,OAAO,KAAG,MAAM;gCA3MxB,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;wDAgBkB,MAAM;;;;IAwO/D;;;;;OAKG;+BACwB,MAAM,aAAa,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM;IAS9E;;;;;;OAMG;IACH,eAAe;6CAC0B,GAAG,EAAE,GAAG,MAAM;IA0CvD;;;OAGG;iCAC0B;QAC3B,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,UAAU,EAAE,MAAM,GAAG,MAAM,CAAC;QAC5B,cAAc,CAAC,EAAE,MAAM,CAAC;QACxB,kBAAkB,EAAE,MAAM,CAAC;QAC3B,WAAW,EAAE,GAAG,CAAC;QACjB,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,cAAc,EAAE,GAAG,CAAC;QACpB,wBAAwB,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAC;QAChD,iBAAiB,EAAE,MAAM,CAAC;QAC1B,eAAe,EAAE;YAAE,MAAM,EAAE,MAAM,CAAC;YAAC,QAAQ,EAAE;gBAAE,SAAS,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,MAAM,CAAA;aAAE,CAAA;SAAE,CAAA;KACrF,GAAG,MAAM;2CA0D6B,MAAM,mBAAmB,MAAM;;;;;;;;;;;;;IAmCtE;;;;;;OAMG;yBAEwB,MAAM,QAAQ,wBAAwB,QAAQ,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;6BA+VlE,MAAM,QAAQ,wBAAwB;IAkK/D;;;;;OAKG;0BACmB,MAAM,cAAc,MAAM,GAAG,MAAM,GAAG,YAAY;IAsBxE;;;;;;;;OAQG;2CAGY,MAAM,OAChB,MAAM,eACE,MAAM,aACR,OAAO,qBACC,MAAM,GAC1B,MAAM,GAAG,MAAM;IAyBd;;;;;;;OAOG;qCAES,GAAG,eACF,MAAM,aACR,MAAM,GAAG,MAAM,oBACR,MAAM;IAmB1B;;;;SAIK;gCACyB,MAAM,oBAAmB,GAAG;;;;IAWxD;;;;;;OAMG;iEAEgD,MAAM;IA2DzD;;OAEG;IACH;;OAEG;+CACmC,MAAM,SAAS,wBAAwB;;;;;;IAiH7E;;;;;OAKG;+BAC8B,GAAG,aAAa,MAAM,GAAG,OAAO,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IA8EnF;;OAEG;sBACqB,MAAM,SAAQ,OAAO;;AA8BjD,wBAAyB"}
|
package/types/src/utility.d.ts
CHANGED
|
@@ -122,6 +122,22 @@ export declare function validateRelayState(relayState: string): {
|
|
|
122
122
|
valid: boolean;
|
|
123
123
|
error?: string;
|
|
124
124
|
};
|
|
125
|
+
/**
|
|
126
|
+
* @desc 验证并标准化证书数组,处理 null、undefined、空字符串、非数组等边界情况
|
|
127
|
+
* @param {any} metadataCert - 证书输入,可能是 string、string[]、null、undefined 或其他类型
|
|
128
|
+
* @returns {string[]} 标准化后的证书字符串数组(纯 Base64 格式,无 PEM 头尾和换行)
|
|
129
|
+
* @throws {Error} 当证书格式无效时抛出错误
|
|
130
|
+
*/
|
|
131
|
+
export declare function normalizeCertificates(metadataCert: any): string[];
|
|
132
|
+
/**
|
|
133
|
+
* @desc 验证证书是否有效(可选,用于更严格的验证)
|
|
134
|
+
* @param {string} certificateBase64 - Base64 编码的证书(不含 PEM 头尾)
|
|
135
|
+
* @returns {{ isValid: boolean; error?: string }} 验证结果
|
|
136
|
+
*/
|
|
137
|
+
export declare function validateCertificate(certificateBase64: string): {
|
|
138
|
+
isValid: boolean;
|
|
139
|
+
error?: string;
|
|
140
|
+
};
|
|
125
141
|
/**
|
|
126
142
|
* @desc 日志脱敏函数,过滤敏感信息
|
|
127
143
|
* @param {any} data - 需要脱敏的数据
|
|
@@ -145,6 +161,8 @@ declare const utility: {
|
|
|
145
161
|
isNonEmptyArray: typeof isNonEmptyArray;
|
|
146
162
|
validateRelayState: typeof validateRelayState;
|
|
147
163
|
sanitizeLog: typeof sanitizeLog;
|
|
164
|
+
normalizeCertificates: typeof normalizeCertificates;
|
|
165
|
+
validateCertificate: typeof validateCertificate;
|
|
148
166
|
};
|
|
149
167
|
export default utility;
|
|
150
168
|
//# sourceMappingURL=utility.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utility.d.ts","sourceRoot":"","sources":["../../src/utility.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAOH;;;;GAIG;AACH,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,cAAc,UAAO,MAmB3E;AAED;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,GAAG,EAAE,OAIvC;AAED;;;;GAIG;AACH,wBAAgB,IAAI,CAAC,KAAK,EAAE,GAAG,EAAE,OAEhC;AAED;;;;GAIG;AACH,wBAAgB,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,YAGnC;AAED;;;;;;GAMG;AACH,wBAAgB,GAAG,CAAC,GAAG,KAAA,EAAE,IAAI,KAAA,EAAE,YAAY,KAAA,OAG1C;AAED;;;GAGG;AACH,wBAAgB,QAAQ,CAAC,KAAK,EAAE,GAAG,mBAElC;AAED;;;;GAIG;AACH,iBAAS,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,UAE/C;AAED;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,aAAa,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,CAGtF;AAED;;;;GAIG;AACH,iBAAS,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,CAKhD;AAED;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,gBAAgB,EAAE,MAAM,GAAG,MAAM,CAc9D;AAYD;;;;GAIG;AACH,iBAAS,kBAAkB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,UAEtD;AAED;;;;GAIG;AACH,iBAAS,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,UAErD;AAED;;;;GAIG;AACH,iBAAS,UAAU,CAAC,GAAG,KAAA,UAEtB;AAED;;;;GAIG;AACH,iBAAS,WAAW,CAAC,GAAG,KAAA,EAAE,YAAY,SAAK,OAE1C;AAED;;;;;GAKG;AACH,iBAAS,YAAY,CAAC,IAAI,KAAA,EAAE,IAAI,KAAA,OAE/B;AAED;;;;GAIG;AACH,iBAAS,8BAA8B,CAAC,qBAAqB,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"utility.d.ts","sourceRoot":"","sources":["../../src/utility.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAOH;;;;GAIG;AACH,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,cAAc,UAAO,MAmB3E;AAED;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,GAAG,EAAE,OAIvC;AAED;;;;GAIG;AACH,wBAAgB,IAAI,CAAC,KAAK,EAAE,GAAG,EAAE,OAEhC;AAED;;;;GAIG;AACH,wBAAgB,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,YAGnC;AAED;;;;;;GAMG;AACH,wBAAgB,GAAG,CAAC,GAAG,KAAA,EAAE,IAAI,KAAA,EAAE,YAAY,KAAA,OAG1C;AAED;;;GAGG;AACH,wBAAgB,QAAQ,CAAC,KAAK,EAAE,GAAG,mBAElC;AAED;;;;GAIG;AACH,iBAAS,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,UAE/C;AAED;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,aAAa,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,CAGtF;AAED;;;;GAIG;AACH,iBAAS,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,CAKhD;AAED;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,gBAAgB,EAAE,MAAM,GAAG,MAAM,CAc9D;AAYD;;;;GAIG;AACH,iBAAS,kBAAkB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,UAEtD;AAED;;;;GAIG;AACH,iBAAS,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,UAErD;AAED;;;;GAIG;AACH,iBAAS,UAAU,CAAC,GAAG,KAAA,UAEtB;AAED;;;;GAIG;AACH,iBAAS,WAAW,CAAC,GAAG,KAAA,EAAE,YAAY,SAAK,OAE1C;AAED;;;;;GAKG;AACH,iBAAS,YAAY,CAAC,IAAI,KAAA,EAAE,IAAI,KAAA,OAE/B;AAED;;;;GAIG;AACH,iBAAS,8BAA8B,CAAC,qBAAqB,EAAE,MAAM,UAsBpE;AAuED,wBAAgB,cAAc,CAC1B,SAAS,EAAE,MAAM,GAAG,MAAM,EAC1B,UAAU,CAAC,EAAE,MAAM,EACnB,cAAc,GAAE,OAAc,GAC/B,MAAM,GAAG,MAAM,CAyCjB;AACD;;GAEG;AACH,iBAAS,eAAe,CAAC,KAAK,KAAA,EAAE,cAAc,KAAA,OAE7C;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,CAAC,EAAE,GAAG,WAErC;AAED,wBAAgB,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,EAAE,CAGhD;AAED,wBAAgB,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,KAAK,IAAI,MAAM,CAElF;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,UAAU,EAAE,MAAM,GAAG;IAAE,KAAK,EAAE,OAAO,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CA2BzF;AAgBD;;;;;GAKG;AACH,wBAAgB,qBAAqB,CAAC,YAAY,EAAE,GAAG,GAAG,MAAM,EAAE,CA4DjE;AAED;;;;GAIG;AACH,wBAAgB,mBAAmB,CAAC,iBAAiB,EAAE,MAAM,GAAG;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAoDnG;AAED;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,GAAG,GAAG,GAAG,CAoB1C;AAED,QAAA,MAAM,OAAO;;;;;;;;;;;;;;;;;;;CAmBZ,CAAC;AAEF,eAAe,OAAO,CAAC"}
|