samlesa 3.5.0 → 4.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/index.js +2 -0
- package/build/src/binding-artifact.js +5 -0
- package/build/src/binding-post.js +5 -1
- package/build/src/binding-redirect.js +15 -0
- package/build/src/libsaml.js +6 -36
- package/build/src/saml2-enhancements-integration.js +146 -0
- package/build/src/saml2-enhancements.js +405 -0
- package/build/src/urn.js +4 -0
- package/build/src/utility.js +132 -3
- package/package.json +1 -1
- package/types/index.d.ts +1 -0
- package/types/index.d.ts.map +1 -1
- package/types/src/binding-artifact.d.ts.map +1 -1
- package/types/src/binding-post.d.ts +0 -1
- package/types/src/binding-post.d.ts.map +1 -1
- package/types/src/binding-redirect.d.ts.map +1 -1
- package/types/src/libsaml.d.ts.map +1 -1
- package/types/src/saml2-enhancements-integration.d.ts +24 -0
- package/types/src/saml2-enhancements-integration.d.ts.map +1 -0
- package/types/src/saml2-enhancements.d.ts +286 -0
- package/types/src/saml2-enhancements.d.ts.map +1 -0
- package/types/src/types.d.ts +105 -0
- package/types/src/types.d.ts.map +1 -1
- package/types/src/urn.d.ts +4 -0
- package/types/src/urn.d.ts.map +1 -1
- package/types/src/utility.d.ts +18 -0
- package/types/src/utility.d.ts.map +1 -1
|
@@ -0,0 +1,405 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @file saml2-enhancements.ts
|
|
3
|
+
* @desc SAML 2.0 增强功能实现 - 补充核心库中缺失的可选功能
|
|
4
|
+
*
|
|
5
|
+
* 根据 SAML 2.0 规范 (OASIS Standard, 2005-09) 实现以下功能:
|
|
6
|
+
* - Scoping 元素 (用于代理 SSO)
|
|
7
|
+
* - RequestedAuthnContext 完整支持
|
|
8
|
+
* - OneTimeUse 条件
|
|
9
|
+
* - ProxyRestriction 条件
|
|
10
|
+
* - SubjectConfirmation 的 Address/NotBefore 属性
|
|
11
|
+
* - Organization 和 ContactPerson 元数据
|
|
12
|
+
*/
|
|
13
|
+
import xml from 'xml';
|
|
14
|
+
// ============================================================================
|
|
15
|
+
// XML 构建函数
|
|
16
|
+
// ============================================================================
|
|
17
|
+
/**
|
|
18
|
+
* 构建 Scoping 元素
|
|
19
|
+
* @param config Scoping 配置
|
|
20
|
+
* @returns Scoping XML 元素
|
|
21
|
+
*/
|
|
22
|
+
export function buildScoping(config) {
|
|
23
|
+
const scoping = {
|
|
24
|
+
'samlp:Scoping': [{
|
|
25
|
+
_attr: {
|
|
26
|
+
'xmlns:samlp': 'urn:oasis:names:tc:SAML:2.0:protocol'
|
|
27
|
+
}
|
|
28
|
+
}]
|
|
29
|
+
};
|
|
30
|
+
if (config.proxyCount !== undefined) {
|
|
31
|
+
scoping['samlp:Scoping'][0]._attr.ProxyCount = config.proxyCount.toString();
|
|
32
|
+
}
|
|
33
|
+
// 添加 RequesterID 元素
|
|
34
|
+
if (config.requesterID && config.requesterID.length > 0) {
|
|
35
|
+
config.requesterID.forEach(id => {
|
|
36
|
+
scoping['samlp:Scoping'].push({
|
|
37
|
+
'samlp:RequesterID': [{ _attr: { URI: id } }]
|
|
38
|
+
});
|
|
39
|
+
});
|
|
40
|
+
}
|
|
41
|
+
// 添加 IDPList 元素
|
|
42
|
+
if (config.idpList && config.idpList.length > 0) {
|
|
43
|
+
const idpList = { 'samlp:IDPList': [] };
|
|
44
|
+
config.idpList.forEach(entry => {
|
|
45
|
+
const idpEntry = { 'samlp:IDPEntry': [{}] };
|
|
46
|
+
const entryAttrs = { ProviderID: entry.providerID };
|
|
47
|
+
if (entry.name) {
|
|
48
|
+
entryAttrs.Name = entry.name;
|
|
49
|
+
}
|
|
50
|
+
if (entry.loc) {
|
|
51
|
+
entryAttrs.Loc = entry.loc;
|
|
52
|
+
}
|
|
53
|
+
idpEntry['samlp:IDPEntry'][0] = { _attr: entryAttrs };
|
|
54
|
+
idpList['samlp:IDPList'].push(idpEntry);
|
|
55
|
+
});
|
|
56
|
+
scoping['samlp:Scoping'].push(idpList);
|
|
57
|
+
}
|
|
58
|
+
return scoping;
|
|
59
|
+
}
|
|
60
|
+
/**
|
|
61
|
+
* 构建 RequestedAuthnContext 元素
|
|
62
|
+
* @param config RequestedAuthnContext 配置
|
|
63
|
+
* @returns RequestedAuthnContext XML 元素
|
|
64
|
+
*/
|
|
65
|
+
export function buildRequestedAuthnContext(config) {
|
|
66
|
+
const requestedAuthnContext = {
|
|
67
|
+
'samlp:RequestedAuthnContext': [{
|
|
68
|
+
_attr: {
|
|
69
|
+
'xmlns:samlp': 'urn:oasis:names:tc:SAML:2.0:protocol',
|
|
70
|
+
'xmlns:saml': 'urn:oasis:names:tc:SAML:2.0:assertion'
|
|
71
|
+
}
|
|
72
|
+
}]
|
|
73
|
+
};
|
|
74
|
+
if (config.comparison) {
|
|
75
|
+
requestedAuthnContext['samlp:RequestedAuthnContext'][0]._attr.Comparison = config.comparison;
|
|
76
|
+
}
|
|
77
|
+
// 添加 AuthnContextClassRef 元素
|
|
78
|
+
if (config.classRefs && config.classRefs.length > 0) {
|
|
79
|
+
config.classRefs.forEach(ref => {
|
|
80
|
+
requestedAuthnContext['samlp:RequestedAuthnContext'].push({
|
|
81
|
+
'saml:AuthnContextClassRef': [ref]
|
|
82
|
+
});
|
|
83
|
+
});
|
|
84
|
+
}
|
|
85
|
+
// 添加 AuthnContextDeclRef 元素
|
|
86
|
+
if (config.declRefs && config.declRefs.length > 0) {
|
|
87
|
+
config.declRefs.forEach(ref => {
|
|
88
|
+
requestedAuthnContext['samlp:RequestedAuthnContext'].push({
|
|
89
|
+
'saml:AuthnContextDeclRef': [{ _attr: { URI: ref } }]
|
|
90
|
+
});
|
|
91
|
+
});
|
|
92
|
+
}
|
|
93
|
+
return requestedAuthnContext;
|
|
94
|
+
}
|
|
95
|
+
/**
|
|
96
|
+
* 构建 OneTimeUse 元素
|
|
97
|
+
* @returns OneTimeUse XML 元素
|
|
98
|
+
*/
|
|
99
|
+
export function buildOneTimeUse() {
|
|
100
|
+
return {
|
|
101
|
+
'saml:OneTimeUse': [{
|
|
102
|
+
_attr: {
|
|
103
|
+
'xmlns:saml': 'urn:oasis:names:tc:SAML:2.0:assertion'
|
|
104
|
+
}
|
|
105
|
+
}]
|
|
106
|
+
};
|
|
107
|
+
}
|
|
108
|
+
/**
|
|
109
|
+
* 构建 ProxyRestriction 元素
|
|
110
|
+
* @param config ProxyRestriction 配置
|
|
111
|
+
* @returns ProxyRestriction XML 元素
|
|
112
|
+
*/
|
|
113
|
+
export function buildProxyRestriction(config) {
|
|
114
|
+
const proxyRestriction = {
|
|
115
|
+
'saml:ProxyRestriction': [{
|
|
116
|
+
_attr: {
|
|
117
|
+
'xmlns:saml': 'urn:oasis:names:tc:SAML:2.0:assertion'
|
|
118
|
+
}
|
|
119
|
+
}]
|
|
120
|
+
};
|
|
121
|
+
if (config.count !== undefined) {
|
|
122
|
+
proxyRestriction['saml:ProxyRestriction'][0]._attr.Count = config.count.toString();
|
|
123
|
+
}
|
|
124
|
+
// 添加 Audience 元素
|
|
125
|
+
if (config.audience && config.audience.length > 0) {
|
|
126
|
+
config.audience.forEach(aud => {
|
|
127
|
+
proxyRestriction['saml:ProxyRestriction'].push({
|
|
128
|
+
'saml:Audience': [aud]
|
|
129
|
+
});
|
|
130
|
+
});
|
|
131
|
+
}
|
|
132
|
+
return proxyRestriction;
|
|
133
|
+
}
|
|
134
|
+
/**
|
|
135
|
+
* 构建增强的 SubjectConfirmationData
|
|
136
|
+
* @param config SubjectConfirmationData 配置
|
|
137
|
+
* @returns SubjectConfirmationData XML 元素
|
|
138
|
+
*/
|
|
139
|
+
export function buildSubjectConfirmationData(config) {
|
|
140
|
+
const attributes = {
|
|
141
|
+
NotOnOrAfter: config.notOnOrAfter
|
|
142
|
+
};
|
|
143
|
+
if (config.address) {
|
|
144
|
+
attributes.Address = config.address;
|
|
145
|
+
}
|
|
146
|
+
if (config.notBefore) {
|
|
147
|
+
attributes.NotBefore = config.notBefore;
|
|
148
|
+
}
|
|
149
|
+
if (config.recipient) {
|
|
150
|
+
attributes.Recipient = config.recipient;
|
|
151
|
+
}
|
|
152
|
+
if (config.inResponseTo) {
|
|
153
|
+
attributes.InResponseTo = config.inResponseTo;
|
|
154
|
+
}
|
|
155
|
+
return {
|
|
156
|
+
'saml:SubjectConfirmationData': [{ _attr: attributes }]
|
|
157
|
+
};
|
|
158
|
+
}
|
|
159
|
+
/**
|
|
160
|
+
* 构建 Organization 元素
|
|
161
|
+
* @param config Organization 配置
|
|
162
|
+
* @returns Organization XML 元素
|
|
163
|
+
*/
|
|
164
|
+
export function buildOrganization(config) {
|
|
165
|
+
const organization = {
|
|
166
|
+
'md:Organization': [{
|
|
167
|
+
_attr: {
|
|
168
|
+
'xmlns:md': 'urn:oasis:names:tc:SAML:2.0:metadata'
|
|
169
|
+
}
|
|
170
|
+
}]
|
|
171
|
+
};
|
|
172
|
+
// 组织名称
|
|
173
|
+
if (config.name) {
|
|
174
|
+
const nameAttrs = {};
|
|
175
|
+
if (config.name['xml:lang']) {
|
|
176
|
+
nameAttrs['xml:lang'] = config.name['xml:lang'];
|
|
177
|
+
}
|
|
178
|
+
organization['md:Organization'].push({
|
|
179
|
+
'md:OrganizationName': [
|
|
180
|
+
{ _attr: nameAttrs },
|
|
181
|
+
config.name.value
|
|
182
|
+
]
|
|
183
|
+
});
|
|
184
|
+
}
|
|
185
|
+
// 组织显示名称
|
|
186
|
+
if (config.displayName) {
|
|
187
|
+
const displayNameAttrs = {};
|
|
188
|
+
if (config.displayName['xml:lang']) {
|
|
189
|
+
displayNameAttrs['xml:lang'] = config.displayName['xml:lang'];
|
|
190
|
+
}
|
|
191
|
+
organization['md:Organization'].push({
|
|
192
|
+
'md:OrganizationDisplayName': [
|
|
193
|
+
{ _attr: displayNameAttrs },
|
|
194
|
+
config.displayName.value
|
|
195
|
+
]
|
|
196
|
+
});
|
|
197
|
+
}
|
|
198
|
+
// 组织 URL
|
|
199
|
+
if (config.url) {
|
|
200
|
+
const urlAttrs = {};
|
|
201
|
+
if (config.url['xml:lang']) {
|
|
202
|
+
urlAttrs['xml:lang'] = config.url['xml:lang'];
|
|
203
|
+
}
|
|
204
|
+
organization['md:Organization'].push({
|
|
205
|
+
'md:OrganizationURL': [
|
|
206
|
+
{ _attr: urlAttrs },
|
|
207
|
+
config.url.value
|
|
208
|
+
]
|
|
209
|
+
});
|
|
210
|
+
}
|
|
211
|
+
return organization;
|
|
212
|
+
}
|
|
213
|
+
/**
|
|
214
|
+
* 构建 ContactPerson 元素
|
|
215
|
+
* @param config ContactPerson 配置
|
|
216
|
+
* @returns ContactPerson XML 元素
|
|
217
|
+
*/
|
|
218
|
+
export function buildContactPerson(config) {
|
|
219
|
+
const contactPerson = {
|
|
220
|
+
'md:ContactPerson': [{
|
|
221
|
+
_attr: {
|
|
222
|
+
'xmlns:md': 'urn:oasis:names:tc:SAML:2.0:metadata',
|
|
223
|
+
contactType: config.contactType
|
|
224
|
+
}
|
|
225
|
+
}]
|
|
226
|
+
};
|
|
227
|
+
if (config.company) {
|
|
228
|
+
contactPerson['md:ContactPerson'].push({
|
|
229
|
+
'md:Company': [config.company]
|
|
230
|
+
});
|
|
231
|
+
}
|
|
232
|
+
if (config.givenName) {
|
|
233
|
+
contactPerson['md:ContactPerson'].push({
|
|
234
|
+
'md:GivenName': [config.givenName]
|
|
235
|
+
});
|
|
236
|
+
}
|
|
237
|
+
if (config.surName) {
|
|
238
|
+
contactPerson['md:ContactPerson'].push({
|
|
239
|
+
'md:SurName': [config.surName]
|
|
240
|
+
});
|
|
241
|
+
}
|
|
242
|
+
if (config.emailAddress) {
|
|
243
|
+
contactPerson['md:ContactPerson'].push({
|
|
244
|
+
'md:EmailAddress': [config.emailAddress]
|
|
245
|
+
});
|
|
246
|
+
}
|
|
247
|
+
if (config.telephoneNumber) {
|
|
248
|
+
contactPerson['md:ContactPerson'].push({
|
|
249
|
+
'md:TelephoneNumber': [config.telephoneNumber]
|
|
250
|
+
});
|
|
251
|
+
}
|
|
252
|
+
return contactPerson;
|
|
253
|
+
}
|
|
254
|
+
/**
|
|
255
|
+
* 构建增强的 AuthnRequest 内容
|
|
256
|
+
* @param baseAuthnRequest 基础 AuthnRequest XML 对象
|
|
257
|
+
* @param enhancedConfig 增强配置
|
|
258
|
+
* @returns 增强后的 AuthnRequest XML 对象
|
|
259
|
+
*/
|
|
260
|
+
export function enhanceAuthnRequest(baseAuthnRequest, enhancedConfig) {
|
|
261
|
+
const authnRequest = JSON.parse(JSON.stringify(baseAuthnRequest));
|
|
262
|
+
const authnRequestContent = authnRequest['samlp:AuthnRequest'];
|
|
263
|
+
// 添加可选属性
|
|
264
|
+
if (enhancedConfig.forceAuthn !== undefined) {
|
|
265
|
+
if (!authnRequestContent[0]._attr) {
|
|
266
|
+
authnRequestContent[0]._attr = {};
|
|
267
|
+
}
|
|
268
|
+
authnRequestContent[0]._attr.ForceAuthn = enhancedConfig.forceAuthn.toString();
|
|
269
|
+
}
|
|
270
|
+
if (enhancedConfig.isPassive !== undefined) {
|
|
271
|
+
if (!authnRequestContent[0]._attr) {
|
|
272
|
+
authnRequestContent[0]._attr = {};
|
|
273
|
+
}
|
|
274
|
+
authnRequestContent[0]._attr.IsPassive = enhancedConfig.isPassive.toString();
|
|
275
|
+
}
|
|
276
|
+
if (enhancedConfig.consent) {
|
|
277
|
+
if (!authnRequestContent[0]._attr) {
|
|
278
|
+
authnRequestContent[0]._attr = {};
|
|
279
|
+
}
|
|
280
|
+
authnRequestContent[0]._attr.Consent = enhancedConfig.consent;
|
|
281
|
+
}
|
|
282
|
+
if (enhancedConfig.attributeConsumingServiceIndex !== undefined) {
|
|
283
|
+
if (!authnRequestContent[0]._attr) {
|
|
284
|
+
authnRequestContent[0]._attr = {};
|
|
285
|
+
}
|
|
286
|
+
authnRequestContent[0]._attr.AttributeConsumingServiceIndex =
|
|
287
|
+
enhancedConfig.attributeConsumingServiceIndex.toString();
|
|
288
|
+
}
|
|
289
|
+
if (enhancedConfig.providerName) {
|
|
290
|
+
if (!authnRequestContent[0]._attr) {
|
|
291
|
+
authnRequestContent[0]._attr = {};
|
|
292
|
+
}
|
|
293
|
+
authnRequestContent[0]._attr.ProviderName = enhancedConfig.providerName;
|
|
294
|
+
}
|
|
295
|
+
// 添加 Scoping 元素
|
|
296
|
+
if (enhancedConfig.scoping) {
|
|
297
|
+
authnRequestContent.push(buildScoping(enhancedConfig.scoping));
|
|
298
|
+
}
|
|
299
|
+
// 添加 RequestedAuthnContext 元素
|
|
300
|
+
if (enhancedConfig.requestedAuthnContext) {
|
|
301
|
+
authnRequestContent.push(buildRequestedAuthnContext(enhancedConfig.requestedAuthnContext));
|
|
302
|
+
}
|
|
303
|
+
return authnRequest;
|
|
304
|
+
}
|
|
305
|
+
/**
|
|
306
|
+
* 构建增强的 Conditions 内容
|
|
307
|
+
* @param baseConditions 基础 Conditions XML 对象
|
|
308
|
+
* @param enhancedConfig 增强配置
|
|
309
|
+
* @returns 增强后的 Conditions XML 对象
|
|
310
|
+
*/
|
|
311
|
+
export function enhanceConditions(baseConditions, enhancedConfig) {
|
|
312
|
+
const conditions = JSON.parse(JSON.stringify(baseConditions));
|
|
313
|
+
const conditionsContent = conditions['saml:Conditions'];
|
|
314
|
+
// 添加 OneTimeUse 元素
|
|
315
|
+
if (enhancedConfig.oneTimeUse?.enabled) {
|
|
316
|
+
conditionsContent.push(buildOneTimeUse());
|
|
317
|
+
}
|
|
318
|
+
// 添加 ProxyRestriction 元素
|
|
319
|
+
if (enhancedConfig.proxyRestriction) {
|
|
320
|
+
conditionsContent.push(buildProxyRestriction(enhancedConfig.proxyRestriction));
|
|
321
|
+
}
|
|
322
|
+
return conditions;
|
|
323
|
+
}
|
|
324
|
+
/**
|
|
325
|
+
* 构建增强的 SubjectConfirmation
|
|
326
|
+
* @param baseSubjectConfirmation 基础 SubjectConfirmation XML 对象
|
|
327
|
+
* @param enhancedConfig 增强配置
|
|
328
|
+
* @returns 增强后的 SubjectConfirmation XML 对象
|
|
329
|
+
*/
|
|
330
|
+
export function enhanceSubjectConfirmation(baseSubjectConfirmation, enhancedConfig) {
|
|
331
|
+
const subjectConfirmation = JSON.parse(JSON.stringify(baseSubjectConfirmation));
|
|
332
|
+
// 替换 SubjectConfirmationData 为增强版本
|
|
333
|
+
const subjectConfirmationDataIndex = subjectConfirmation['saml:SubjectConfirmation']
|
|
334
|
+
.findIndex((item) => item['saml:SubjectConfirmationData']);
|
|
335
|
+
if (subjectConfirmationDataIndex !== -1) {
|
|
336
|
+
subjectConfirmation['saml:SubjectConfirmation'][subjectConfirmationDataIndex] =
|
|
337
|
+
buildSubjectConfirmationData(enhancedConfig);
|
|
338
|
+
}
|
|
339
|
+
return subjectConfirmation;
|
|
340
|
+
}
|
|
341
|
+
// ============================================================================
|
|
342
|
+
// 工具函数
|
|
343
|
+
// ============================================================================
|
|
344
|
+
/**
|
|
345
|
+
* 将 XML 对象转换为字符串
|
|
346
|
+
* @param xmlObject XML 对象
|
|
347
|
+
* @returns XML 字符串
|
|
348
|
+
*/
|
|
349
|
+
export function xmlToString(xmlObject) {
|
|
350
|
+
return xml(xmlObject, { declaration: false });
|
|
351
|
+
}
|
|
352
|
+
/**
|
|
353
|
+
* 生成标准的 AuthnContextClassRef URI
|
|
354
|
+
*/
|
|
355
|
+
export const AuthnContextClassRef = {
|
|
356
|
+
/** 未指定认证 */
|
|
357
|
+
UNSPECIFIED: 'urn:oasis:names:tc:SAML:2.0:ac:classes:Unspecified',
|
|
358
|
+
/** 用户名/密码 */
|
|
359
|
+
PASSWORD: 'urn:oasis:names:tc:SAML:2.0:ac:classes:Password',
|
|
360
|
+
/** 密码保护传输 */
|
|
361
|
+
PASSWORD_PROTECTED_TRANSPORT: 'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport',
|
|
362
|
+
/** X.509 证书 */
|
|
363
|
+
X509: 'urn:oasis:names:tc:SAML:2.0:ac:classes:X509',
|
|
364
|
+
/** PGP */
|
|
365
|
+
PGP: 'urn:oasis:names:tc:SAML:2.0:ac:classes:PGP',
|
|
366
|
+
/** SPKI */
|
|
367
|
+
SPKI: 'urn:oasis:names:tc:SAML:2.0:ac:classes:SPKI',
|
|
368
|
+
/** XML 数字签名 */
|
|
369
|
+
XMLDSIG: 'urn:oasis:names:tc:SAML:2.0:ac:classes:XMLDSig',
|
|
370
|
+
/** 智能卡 */
|
|
371
|
+
SMARTCARD: 'urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard',
|
|
372
|
+
/** Kerberos */
|
|
373
|
+
KERBEROS: 'urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos',
|
|
374
|
+
/** 生物识别 */
|
|
375
|
+
BIOMETRIC: 'urn:oasis:names:tc:SAML:2.0:ac:classes:Biometric',
|
|
376
|
+
/** 远程认证拨号用户服务 */
|
|
377
|
+
RADIUS: 'urn:oasis:names:tc:SAML:2.0:ac:classes:Radius',
|
|
378
|
+
/** 硬件令牌 */
|
|
379
|
+
HARDWARE_TOKEN: 'urn:oasis:names:tc:SAML:2.0:ac:classes:HardwareToken',
|
|
380
|
+
/** 时间同步令牌 */
|
|
381
|
+
TIME_SYNC_TOKEN: 'urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken',
|
|
382
|
+
/** 互联网协议 */
|
|
383
|
+
IP: 'urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol',
|
|
384
|
+
/** 先前会话 */
|
|
385
|
+
PREVIOUS_SESSION: 'urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession',
|
|
386
|
+
/** 共享秘密 */
|
|
387
|
+
SHARED_SECRET: 'urn:oasis:names:tc:SAML:2.0:ac:classes:SharedSecret',
|
|
388
|
+
};
|
|
389
|
+
/**
|
|
390
|
+
* 生成标准的 Consent URI
|
|
391
|
+
*/
|
|
392
|
+
export const Consent = {
|
|
393
|
+
/** 未指定 */
|
|
394
|
+
UNSPECIFIED: 'urn:oasis:names:tc:SAML:2.0:consent:unspecified',
|
|
395
|
+
/** 获得同意 */
|
|
396
|
+
OBTAINED: 'urn:oasis:names:tc:SAML:2.0:consent:obtained',
|
|
397
|
+
/** 先前的同意 */
|
|
398
|
+
PRIOR: 'urn:oasis:names:tc:SAML:2.0:consent:prior',
|
|
399
|
+
/** 隐式同意 */
|
|
400
|
+
IMPLICIT: 'urn:oasis:names:tc:SAML:2.0:consent:implicit',
|
|
401
|
+
/** 显式同意 */
|
|
402
|
+
EXPLICIT: 'urn:oasis:names:tc:SAML:2.0:consent:explicit',
|
|
403
|
+
/** 当前同意 */
|
|
404
|
+
CURRENT: 'urn:oasis:names:tc:SAML:2.0:consent:current',
|
|
405
|
+
};
|
package/build/src/urn.js
CHANGED
|
@@ -159,15 +159,19 @@ const tags = {
|
|
|
159
159
|
AttributeStatement: '{AttributeStatement}',
|
|
160
160
|
ConditionsNotBefore: '{ConditionsNotBefore}',
|
|
161
161
|
ConditionsNotOnOrAfter: '{ConditionsNotOnOrAfter}',
|
|
162
|
+
Consent: '{Consent}',
|
|
162
163
|
Destination: '{Destination}',
|
|
163
164
|
EntityID: '{EntityID}',
|
|
165
|
+
ForceAuthn: '{ForceAuthn}',
|
|
164
166
|
ID: '{ID}',
|
|
167
|
+
IsPassive: '{IsPassive}',
|
|
165
168
|
Issuer: '{Issuer}',
|
|
166
169
|
IssueInstant: '{IssueInstant}',
|
|
167
170
|
InResponseTo: '{InResponseTo}',
|
|
168
171
|
NameID: '{NameID}',
|
|
169
172
|
NameIDFormat: '{NameIDFormat}',
|
|
170
173
|
ProtocolBinding: '{ProtocolBinding}',
|
|
174
|
+
ProviderName: '{ProviderName}',
|
|
171
175
|
SessionIndex: '{SessionIndex}',
|
|
172
176
|
SubjectRecipient: '{SubjectRecipient}',
|
|
173
177
|
SubjectConfirmationDataNotOnOrAfter: '{SubjectConfirmationDataNotOnOrAfter}',
|
package/build/src/utility.js
CHANGED
|
@@ -178,11 +178,21 @@ function applyDefault(obj1, obj2) {
|
|
|
178
178
|
* @return {string} public key fetched from the certificate
|
|
179
179
|
*/
|
|
180
180
|
function getPublicKeyPemFromCertificate(x509CertificateString) {
|
|
181
|
-
|
|
181
|
+
// 清理证书字符串:移除 PEM 头尾、换行符、空格等
|
|
182
|
+
const cleanCert = x509CertificateString
|
|
183
|
+
.replace(/-----BEGIN CERTIFICATE-----/g, '')
|
|
184
|
+
.replace(/-----END CERTIFICATE-----/g, '')
|
|
185
|
+
.replace(/\r\n/g, '')
|
|
186
|
+
.replace(/\n/g, '')
|
|
187
|
+
.replace(/\r/g, '')
|
|
188
|
+
.replace(/ /g, '')
|
|
189
|
+
.trim();
|
|
190
|
+
// 将 Base64 字符串转换为 PEM 格式(添加头尾标记)
|
|
191
|
+
const pemCert = `-----BEGIN CERTIFICATE-----\n${cleanCert}\n-----END CERTIFICATE-----`;
|
|
182
192
|
// 解析 X.509 证书
|
|
183
|
-
const cert2 = new X509Certificate(
|
|
193
|
+
const cert2 = new X509Certificate(pemCert);
|
|
184
194
|
const publicKeyObject = cert2.publicKey;
|
|
185
|
-
//
|
|
195
|
+
// 导出为 PEM 格式
|
|
186
196
|
return publicKeyObject.export({
|
|
187
197
|
type: 'spki', // 使用 Subject Public Key Info 结构
|
|
188
198
|
format: 'pem' // 输出 PEM 格式
|
|
@@ -356,6 +366,123 @@ const sensitiveKeys = [
|
|
|
356
366
|
'signingCert',
|
|
357
367
|
'encryptCert'
|
|
358
368
|
];
|
|
369
|
+
/**
|
|
370
|
+
* @desc 验证并标准化证书数组,处理 null、undefined、空字符串、非数组等边界情况
|
|
371
|
+
* @param {any} metadataCert - 证书输入,可能是 string、string[]、null、undefined 或其他类型
|
|
372
|
+
* @returns {string[]} 标准化后的证书字符串数组(纯 Base64 格式,无 PEM 头尾和换行)
|
|
373
|
+
* @throws {Error} 当证书格式无效时抛出错误
|
|
374
|
+
*/
|
|
375
|
+
export function normalizeCertificates(metadataCert) {
|
|
376
|
+
// 处理 null 或 undefined
|
|
377
|
+
if (metadataCert === null || metadataCert === undefined) {
|
|
378
|
+
return [];
|
|
379
|
+
}
|
|
380
|
+
let certArray;
|
|
381
|
+
// 转换为数组
|
|
382
|
+
if (Array.isArray(metadataCert)) {
|
|
383
|
+
// 扁平化嵌套数组
|
|
384
|
+
certArray = flattenDeep(metadataCert);
|
|
385
|
+
}
|
|
386
|
+
else if (typeof metadataCert === 'string') {
|
|
387
|
+
// 单个字符串转为数组
|
|
388
|
+
certArray = [metadataCert];
|
|
389
|
+
}
|
|
390
|
+
else {
|
|
391
|
+
// 不支持的类型
|
|
392
|
+
console.warn(`normalizeCertificates: 不支持的证书类型 ${typeof metadataCert},返回空数组`);
|
|
393
|
+
return [];
|
|
394
|
+
}
|
|
395
|
+
// 过滤和清理证书
|
|
396
|
+
const cleanedCerts = certArray
|
|
397
|
+
.filter((cert) => {
|
|
398
|
+
// 过滤 null、undefined、空字符串
|
|
399
|
+
if (cert === null || cert === undefined) {
|
|
400
|
+
return false;
|
|
401
|
+
}
|
|
402
|
+
if (typeof cert !== 'string') {
|
|
403
|
+
console.warn(`normalizeCertificates: 跳过非字符串证书类型 ${typeof cert}`);
|
|
404
|
+
return false;
|
|
405
|
+
}
|
|
406
|
+
const trimmed = cert.trim();
|
|
407
|
+
if (trimmed.length === 0) {
|
|
408
|
+
return false;
|
|
409
|
+
}
|
|
410
|
+
return true;
|
|
411
|
+
})
|
|
412
|
+
.map((cert) => {
|
|
413
|
+
// 清理证书字符串:移除 PEM 头尾、换行符、空格等
|
|
414
|
+
return cert
|
|
415
|
+
.replace(/-----BEGIN CERTIFICATE-----/g, '')
|
|
416
|
+
.replace(/-----END CERTIFICATE-----/g, '')
|
|
417
|
+
.replace(/\r\n/g, '')
|
|
418
|
+
.replace(/\n/g, '')
|
|
419
|
+
.replace(/\r/g, '')
|
|
420
|
+
.replace(/ /g, '')
|
|
421
|
+
.trim();
|
|
422
|
+
})
|
|
423
|
+
.filter((cert) => cert.length > 0); // 再次过滤空字符串
|
|
424
|
+
// 验证证书格式(可选,仅验证 Base64 格式)
|
|
425
|
+
const base64Regex = /^[A-Za-z0-9+/]+=*$/;
|
|
426
|
+
for (const cert of cleanedCerts) {
|
|
427
|
+
if (!base64Regex.test(cert)) {
|
|
428
|
+
throw new Error(`无效的证书格式:证书必须是有效的 Base64 编码,当前值:${cert.substring(0, 50)}...`);
|
|
429
|
+
}
|
|
430
|
+
}
|
|
431
|
+
return cleanedCerts;
|
|
432
|
+
}
|
|
433
|
+
/**
|
|
434
|
+
* @desc 验证证书是否有效(可选,用于更严格的验证)
|
|
435
|
+
* @param {string} certificateBase64 - Base64 编码的证书(不含 PEM 头尾)
|
|
436
|
+
* @returns {{ isValid: boolean; error?: string }} 验证结果
|
|
437
|
+
*/
|
|
438
|
+
export function validateCertificate(certificateBase64) {
|
|
439
|
+
try {
|
|
440
|
+
// 清理证书
|
|
441
|
+
const cleanCert = certificateBase64
|
|
442
|
+
.replace(/-----BEGIN CERTIFICATE-----/g, '')
|
|
443
|
+
.replace(/-----END CERTIFICATE-----/g, '')
|
|
444
|
+
.replace(/\r\n/g, '')
|
|
445
|
+
.replace(/\n/g, '')
|
|
446
|
+
.replace(/\r/g, '')
|
|
447
|
+
.replace(/ /g, '')
|
|
448
|
+
.trim();
|
|
449
|
+
// 验证 Base64 格式
|
|
450
|
+
const base64Regex = /^[A-Za-z0-9+/]+=*$/;
|
|
451
|
+
if (!base64Regex.test(cleanCert)) {
|
|
452
|
+
return {
|
|
453
|
+
isValid: false,
|
|
454
|
+
error: '无效的 Base64 编码'
|
|
455
|
+
};
|
|
456
|
+
}
|
|
457
|
+
// 转换为 PEM 格式
|
|
458
|
+
const pemCert = `-----BEGIN CERTIFICATE-----\n${cleanCert}\n-----END CERTIFICATE-----`;
|
|
459
|
+
// 尝试解析证书
|
|
460
|
+
const cert = new X509Certificate(pemCert);
|
|
461
|
+
// 检查有效期
|
|
462
|
+
const now = new Date();
|
|
463
|
+
if (new Date(cert.validFrom) > now || new Date(cert.validTo) < now) {
|
|
464
|
+
return {
|
|
465
|
+
isValid: false,
|
|
466
|
+
error: '证书已过期或尚未生效'
|
|
467
|
+
};
|
|
468
|
+
}
|
|
469
|
+
// 检查公钥类型
|
|
470
|
+
const keyType = cert.publicKey.asymmetricKeyType;
|
|
471
|
+
if (keyType && !['rsa', 'ec'].includes(keyType)) {
|
|
472
|
+
return {
|
|
473
|
+
isValid: false,
|
|
474
|
+
error: '证书使用不支持的公钥类型'
|
|
475
|
+
};
|
|
476
|
+
}
|
|
477
|
+
return { isValid: true };
|
|
478
|
+
}
|
|
479
|
+
catch (error) {
|
|
480
|
+
return {
|
|
481
|
+
isValid: false,
|
|
482
|
+
error: error instanceof Error ? error.message : '未知错误'
|
|
483
|
+
};
|
|
484
|
+
}
|
|
485
|
+
}
|
|
359
486
|
/**
|
|
360
487
|
* @desc 日志脱敏函数,过滤敏感信息
|
|
361
488
|
* @param {any} data - 需要脱敏的数据
|
|
@@ -398,5 +525,7 @@ const utility = {
|
|
|
398
525
|
isNonEmptyArray,
|
|
399
526
|
validateRelayState,
|
|
400
527
|
sanitizeLog,
|
|
528
|
+
normalizeCertificates,
|
|
529
|
+
validateCertificate,
|
|
401
530
|
};
|
|
402
531
|
export default utility;
|
package/package.json
CHANGED
package/types/index.d.ts
CHANGED
|
@@ -9,5 +9,6 @@ import * as Extractor from './src/extractor.js';
|
|
|
9
9
|
import * as Soap from './src/soap.js';
|
|
10
10
|
import { validate, validateMetadata } from './src/schemaValidator.js';
|
|
11
11
|
import { setSchemaValidator, setDOMParserOptions } from './src/api.js';
|
|
12
|
+
export * from './src/saml2-enhancements.js';
|
|
12
13
|
export { Constants, Extractor, IdentityProvider, IdentityProviderInstance, ServiceProvider, ServiceProviderInstance, setSchemaValidator, setDOMParserOptions, validate, validateMetadata, Soap };
|
|
13
14
|
//# sourceMappingURL=index.d.ts.map
|
package/types/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":"AACA,OAAO,gBAAgB,EAAE,EAAE,gBAAgB,IAAI,wBAAwB,EAAE,MAAM,qBAAqB,CAAC;AACrG,OAAO,eAAe,EAAE,EAAE,eAAe,IAAI,uBAAuB,EAAE,MAAM,oBAAoB,CAAC;AAEjG,OAAO,EAAE,OAAO,IAAI,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAC/D,OAAO,EAAE,OAAO,IAAI,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAC7D,OAAO,EAAE,OAAO,IAAI,OAAO,EAAE,MAAM,kBAAkB,CAAC;AACtD,OAAO,EAAE,OAAO,IAAI,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAGtD,OAAO,KAAK,SAAS,MAAM,cAAc,CAAC;AAC1C,OAAO,KAAK,SAAS,MAAM,oBAAoB,CAAC;AAChD,OAAO,KAAK,IAAI,MAAM,eAAe,CAAC;AACtC,OAAO,EAAC,QAAQ,EAAC,gBAAgB,EAAC,MAAM,0BAA0B,CAAA;AAElE,OAAO,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAC;AAEvE,OAAO,EACL,SAAS,EACT,SAAS,EAET,gBAAgB,EAChB,wBAAwB,EACxB,eAAe,EACf,uBAAuB,EAEvB,kBAAkB,EAClB,mBAAmB,EACnB,QAAQ,EACR,gBAAgB,EAChB,IAAI,EAEL,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":"AACA,OAAO,gBAAgB,EAAE,EAAE,gBAAgB,IAAI,wBAAwB,EAAE,MAAM,qBAAqB,CAAC;AACrG,OAAO,eAAe,EAAE,EAAE,eAAe,IAAI,uBAAuB,EAAE,MAAM,oBAAoB,CAAC;AAEjG,OAAO,EAAE,OAAO,IAAI,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAC/D,OAAO,EAAE,OAAO,IAAI,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAC7D,OAAO,EAAE,OAAO,IAAI,OAAO,EAAE,MAAM,kBAAkB,CAAC;AACtD,OAAO,EAAE,OAAO,IAAI,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAGtD,OAAO,KAAK,SAAS,MAAM,cAAc,CAAC;AAC1C,OAAO,KAAK,SAAS,MAAM,oBAAoB,CAAC;AAChD,OAAO,KAAK,IAAI,MAAM,eAAe,CAAC;AACtC,OAAO,EAAC,QAAQ,EAAC,gBAAgB,EAAC,MAAM,0BAA0B,CAAA;AAElE,OAAO,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAC;AAEvE,cAAc,6BAA6B,CAAC;AAE5C,OAAO,EACL,SAAS,EACT,SAAS,EAET,gBAAgB,EAChB,wBAAwB,EACxB,eAAe,EACf,uBAAuB,EAEvB,kBAAkB,EAClB,mBAAmB,EACnB,QAAQ,EACR,gBAAgB,EAChB,IAAI,EAEL,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"binding-artifact.d.ts","sourceRoot":"","sources":["../../src/binding-artifact.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAOlD,OAAO,EACH,2BAA2B,IAAI,gBAAgB,EAC/C,0BAA0B,IAAI,eAAe,EAChD,MAAM,YAAY,CAAC;AAYpB,OAAO,EAAE,yBAAyB,EAAE,MAAM,YAAY,CAAC;
|
|
1
|
+
{"version":3,"file":"binding-artifact.d.ts","sourceRoot":"","sources":["../../src/binding-artifact.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAOlD,OAAO,EACH,2BAA2B,IAAI,gBAAgB,EAC/C,0BAA0B,IAAI,eAAe,EAChD,MAAM,YAAY,CAAC;AAYpB,OAAO,EAAE,yBAAyB,EAAE,MAAM,YAAY,CAAC;AA2BvD;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,aAAa,GAAE,MAAU,GAAG,MAAM,CAoBtF;AAED;;;;;;GAMG;AACH,iBAAS,gBAAgB,CACrB,iBAAiB,EAAE,MAAM,EACzB,MAAM,EAAE;IACJ,GAAG,EAAE,gBAAgB,CAAC;IACtB,EAAE,EAAE,eAAe,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;CACvB,EACD,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAC5D,cAAc,CA2GhB;AAED;;;;GAIG;AACH,iBAAe,iBAAiB,CAAC,MAAM,EAAE,yBAAyB,GAAG,OAAO,CAAC,cAAc,CAAC,CAuE3F;AAED;;;;;;;GAOG;AACH,iBAAe,wBAAwB,CAAC,MAAM,EAAE;IAC5C,GAAG,EAAE,gBAAgB,CAAC;IACtB,EAAE,EAAE,eAAe,CAAC;IACpB,GAAG,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC,GAAG,CAAC,CA6Cf;AAED;;;;;;;GAOG;AACH,iBAAe,yBAAyB,CAAC,MAAM,EAAE;IAC7C,GAAG,EAAE,gBAAgB,CAAC;IACtB,EAAE,EAAE,eAAe,CAAC;IACpB,GAAG,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC,GAAG,CAAC,CAyJf;AAED,QAAA,MAAM,eAAe;;;;;;CAMpB,CAAC;AAEF,eAAe,eAAe,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"binding-post.d.ts","sourceRoot":"","sources":["../../src/binding-post.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"binding-post.d.ts","sourceRoot":"","sources":["../../src/binding-post.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,aAAa,CAAC;AAQhD,OAAO,EAAC,yBAAyB,EAAC,MAAM,YAAY,CAAC;AAMrD;;;;;GAKG;AACH,iBAAS,kBAAkB,CAAC,iBAAiB,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,cAAc,CAsE/I;AAGD;;;;;;;;;GASG;AACH,iBAAe,mBAAmB,CAAC,EAAC,WAAgB,EAAE,MAAM,EAAE,IAAS,EAAE,oBAAoB,EAAE,eAAuB,EAAE,kBAAuB,EAAE,OAAO,EAAC,EAAE,yBAAyB,GAAG,OAAO,CAAC,cAAc,CAAC,CAuJ7M;AAED;;;;;;;GAOG;AACH,iBAAS,mBAAmB,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,iBAAiB,EAAE,MAAM,EAAE,MAAM,KAAA,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,cAAc,CA2D1K;AAED;;;;;;GAMG;AACH,iBAAS,oBAAoB,CAAC,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,oBAAoB,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,cAAc,CA6DvI;AAED,QAAA,MAAM,WAAW;;;;;CAKhB,CAAC;AAEF,eAAe,WAAW,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"binding-redirect.d.ts","sourceRoot":"","sources":["../../src/binding-redirect.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,aAAa,CAAC;AAChD,OAAO,EAAC,gBAAgB,IAAI,GAAG,EAAC,MAAM,iBAAiB,CAAC;AACxD,OAAO,EAAC,eAAe,IAAI,EAAE,EAAC,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"binding-redirect.d.ts","sourceRoot":"","sources":["../../src/binding-redirect.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,aAAa,CAAC;AAChD,OAAO,EAAC,gBAAgB,IAAI,GAAG,EAAC,MAAM,iBAAiB,CAAC;AACxD,OAAO,EAAC,eAAe,IAAI,EAAE,EAAC,MAAM,gBAAgB,CAAC;AAQrD,MAAM,WAAW,mBAAmB;IAChC,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,OAAO,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,GAAG,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;CACvB;AAiED;;;;;GAKG;AAEH,iBAAS,uBAAuB,CAAC,MAAM,EAAE;IACrC,GAAG,EAAE,GAAG,CAAC;IACT,EAAE,EAAE,EAAE,CAAC;IACP,IAAI,CAAC,EAAE,OAAO,CAAA;CACjB,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,GAAG,CAgDnE;AACD;;;;;GAKG;AAEH,iBAAS,0BAA0B,CAAC,MAAM,EAAE;IACxC,GAAG,EAAE,GAAG,CAAC;IACT,EAAE,EAAE,EAAE,CAAC;IAAC,UAAU,CAAC,EAAE,MAAM,CAAA;CAC9B,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,GAAG,CAqGnE;AAID;;;;;;;;GAQG;AACH,iBAAS,wBAAwB,CAAC,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,GAAE,GAAQ,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,EAAE,kBAAkB,UAAK,GAAG,cAAc,CAmG1M;AAED;;;;;;GAMG;AACH,iBAAS,wBAAwB,CAAC,IAAI,KAAA,EAAE,MAAM,KAAA,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,cAAc,GAAG,cAAc,CAwC9J;AAED;;;;;GAKG;AACF,iBAAS,yBAAyB,CAAC,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,cAAc,CAyCnK;AAED,QAAA,MAAM,eAAe;;;;;;CAMpB,CAAC;AAEF,eAAe,eAAe,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"libsaml.d.ts","sourceRoot":"","sources":["../../src/libsaml.ts"],"names":[],"mappings":"AAQA,OAAQ,KAAK,MAAM,MAAM,aAAa,CAAA;AAItC,OAAO,KAAK,EAAC,iBAAiB,EAAC,MAAM,eAAe,CAAC;AAoBrD;;;;GAIG;AAGH,MAAM,WAAW,oBAAoB;IACnC,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,WAAW,EAAE,MAAM,GAAG,MAAM,CAAC;IAC7B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,eAAe,CAAC,EAAE,GAAG,CAAC;IACtB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,wBAAwB,CAAC,EAAE,MAAM,EAAE,CAAC;CACrC;AAED,MAAM,WAAW,wBAAwB;IACvC,QAAQ,CAAC,EAAE,iBAAiB,CAAC;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED,MAAM,WAAW,eAAe;IAC9B,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;IAEnB,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC9B,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC3B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,sBAAsB;IACrC,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;CAC1B;AAED,MAAM,WAAW,gCAAgC;IAC/C,0BAA0B,CAAC,EAAE,0BAA0B,CAAC;IACxD,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;CACvC;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;IAC7D,UAAU,CAAC,EAAE,sBAAsB,EAAE,CAAC;IACtC,mBAAmB,CAAC,EAAE,gCAAgC,CAAC;CACxD;AAED,MAAM,WAAW,0BAA2B,SAAQ,gBAAgB;CACnE;AAED,MAAM,WAAW,iBAAkB,SAAQ,gBAAgB;CAC1D;AAED,MAAM,WAAW,oBAAqB,SAAQ,gBAAgB;CAC7D;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;CAC9D;AAED,MAAM,WAAW,sBAAuB,SAAQ,gBAAgB;CAC/D;AAED,MAAM,MAAM,MAAM,GAAG,SAAS,GAAG,YAAY,CAAC;AAE9C,MAAM,WAAW,YAAY;IAC3B,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACpB;AAED,MAAM,WAAW,gBAAgB;IAC/B,mBAAmB,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,CAAC;IAC9C,WAAW,EAAE,CAAC,KAAK,KAAA,EAAE,YAAY,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IACvD,kBAAkB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,KAAK,MAAM,CAAC;IAC/D,yBAAyB,EAAE,CAAC,UAAU,EAAE,sBAAsB,EAAE,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,0BAA0B,EAAE,0BAA0B,KAAK,MAAM,CAAC;IAC1K,sBAAsB,EAAE,CAAC,IAAI,EAAE,oBAAoB,KAAK,MAAM,CAAC;IAC/D,eAAe,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,wBAAwB,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IACjF,gBAAgB,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,KAAK,EAAE,CAAC;IAC7D,yBAAyB,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,OAAO,EAAE,gBAAgB,CAAC,EAAE,MAAM,KAAK,MAAM,CAAC;IAE5I,sBAAsB,EAAE,CAAC,QAAQ,KAAA,EAAE,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC;IACzH,UAAU,EAAE,CAAC,eAAe,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,GAAG,KAAK,IAAI,CAAC;IACrE,gBAAgB,EAAE,CAAC,YAAY,KAAA,EAAE,YAAY,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IACrF,gBAAgB,EAAE,CAAC,IAAI,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;IAEtE,gBAAgB,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IACpD,eAAe,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IAEnD,2BAA2B,EAAE,oBAAoB,CAAC;IAClD,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,iCAAiC,EAAE,0BAA0B,CAAC;IAC9D,wBAAwB,EAAE,iBAAiB,CAAC;IAC5C,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,6BAA6B,EAAE,sBAAsB,CAAC;CACvD;;6CAwN4C,OAAO,KAAG,MAAM;gCA3MxB,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;wDAgBkB,MAAM;;;;IAwO/D;;;;;OAKG;+BACwB,MAAM,aAAa,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM;IAS9E;;;;;;OAMG;IACH,eAAe;6CAC0B,GAAG,EAAE,GAAG,MAAM;IA0CvD;;;OAGG;iCAC0B;QAC3B,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,UAAU,EAAE,MAAM,GAAG,MAAM,CAAC;QAC5B,cAAc,CAAC,EAAE,MAAM,CAAC;QACxB,kBAAkB,EAAE,MAAM,CAAC;QAC3B,WAAW,EAAE,GAAG,CAAC;QACjB,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,cAAc,EAAE,GAAG,CAAC;QACpB,wBAAwB,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAC;QAChD,iBAAiB,EAAE,MAAM,CAAC;QAC1B,eAAe,EAAE;YAAE,MAAM,EAAE,MAAM,CAAC;YAAC,QAAQ,EAAE;gBAAE,SAAS,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,MAAM,CAAA;aAAE,CAAA;SAAE,CAAA;KACrF,GAAG,MAAM;2CA0D6B,MAAM,mBAAmB,MAAM;;;;;;;;;;;;;IAmCtE;;;;;;OAMG;yBAEwB,MAAM,QAAQ,wBAAwB,QAAQ,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;
|
|
1
|
+
{"version":3,"file":"libsaml.d.ts","sourceRoot":"","sources":["../../src/libsaml.ts"],"names":[],"mappings":"AAQA,OAAQ,KAAK,MAAM,MAAM,aAAa,CAAA;AAItC,OAAO,KAAK,EAAC,iBAAiB,EAAC,MAAM,eAAe,CAAC;AAoBrD;;;;GAIG;AAGH,MAAM,WAAW,oBAAoB;IACnC,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,WAAW,EAAE,MAAM,GAAG,MAAM,CAAC;IAC7B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,eAAe,CAAC,EAAE,GAAG,CAAC;IACtB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,wBAAwB,CAAC,EAAE,MAAM,EAAE,CAAC;CACrC;AAED,MAAM,WAAW,wBAAwB;IACvC,QAAQ,CAAC,EAAE,iBAAiB,CAAC;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED,MAAM,WAAW,eAAe;IAC9B,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;IAEnB,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC9B,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC3B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,sBAAsB;IACrC,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;CAC1B;AAED,MAAM,WAAW,gCAAgC;IAC/C,0BAA0B,CAAC,EAAE,0BAA0B,CAAC;IACxD,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;CACvC;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;IAC7D,UAAU,CAAC,EAAE,sBAAsB,EAAE,CAAC;IACtC,mBAAmB,CAAC,EAAE,gCAAgC,CAAC;CACxD;AAED,MAAM,WAAW,0BAA2B,SAAQ,gBAAgB;CACnE;AAED,MAAM,WAAW,iBAAkB,SAAQ,gBAAgB;CAC1D;AAED,MAAM,WAAW,oBAAqB,SAAQ,gBAAgB;CAC7D;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;CAC9D;AAED,MAAM,WAAW,sBAAuB,SAAQ,gBAAgB;CAC/D;AAED,MAAM,MAAM,MAAM,GAAG,SAAS,GAAG,YAAY,CAAC;AAE9C,MAAM,WAAW,YAAY;IAC3B,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACpB;AAED,MAAM,WAAW,gBAAgB;IAC/B,mBAAmB,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,CAAC;IAC9C,WAAW,EAAE,CAAC,KAAK,KAAA,EAAE,YAAY,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IACvD,kBAAkB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,KAAK,MAAM,CAAC;IAC/D,yBAAyB,EAAE,CAAC,UAAU,EAAE,sBAAsB,EAAE,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,0BAA0B,EAAE,0BAA0B,KAAK,MAAM,CAAC;IAC1K,sBAAsB,EAAE,CAAC,IAAI,EAAE,oBAAoB,KAAK,MAAM,CAAC;IAC/D,eAAe,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,wBAAwB,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IACjF,gBAAgB,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,KAAK,EAAE,CAAC;IAC7D,yBAAyB,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,OAAO,EAAE,gBAAgB,CAAC,EAAE,MAAM,KAAK,MAAM,CAAC;IAE5I,sBAAsB,EAAE,CAAC,QAAQ,KAAA,EAAE,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC;IACzH,UAAU,EAAE,CAAC,eAAe,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,GAAG,KAAK,IAAI,CAAC;IACrE,gBAAgB,EAAE,CAAC,YAAY,KAAA,EAAE,YAAY,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IACrF,gBAAgB,EAAE,CAAC,IAAI,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;IAEtE,gBAAgB,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IACpD,eAAe,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IAEnD,2BAA2B,EAAE,oBAAoB,CAAC;IAClD,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,iCAAiC,EAAE,0BAA0B,CAAC;IAC9D,wBAAwB,EAAE,iBAAiB,CAAC;IAC5C,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,6BAA6B,EAAE,sBAAsB,CAAC;CACvD;;6CAwN4C,OAAO,KAAG,MAAM;gCA3MxB,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;wDAgBkB,MAAM;;;;IAwO/D;;;;;OAKG;+BACwB,MAAM,aAAa,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM;IAS9E;;;;;;OAMG;IACH,eAAe;6CAC0B,GAAG,EAAE,GAAG,MAAM;IA0CvD;;;OAGG;iCAC0B;QAC3B,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,UAAU,EAAE,MAAM,GAAG,MAAM,CAAC;QAC5B,cAAc,CAAC,EAAE,MAAM,CAAC;QACxB,kBAAkB,EAAE,MAAM,CAAC;QAC3B,WAAW,EAAE,GAAG,CAAC;QACjB,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,cAAc,EAAE,GAAG,CAAC;QACpB,wBAAwB,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAC;QAChD,iBAAiB,EAAE,MAAM,CAAC;QAC1B,eAAe,EAAE;YAAE,MAAM,EAAE,MAAM,CAAC;YAAC,QAAQ,EAAE;gBAAE,SAAS,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,MAAM,CAAA;aAAE,CAAA;SAAE,CAAA;KACrF,GAAG,MAAM;2CA0D6B,MAAM,mBAAmB,MAAM;;;;;;;;;;;;;IAmCtE;;;;;;OAMG;yBAEwB,MAAM,QAAQ,wBAAwB,QAAQ,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;6BA2VlE,MAAM,QAAQ,wBAAwB;IAkK/D;;;;;OAKG;0BACmB,MAAM,cAAc,MAAM,GAAG,MAAM,GAAG,YAAY;IAsBxE;;;;;;;;OAQG;2CAGY,MAAM,OAChB,MAAM,eACE,MAAM,aACR,OAAO,qBACC,MAAM,GAC1B,MAAM,GAAG,MAAM;IAyBd;;;;;;;OAOG;qCAES,GAAG,eACF,MAAM,aACR,MAAM,GAAG,MAAM,oBACR,MAAM;IAmB1B;;;;SAIK;gCACyB,MAAM,oBAAmB,GAAG;;;;IAWxD;;;;;;OAMG;iEAEgD,MAAM;IA2DzD;;OAEG;IACH;;OAEG;+CACmC,MAAM,SAAS,wBAAwB;;;;;;IAiH7E;;;;;OAKG;+BAC8B,GAAG,aAAa,MAAM,GAAG,OAAO,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IA8EnF;;OAEG;sBACqB,MAAM,SAAQ,OAAO;;AA8BjD,wBAAyB"}
|