samlesa 5.0.0 → 5.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/src/api.js +6 -3
- package/build/src/extractor.js +15 -10
- package/build/src/libsaml.js +21 -5
- package/build/src/libsamlSoap.js +9 -2
- package/build/src/metadata-idp.js +0 -6
- package/build/src/metadata-sp.js +5 -9
- package/build/src/saml2-enhancements-integration.js +7 -6
- package/build/src/schema/saml-schema-protocol-2.0.xsd +4 -4
- package/build/src/schemaValidator.js +84 -9
- package/build/src/validator.js +1 -2
- package/build/src/xmlParser.js +18 -0
- package/package.json +1 -1
- package/types/src/api.d.ts +3 -2
- package/types/src/api.d.ts.map +1 -1
- package/types/src/extractor.d.ts.map +1 -1
- package/types/src/libsaml.d.ts.map +1 -1
- package/types/src/libsamlSoap.d.ts.map +1 -1
- package/types/src/metadata-idp.d.ts.map +1 -1
- package/types/src/metadata-sp.d.ts.map +1 -1
- package/types/src/saml2-enhancements-integration.d.ts.map +1 -1
- package/types/src/schemaValidator.d.ts.map +1 -1
- package/types/src/validator.d.ts.map +1 -1
- package/types/src/xmlParser.d.ts +5 -0
- package/types/src/xmlParser.d.ts.map +1 -0
package/build/src/api.js
CHANGED
|
@@ -1,8 +1,10 @@
|
|
|
1
|
-
import { DOMParser as dom } from '@xmldom/xmldom';
|
|
2
1
|
import { validate as defaultValidator } from "./schemaValidator.js";
|
|
2
|
+
import { createSilentDomParser, normalizeDomParserOptions } from './xmlParser.js';
|
|
3
|
+
const defaultDomParserOptions = normalizeDomParserOptions();
|
|
3
4
|
const context = {
|
|
4
5
|
validate: defaultValidator,
|
|
5
|
-
|
|
6
|
+
domParserOptions: defaultDomParserOptions,
|
|
7
|
+
dom: createSilentDomParser(defaultDomParserOptions)
|
|
6
8
|
};
|
|
7
9
|
export function getContext() {
|
|
8
10
|
return context;
|
|
@@ -15,5 +17,6 @@ export function setSchemaValidator(params) {
|
|
|
15
17
|
context.validate = params.validate;
|
|
16
18
|
}
|
|
17
19
|
export function setDOMParserOptions(options = {}) {
|
|
18
|
-
context.
|
|
20
|
+
context.domParserOptions = normalizeDomParserOptions(options);
|
|
21
|
+
context.dom = createSilentDomParser(context.domParserOptions);
|
|
19
22
|
}
|
package/build/src/extractor.js
CHANGED
|
@@ -700,7 +700,13 @@ export const spMetadataFields = [
|
|
|
700
700
|
];
|
|
701
701
|
export function extract(context, fields) {
|
|
702
702
|
const { dom } = getContext();
|
|
703
|
-
|
|
703
|
+
let rootDoc;
|
|
704
|
+
try {
|
|
705
|
+
rootDoc = dom.parseFromString(context, 'application/xml');
|
|
706
|
+
}
|
|
707
|
+
catch {
|
|
708
|
+
return {};
|
|
709
|
+
}
|
|
704
710
|
return fields.reduce((result, field) => {
|
|
705
711
|
const key = field.key;
|
|
706
712
|
// 安全解构,防止 undefined
|
|
@@ -713,7 +719,12 @@ export function extract(context, fields) {
|
|
|
713
719
|
const listMode = field.listMode;
|
|
714
720
|
let targetDoc = rootDoc;
|
|
715
721
|
if (shortcut) {
|
|
716
|
-
|
|
722
|
+
try {
|
|
723
|
+
targetDoc = dom.parseFromString(shortcut, 'application/xml');
|
|
724
|
+
}
|
|
725
|
+
catch {
|
|
726
|
+
targetDoc = rootDoc;
|
|
727
|
+
}
|
|
717
728
|
}
|
|
718
729
|
// ==========================================================================
|
|
719
730
|
// 【核心修复】特殊处理:证书和 KeyName 提取 (Hardcoded logic)
|
|
@@ -1259,12 +1270,7 @@ export function extractSpToll(context, fields) {
|
|
|
1259
1270
|
try {
|
|
1260
1271
|
rootDoc = dom.parseFromString(context, 'application/xml');
|
|
1261
1272
|
}
|
|
1262
|
-
catch
|
|
1263
|
-
console.error('Failed to parse XML context:', e);
|
|
1264
|
-
return {};
|
|
1265
|
-
}
|
|
1266
|
-
if (rootDoc.getElementsByTagName('parsererror').length > 0) {
|
|
1267
|
-
console.error('XML Parse Error detected in context');
|
|
1273
|
+
catch {
|
|
1268
1274
|
return {};
|
|
1269
1275
|
}
|
|
1270
1276
|
return fields.reduce((result, field) => {
|
|
@@ -1282,7 +1288,7 @@ export function extractSpToll(context, fields) {
|
|
|
1282
1288
|
try {
|
|
1283
1289
|
targetDoc = dom.parseFromString(shortcut, 'application/xml');
|
|
1284
1290
|
}
|
|
1285
|
-
catch
|
|
1291
|
+
catch {
|
|
1286
1292
|
return result;
|
|
1287
1293
|
}
|
|
1288
1294
|
}
|
|
@@ -1370,7 +1376,6 @@ export function extractSpToll(context, fields) {
|
|
|
1370
1376
|
return { ...result, [key]: resultList };
|
|
1371
1377
|
}
|
|
1372
1378
|
catch (e) {
|
|
1373
|
-
console.error(`Error extracting list ${key}:`, e);
|
|
1374
1379
|
return { ...result, [key]: [] };
|
|
1375
1380
|
}
|
|
1376
1381
|
}
|
package/build/src/libsaml.js
CHANGED
|
@@ -15,7 +15,7 @@ import camelCase from 'camelcase';
|
|
|
15
15
|
import { getContext } from './api.js';
|
|
16
16
|
import xmlEscape from 'xml-escape';
|
|
17
17
|
import * as fs from 'fs';
|
|
18
|
-
import {
|
|
18
|
+
import { createSilentDomParser } from './xmlParser.js';
|
|
19
19
|
function toNodeArray(result) {
|
|
20
20
|
if (Array.isArray(result))
|
|
21
21
|
return result;
|
|
@@ -506,9 +506,15 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
|
|
|
506
506
|
* @returns Verification result object.
|
|
507
507
|
*/
|
|
508
508
|
async verifySignature(xml, opts, self) {
|
|
509
|
+
try {
|
|
510
|
+
await this.isValidXml(xml);
|
|
511
|
+
}
|
|
512
|
+
catch (error) {
|
|
513
|
+
throw new Error('ERR_EXCEPTION_VALIDATE_XML');
|
|
514
|
+
}
|
|
509
515
|
const { dom } = getContext();
|
|
510
516
|
const doc = dom.parseFromString(xml, 'application/xml');
|
|
511
|
-
const docParser =
|
|
517
|
+
const docParser = createSilentDomParser();
|
|
512
518
|
// Use exact SAML 2.0 XPath targets.
|
|
513
519
|
const messageSignatureXpath = "/*[local-name() = 'Response' or local-name() = 'AuthnRequest' or local-name() = 'LogoutRequest' or local-name() = 'LogoutResponse']/*[local-name() = 'Signature']";
|
|
514
520
|
const assertionSignatureXpath = "/*[local-name() = 'Response' or local-name() = 'AuthnRequest']/*[local-name() = 'Assertion']/*[local-name() = 'Signature']";
|
|
@@ -761,7 +767,7 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
|
|
|
761
767
|
verifySignatureSoap(xml, opts) {
|
|
762
768
|
const { dom } = getContext();
|
|
763
769
|
const doc = dom.parseFromString(xml, 'application/xml');
|
|
764
|
-
const docParser =
|
|
770
|
+
const docParser = createSilentDomParser();
|
|
765
771
|
// Define XPath expressions for SOAP messages.
|
|
766
772
|
const artifactResolveXpath = "/*[local-name()='Envelope']/*[local-name()='Body']/*[local-name()='ArtifactResolve']";
|
|
767
773
|
const artifactResponseXpath = "/*[local-name()='Envelope']/*[local-name()='Body']/*[local-name()='ArtifactResponse']";
|
|
@@ -848,9 +854,7 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
|
|
|
848
854
|
// Handle signed content.
|
|
849
855
|
switch (rootNode?.localName) {
|
|
850
856
|
case 'Response':
|
|
851
|
-
// @ts-expect-error
|
|
852
857
|
const encryptedAssert = toNodeArray(select("./*[local-name()='EncryptedAssertion']", rootNode));
|
|
853
|
-
// @ts-expect-error
|
|
854
858
|
const assertions = toNodeArray(select("./*[local-name()='Assertion']", rootNode));
|
|
855
859
|
if (encryptedAssert.length === 1) {
|
|
856
860
|
return [true, encryptedAssert[0].toString(), true, false, hasUnsafeSignatureAlgorithm, unsafeSignatureAlgorithm];
|
|
@@ -1064,6 +1068,12 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
|
|
|
1064
1068
|
* Synchronous assertion decryption helper with post-decryption signature validation.
|
|
1065
1069
|
*/
|
|
1066
1070
|
async decryptAssertionAsync(here, entireXML, opts) {
|
|
1071
|
+
try {
|
|
1072
|
+
await this.isValidXml(entireXML);
|
|
1073
|
+
}
|
|
1074
|
+
catch (error) {
|
|
1075
|
+
throw new Error('ERR_EXCEPTION_VALIDATE_XML');
|
|
1076
|
+
}
|
|
1067
1077
|
const hereSetting = here.entitySetting;
|
|
1068
1078
|
const { dom } = getContext();
|
|
1069
1079
|
const doc = dom.parseFromString(entireXML, 'application/xml');
|
|
@@ -1151,6 +1161,12 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
|
|
|
1151
1161
|
* @returns Decrypted full SOAP XML and decrypted assertion XML.
|
|
1152
1162
|
*/
|
|
1153
1163
|
async decryptAssertionSoap(self, entireXML) {
|
|
1164
|
+
try {
|
|
1165
|
+
await this.isValidXml(entireXML, true);
|
|
1166
|
+
}
|
|
1167
|
+
catch (error) {
|
|
1168
|
+
throw new Error('ERR_EXCEPTION_VALIDATE_XML');
|
|
1169
|
+
}
|
|
1154
1170
|
let hereSetting = self.entitySetting;
|
|
1155
1171
|
const { dom } = getContext();
|
|
1156
1172
|
try {
|
package/build/src/libsamlSoap.js
CHANGED
|
@@ -1,10 +1,11 @@
|
|
|
1
1
|
import fs from 'fs';
|
|
2
|
-
import { DOMParser } from '@xmldom/xmldom';
|
|
3
2
|
import { select } from 'xpath';
|
|
4
3
|
import { SignedXml } from 'xml-crypto-next';
|
|
5
4
|
import utility, { normalizeCertificates } from './utility.js';
|
|
6
5
|
import { wording } from './urn.js';
|
|
7
6
|
import { getContext } from './api.js';
|
|
7
|
+
import { validate } from './schemaValidator.js';
|
|
8
|
+
import { createSilentDomParser } from './xmlParser.js';
|
|
8
9
|
function toNodeArray(result) {
|
|
9
10
|
if (Array.isArray(result)) {
|
|
10
11
|
return result;
|
|
@@ -73,7 +74,7 @@ function serializeWithInheritedNamespaces(node) {
|
|
|
73
74
|
return serializedXml;
|
|
74
75
|
}
|
|
75
76
|
const certUse = wording.certUse;
|
|
76
|
-
const docParser =
|
|
77
|
+
const docParser = createSilentDomParser();
|
|
77
78
|
function certificateValidationOptions(opts) {
|
|
78
79
|
return {
|
|
79
80
|
expectedUse: 'signing',
|
|
@@ -198,6 +199,12 @@ function parseUnsignedArtifactResponse(xml, artifactResponseNode) {
|
|
|
198
199
|
};
|
|
199
200
|
}
|
|
200
201
|
async function verifyAndDecryptSoapMessage(xml, opts) {
|
|
202
|
+
try {
|
|
203
|
+
await validate(xml, true);
|
|
204
|
+
}
|
|
205
|
+
catch (error) {
|
|
206
|
+
throw new Error('ERR_EXCEPTION_VALIDATE_XML');
|
|
207
|
+
}
|
|
201
208
|
const { dom } = getContext();
|
|
202
209
|
const doc = dom.parseFromString(xml, 'application/xml');
|
|
203
210
|
const artifactResolveXpath = "/*[local-name()='Envelope']/*[local-name()='Body']/*[local-name()='ArtifactResolve']";
|
|
@@ -47,9 +47,6 @@ export class IdpMetadata extends Metadata {
|
|
|
47
47
|
IDPSSODescriptor.push({ ArtifactResolutionService: [{ _attr: attr }] });
|
|
48
48
|
});
|
|
49
49
|
}
|
|
50
|
-
else {
|
|
51
|
-
console.warn('Construct identity provider - missing endpoint of ArtifactResolutionService');
|
|
52
|
-
}
|
|
53
50
|
if (isNonEmptyArray(singleLogoutService)) {
|
|
54
51
|
singleLogoutService.forEach((a, indexCount) => {
|
|
55
52
|
const attr = {};
|
|
@@ -61,9 +58,6 @@ export class IdpMetadata extends Metadata {
|
|
|
61
58
|
IDPSSODescriptor.push({ SingleLogoutService: [{ _attr: attr }] });
|
|
62
59
|
});
|
|
63
60
|
}
|
|
64
|
-
else {
|
|
65
|
-
console.warn('Construct identity provider - missing endpoint of SingleLogoutService');
|
|
66
|
-
}
|
|
67
61
|
if (isNonEmptyArray(nameIDFormat)) {
|
|
68
62
|
nameIDFormat.forEach(f => IDPSSODescriptor.push({ NameIDFormat: f }));
|
|
69
63
|
}
|
package/build/src/metadata-sp.js
CHANGED
|
@@ -23,9 +23,11 @@ function unwrapSingleEntityDescriptorMetadata(meta) {
|
|
|
23
23
|
return meta;
|
|
24
24
|
}
|
|
25
25
|
const { dom } = getContext();
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
26
|
+
let rootDoc;
|
|
27
|
+
try {
|
|
28
|
+
rootDoc = dom.parseFromString(metadataText, 'application/xml');
|
|
29
|
+
}
|
|
30
|
+
catch {
|
|
29
31
|
return meta;
|
|
30
32
|
}
|
|
31
33
|
const entityNodes = toNodeArray(
|
|
@@ -81,9 +83,6 @@ export class SpMetadata extends Metadata {
|
|
|
81
83
|
protocolSupportEnumeration: namespace.names.protocol,
|
|
82
84
|
},
|
|
83
85
|
}];
|
|
84
|
-
if (wantMessageSigned && signatureConfig === undefined) {
|
|
85
|
-
console.warn('Construct service provider - missing signatureConfig');
|
|
86
|
-
}
|
|
87
86
|
for (const cert of castArrayOpt(signingCert)) {
|
|
88
87
|
descriptors.KeyDescriptor.push(libsaml.createKeySection('signing', cert).KeyDescriptor);
|
|
89
88
|
}
|
|
@@ -149,9 +148,6 @@ export class SpMetadata extends Metadata {
|
|
|
149
148
|
descriptors.AssertionConsumerService.push([{ _attr: attr }]);
|
|
150
149
|
});
|
|
151
150
|
}
|
|
152
|
-
else {
|
|
153
|
-
console.warn('Missing endpoint of AssertionConsumerService');
|
|
154
|
-
}
|
|
155
151
|
// 修改原有处理逻辑
|
|
156
152
|
if (isNonEmptyArray(attributeConsumingService)) {
|
|
157
153
|
attributeConsumingService.forEach((service, index) => {
|
|
@@ -3,12 +3,13 @@
|
|
|
3
3
|
* @desc SAML 2.0 增强功能集成 - 自动应用到绑定和元数据生成
|
|
4
4
|
*/
|
|
5
5
|
import { buildScoping, buildRequestedAuthnContext, buildOneTimeUse, buildProxyRestriction, buildOrganization, buildContactPerson, xmlToString, AuthnContextClassRef, Consent, } from './saml2-enhancements.js';
|
|
6
|
-
import {
|
|
6
|
+
import { XMLSerializer } from '@xmldom/xmldom';
|
|
7
|
+
import { parseXmlOrThrow } from './xmlParser.js';
|
|
7
8
|
/**
|
|
8
9
|
* 将增强功能应用到 AuthnRequest
|
|
9
10
|
*/
|
|
10
11
|
export function applyAuthnRequestEnhancements(rawSamlRequest, enhancements) {
|
|
11
|
-
const doc =
|
|
12
|
+
const doc = parseXmlOrThrow(rawSamlRequest, 'application/xml');
|
|
12
13
|
const authnRequestElement = doc.documentElement;
|
|
13
14
|
if (!authnRequestElement) {
|
|
14
15
|
throw new Error('Invalid AuthnRequest XML');
|
|
@@ -44,7 +45,7 @@ export function applyAuthnRequestEnhancements(rawSamlRequest, enhancements) {
|
|
|
44
45
|
* 将增强功能应用到 Conditions 元素
|
|
45
46
|
*/
|
|
46
47
|
export function applyConditionsEnhancements(rawSamlResponse, enhancements) {
|
|
47
|
-
const doc =
|
|
48
|
+
const doc = parseXmlOrThrow(rawSamlResponse, 'application/xml');
|
|
48
49
|
const conditionsElements = doc.getElementsByTagName('saml:Conditions');
|
|
49
50
|
if (conditionsElements.length > 0) {
|
|
50
51
|
const conditionsElement = conditionsElements[0];
|
|
@@ -65,7 +66,7 @@ export function applyConditionsEnhancements(rawSamlResponse, enhancements) {
|
|
|
65
66
|
* 将增强功能应用到 SubjectConfirmationData 元素
|
|
66
67
|
*/
|
|
67
68
|
export function applySubjectConfirmationEnhancements(rawSamlResponse, enhancements) {
|
|
68
|
-
const doc =
|
|
69
|
+
const doc = parseXmlOrThrow(rawSamlResponse, 'application/xml');
|
|
69
70
|
const subjectConfirmationDataElements = doc.getElementsByTagName('saml:SubjectConfirmationData');
|
|
70
71
|
if (subjectConfirmationDataElements.length > 0) {
|
|
71
72
|
const element = subjectConfirmationDataElements[0];
|
|
@@ -85,7 +86,7 @@ export function applySubjectConfirmationEnhancements(rawSamlResponse, enhancemen
|
|
|
85
86
|
* 将增强功能应用到元数据
|
|
86
87
|
*/
|
|
87
88
|
export function applyMetadataEnhancements(rawMetadata, enhancements) {
|
|
88
|
-
const doc =
|
|
89
|
+
const doc = parseXmlOrThrow(rawMetadata, 'application/xml');
|
|
89
90
|
const entityDescriptor = doc.documentElement;
|
|
90
91
|
if (!entityDescriptor) {
|
|
91
92
|
throw new Error('Invalid Metadata XML');
|
|
@@ -136,7 +137,7 @@ function buildContactPersonElement(config, doc) {
|
|
|
136
137
|
// ============================================================================
|
|
137
138
|
function xmlObjectToElement(xmlObj, doc, defaultNs) {
|
|
138
139
|
const xmlStr = xmlToString(xmlObj);
|
|
139
|
-
const tempDoc =
|
|
140
|
+
const tempDoc = parseXmlOrThrow(xmlStr, 'application/xml');
|
|
140
141
|
return doc.importNode(tempDoc.documentElement, true);
|
|
141
142
|
}
|
|
142
143
|
// ============================================================================
|
|
@@ -203,10 +203,10 @@
|
|
|
203
203
|
<complexType name="ResponseType">
|
|
204
204
|
<complexContent>
|
|
205
205
|
<extension base="samlp:StatusResponseType">
|
|
206
|
-
<choice
|
|
207
|
-
<element ref="saml:Assertion"/>
|
|
208
|
-
<element ref="saml:EncryptedAssertion"/>
|
|
209
|
-
</choice>
|
|
206
|
+
<choice>
|
|
207
|
+
<element ref="saml:Assertion"/>
|
|
208
|
+
<element ref="saml:EncryptedAssertion"/>
|
|
209
|
+
</choice>
|
|
210
210
|
</extension>
|
|
211
211
|
</complexContent>
|
|
212
212
|
</complexType>
|
|
@@ -2,7 +2,7 @@ import { validateXML } from 'xmllint-wasm';
|
|
|
2
2
|
import * as fs from 'node:fs';
|
|
3
3
|
import * as path from 'node:path';
|
|
4
4
|
import { fileURLToPath } from 'node:url';
|
|
5
|
-
import {
|
|
5
|
+
import { parseXmlOrThrow } from './xmlParser.js';
|
|
6
6
|
const __filename = fileURLToPath(import.meta.url);
|
|
7
7
|
const __dirname = path.dirname(__filename);
|
|
8
8
|
const normalSchemas = [
|
|
@@ -35,6 +35,13 @@ const metadataSchemas = [
|
|
|
35
35
|
'xenc-schema.xsd',
|
|
36
36
|
'xenc-schema-11.xsd',
|
|
37
37
|
];
|
|
38
|
+
const samlpNamespace = 'urn:oasis:names:tc:SAML:2.0:protocol';
|
|
39
|
+
const soapResolvedMessageNames = new Set([
|
|
40
|
+
'Response',
|
|
41
|
+
'AuthnRequest',
|
|
42
|
+
'LogoutRequest',
|
|
43
|
+
'LogoutResponse',
|
|
44
|
+
]);
|
|
38
45
|
function detectXXEIndicators(samlString) {
|
|
39
46
|
const xxePatterns = [
|
|
40
47
|
/<!DOCTYPE\b[^>]*>/gi,
|
|
@@ -61,13 +68,80 @@ function detectXXEIndicators(samlString) {
|
|
|
61
68
|
return Object.keys(matches).length > 0 ? matches : null;
|
|
62
69
|
}
|
|
63
70
|
function assertSafeXmlParse(xml) {
|
|
64
|
-
const
|
|
65
|
-
|
|
66
|
-
const parserError = xmlDoc.getElementsByTagName('parsererror');
|
|
67
|
-
if (parserError.length > 0 || xmlDoc.doctype) {
|
|
71
|
+
const xmlDoc = parseXmlOrThrow(xml, 'text/xml');
|
|
72
|
+
if (xmlDoc.doctype) {
|
|
68
73
|
throw new Error('ERR_EXCEPTION_VALIDATE_XML');
|
|
69
74
|
}
|
|
70
75
|
}
|
|
76
|
+
function isElementNode(node) {
|
|
77
|
+
return !!node && node.nodeType === 1;
|
|
78
|
+
}
|
|
79
|
+
function escapeAttributeValue(value) {
|
|
80
|
+
return value
|
|
81
|
+
.replace(/&/g, '&')
|
|
82
|
+
.replace(/"/g, '"')
|
|
83
|
+
.replace(/</g, '<')
|
|
84
|
+
.replace(/>/g, '>');
|
|
85
|
+
}
|
|
86
|
+
function collectNamespaceDeclarations(node) {
|
|
87
|
+
const declarations = new Map();
|
|
88
|
+
let current = node.parentNode;
|
|
89
|
+
while (isElementNode(current)) {
|
|
90
|
+
for (let index = 0; index < current.attributes.length; index += 1) {
|
|
91
|
+
const attribute = current.attributes.item(index);
|
|
92
|
+
if (!attribute) {
|
|
93
|
+
continue;
|
|
94
|
+
}
|
|
95
|
+
if (attribute.name === 'xmlns' || attribute.name.startsWith('xmlns:')) {
|
|
96
|
+
if (!declarations.has(attribute.name)) {
|
|
97
|
+
declarations.set(attribute.name, attribute.value);
|
|
98
|
+
}
|
|
99
|
+
}
|
|
100
|
+
}
|
|
101
|
+
current = current.parentNode;
|
|
102
|
+
}
|
|
103
|
+
return declarations;
|
|
104
|
+
}
|
|
105
|
+
function hasNamespaceDeclaration(serializedXml, name) {
|
|
106
|
+
const rootStartTag = serializedXml.match(/^<[^>]+>/)?.[0] || '';
|
|
107
|
+
return new RegExp(`(?:^|\\s)${name.replace(':', '\\:')}\\s*=`).test(rootStartTag);
|
|
108
|
+
}
|
|
109
|
+
function serializeWithInheritedNamespaces(node) {
|
|
110
|
+
if (!isElementNode(node)) {
|
|
111
|
+
return node.toString();
|
|
112
|
+
}
|
|
113
|
+
let serializedXml = node.toString();
|
|
114
|
+
const declarationsToAdd = [];
|
|
115
|
+
for (const [name, value] of collectNamespaceDeclarations(node)) {
|
|
116
|
+
if (!hasNamespaceDeclaration(serializedXml, name)) {
|
|
117
|
+
declarationsToAdd.push(`${name}="${escapeAttributeValue(value)}"`);
|
|
118
|
+
}
|
|
119
|
+
}
|
|
120
|
+
if (declarationsToAdd.length === 0) {
|
|
121
|
+
return serializedXml;
|
|
122
|
+
}
|
|
123
|
+
return serializedXml.replace(/^<([^\s/>]+)([^>]*)>/, (_match, tagName, attributes) => `<${tagName} ${declarationsToAdd.join(' ')}${attributes}>`);
|
|
124
|
+
}
|
|
125
|
+
async function validateSoapResolvedMessages(xml) {
|
|
126
|
+
const xmlDoc = parseXmlOrThrow(xml, 'text/xml');
|
|
127
|
+
const artifactResponses = xmlDoc.getElementsByTagNameNS(samlpNamespace, 'ArtifactResponse');
|
|
128
|
+
for (let index = 0; index < artifactResponses.length; index += 1) {
|
|
129
|
+
const artifactResponse = artifactResponses.item(index);
|
|
130
|
+
if (!artifactResponse) {
|
|
131
|
+
continue;
|
|
132
|
+
}
|
|
133
|
+
const resolvedMessages = Array.from(artifactResponse.childNodes).filter((node) => isElementNode(node) &&
|
|
134
|
+
node.namespaceURI === samlpNamespace &&
|
|
135
|
+
typeof node.localName === 'string' &&
|
|
136
|
+
soapResolvedMessageNames.has(node.localName));
|
|
137
|
+
if (resolvedMessages.length > 1) {
|
|
138
|
+
throw new Error('ERR_MULTIPLE_RESOLVED_MESSAGES');
|
|
139
|
+
}
|
|
140
|
+
if (resolvedMessages.length === 1) {
|
|
141
|
+
await validate(serializeWithInheritedNamespaces(resolvedMessages[0]));
|
|
142
|
+
}
|
|
143
|
+
}
|
|
144
|
+
}
|
|
71
145
|
async function loadSchemas(schemaNames) {
|
|
72
146
|
const schemaPath = path.resolve(__dirname, 'schema');
|
|
73
147
|
return Promise.all(schemaNames.map(async (file) => ({
|
|
@@ -90,6 +164,9 @@ export const validate = async (xml, isSoap = false) => {
|
|
|
90
164
|
preload: [schemas[0], ...schemas.slice(1)],
|
|
91
165
|
});
|
|
92
166
|
if (validationResult.valid) {
|
|
167
|
+
if (isSoap) {
|
|
168
|
+
await validateSoapResolvedMessages(xml);
|
|
169
|
+
}
|
|
93
170
|
return true;
|
|
94
171
|
}
|
|
95
172
|
throw validationResult.errors;
|
|
@@ -113,10 +190,8 @@ export const validateMetadata = async (xml, isParse = false) => {
|
|
|
113
190
|
if (!isParse) {
|
|
114
191
|
return true;
|
|
115
192
|
}
|
|
116
|
-
const
|
|
117
|
-
|
|
118
|
-
const parserError = xmlDoc.getElementsByTagName('parsererror');
|
|
119
|
-
if (parserError.length > 0 || xmlDoc.doctype) {
|
|
193
|
+
const xmlDoc = parseXmlOrThrow(xml, 'text/xml');
|
|
194
|
+
if (xmlDoc.doctype) {
|
|
120
195
|
throw new Error('ERR_EXCEPTION_VALIDATE_XML');
|
|
121
196
|
}
|
|
122
197
|
const idpDescriptor = xmlDoc.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:metadata', 'IDPSSODescriptor');
|
package/build/src/validator.js
CHANGED
|
@@ -1,8 +1,7 @@
|
|
|
1
1
|
function verifyTime(utcNotBefore, utcNotOnOrAfter, drift = [0, 0]) {
|
|
2
2
|
const now = new Date();
|
|
3
3
|
if (!utcNotBefore && !utcNotOnOrAfter) {
|
|
4
|
-
//
|
|
5
|
-
console.warn('You intend to have time validation however the document doesn\'t include the valid range.');
|
|
4
|
+
// No time bounds means there is nothing to enforce at this layer.
|
|
6
5
|
return true;
|
|
7
6
|
}
|
|
8
7
|
let notBeforeLocal = null;
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
import { DOMParser } from '@xmldom/xmldom';
|
|
2
|
+
function silentFatalOnError(level, message) {
|
|
3
|
+
if (level === 'fatalError') {
|
|
4
|
+
throw new Error(String(message).trim());
|
|
5
|
+
}
|
|
6
|
+
}
|
|
7
|
+
export function normalizeDomParserOptions(options = {}) {
|
|
8
|
+
return {
|
|
9
|
+
...options,
|
|
10
|
+
onError: options.onError ?? silentFatalOnError,
|
|
11
|
+
};
|
|
12
|
+
}
|
|
13
|
+
export function createSilentDomParser(options = {}) {
|
|
14
|
+
return new DOMParser(normalizeDomParserOptions(options));
|
|
15
|
+
}
|
|
16
|
+
export function parseXmlOrThrow(xml, mimeType = 'application/xml', options = {}) {
|
|
17
|
+
return createSilentDomParser(options).parseFromString(xml, mimeType);
|
|
18
|
+
}
|
package/package.json
CHANGED
package/types/src/api.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { DOMParser as dom } from '@xmldom/xmldom';
|
|
1
|
+
import { DOMParser as dom, type DOMParserOptions } from '@xmldom/xmldom';
|
|
2
2
|
interface Context extends ValidatorContext, DOMParserContext {
|
|
3
3
|
}
|
|
4
4
|
type ValidateFunction = (xml: string, isSoap?: boolean) => Promise<any>;
|
|
@@ -7,9 +7,10 @@ interface ValidatorContext {
|
|
|
7
7
|
}
|
|
8
8
|
interface DOMParserContext {
|
|
9
9
|
dom: dom;
|
|
10
|
+
domParserOptions: DOMParserOptions;
|
|
10
11
|
}
|
|
11
12
|
export declare function getContext(): Context;
|
|
12
13
|
export declare function setSchemaValidator(params: ValidatorContext): void;
|
|
13
|
-
export declare function setDOMParserOptions(options?:
|
|
14
|
+
export declare function setDOMParserOptions(options?: DOMParserOptions): void;
|
|
14
15
|
export {};
|
|
15
16
|
//# sourceMappingURL=api.d.ts.map
|
package/types/src/api.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../../src/api.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,IAAI,GAAG,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../../src/api.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,IAAI,GAAG,EAAE,KAAK,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAMzE,UAAU,OAAQ,SAAQ,gBAAgB,EAAE,gBAAgB;CAAG;AAG/D,KAAK,gBAAgB,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,OAAO,KAAK,OAAO,CAAC,GAAG,CAAC,CAAC;AAKxE,UAAU,gBAAgB;IACxB,QAAQ,EAAE,gBAAgB,CAAC;CAC5B;AAED,UAAU,gBAAgB;IACxB,GAAG,EAAE,GAAG,CAAC;IACT,gBAAgB,EAAE,gBAAgB,CAAC;CACpC;AAUD,wBAAgB,UAAU,IAAG,OAAO,CAEnC;AAED,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,gBAAgB,GAAE,IAAI,CAShE;AAED,wBAAgB,mBAAmB,CAAC,OAAO,GAAE,gBAAqB,GAAE,IAAI,CAGvE"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"extractor.d.ts","sourceRoot":"","sources":["../../src/extractor.ts"],"names":[],"mappings":"AAMA,UAAU,cAAc;IACtB,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,EAAE,CAAC;IAClC,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,aAAa,CAAC,EAAE,CAAC,IAAI,EAAE,GAAG,KAAK,GAAG,CAAC;IAEnC,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAOD,MAAM,MAAM,eAAe,GAAG,cAAc,EAAE,CAAC;AA4B/C,eAAO,MAAM,kBAAkB,EAAE,eAsFhC,CAAC;AAKF,eAAO,MAAM,qBAAqB,EAAE,eAsBnC,CAAC;AAEF,eAAO,MAAM,sBAAsB,EAAE,eAsBpC,CAAC;AAEF,eAAO,MAAM,yBAAyB,EAAE,eAGvC,CAAC;AAEF,eAAO,MAAM,iCAAiC,EAAE,eAG/C,CAAC;AAEF,eAAO,MAAM,0BAA0B,EAAE,eAGxC,CAAC;AAEF,eAAO,MAAM,mBAAmB,EAAE,CAAC,CAAC,SAAS,EAAE,GAAG,KAAK,eAAe,CAarE,CAAC;AAqMF,eAAO,MAAM,mBAAmB,EAAE,eAMjC,CAAC;AAEF,eAAO,MAAM,oBAAoB,EAAE,eAIlC,CAAC;AAKF,eAAO,MAAM,iBAAiB,EAAE,eAiI/B,CAAC;AAOF,eAAO,MAAM,gBAAgB,EAAE,eAyL9B,CAAC;AAEF,wBAAgB,OAAO,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,
|
|
1
|
+
{"version":3,"file":"extractor.d.ts","sourceRoot":"","sources":["../../src/extractor.ts"],"names":[],"mappings":"AAMA,UAAU,cAAc;IACtB,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,EAAE,CAAC;IAClC,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,aAAa,CAAC,EAAE,CAAC,IAAI,EAAE,GAAG,KAAK,GAAG,CAAC;IAEnC,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAOD,MAAM,MAAM,eAAe,GAAG,cAAc,EAAE,CAAC;AA4B/C,eAAO,MAAM,kBAAkB,EAAE,eAsFhC,CAAC;AAKF,eAAO,MAAM,qBAAqB,EAAE,eAsBnC,CAAC;AAEF,eAAO,MAAM,sBAAsB,EAAE,eAsBpC,CAAC;AAEF,eAAO,MAAM,yBAAyB,EAAE,eAGvC,CAAC;AAEF,eAAO,MAAM,iCAAiC,EAAE,eAG/C,CAAC;AAEF,eAAO,MAAM,0BAA0B,EAAE,eAGxC,CAAC;AAEF,eAAO,MAAM,mBAAmB,EAAE,CAAC,CAAC,SAAS,EAAE,GAAG,KAAK,eAAe,CAarE,CAAC;AAqMF,eAAO,MAAM,mBAAmB,EAAE,eAMjC,CAAC;AAEF,eAAO,MAAM,oBAAoB,EAAE,eAIlC,CAAC;AAKF,eAAO,MAAM,iBAAiB,EAAE,eAiI/B,CAAC;AAOF,eAAO,MAAM,gBAAgB,EAAE,eAyL9B,CAAC;AAEF,wBAAgB,OAAO,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,OA0N/D;AASD,eAAO,MAAM,2BAA2B,EAAE,eAkZzC,CAAC;AAIF;;GAEG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,OA2QrE;AAKD,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,OAE5C;AAED,wBAAgB,UAAU,CAAC,OAAO,EAAE,MAAM,OAEzC;AAGD,wBAAgB,SAAS,CAAC,OAAO,EAAE,MAAM,OAExC;AACD,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,OAEjD;AACD,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,OAE9C;AACD,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,MAAM,OAErD"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"libsaml.d.ts","sourceRoot":"","sources":["../../src/libsaml.ts"],"names":[],"mappings":"AAMA,OAAgB,EAMd,KAAK,4BAA4B,EAClC,MAAM,cAAc,CAAC;AACtB,OAAQ,KAAK,MAAM,MAAM,aAAa,CAAA;AAItC,OAAO,KAAK,EAAC,iBAAiB,EAAC,MAAM,eAAe,CAAC;AAkIrD;;;;GAIG;AAGH,MAAM,WAAW,oBAAoB;IACnC,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,UAAU,EAAE,MAAM,GAAG,MAAM,CAAC;IAC5B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,WAAW,EAAE,MAAM,GAAG,MAAM,CAAC;IAC7B,6BAA6B,CAAC,EAAE,OAAO,CAAC;IACxC,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,eAAe,CAAC,EAAE,GAAG,CAAC;IACtB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,wBAAwB,CAAC,EAAE,MAAM,EAAE,CAAC;CACrC;AAED,MAAM,WAAW,wBAAwB;IACvC,QAAQ,CAAC,EAAE,iBAAiB,CAAC;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,6BAA6B,CAAC,EAAE,OAAO,CAAC;CACzC;AAED,MAAM,WAAW,wBAAwB;IACvC,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,6BAA6B,CAAC,EAAE,OAAO,CAAC;CACzC;AAED,MAAM,WAAW,eAAe;IAC9B,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;IAEnB,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC9B,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC3B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,sBAAsB;IACrC,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;CAC1B;AAED,MAAM,WAAW,gCAAgC;IAC/C,0BAA0B,CAAC,EAAE,0BAA0B,CAAC;IACxD,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;CACvC;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;IAC7D,UAAU,CAAC,EAAE,sBAAsB,EAAE,CAAC;IACtC,mBAAmB,CAAC,EAAE,gCAAgC,CAAC;CACxD;AAED,MAAM,WAAW,0BAA2B,SAAQ,gBAAgB;CACnE;AAED,MAAM,WAAW,iBAAkB,SAAQ,gBAAgB;CAC1D;AAED,MAAM,WAAW,oBAAqB,SAAQ,gBAAgB;CAC7D;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;CAC9D;AAED,MAAM,WAAW,sBAAuB,SAAQ,gBAAgB;CAC/D;AAED,MAAM,MAAM,MAAM,GAAG,SAAS,GAAG,YAAY,CAAC;AAE9C,MAAM,WAAW,YAAY;IAC3B,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACpB;AAED,MAAM,WAAW,gBAAgB;IAC/B,mBAAmB,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,CAAC;IAC9C,WAAW,EAAE,CAAC,KAAK,KAAA,EAAE,YAAY,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IACvD,kBAAkB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,KAAK,MAAM,CAAC;IAC/D,yBAAyB,EAAE,CAAC,UAAU,EAAE,sBAAsB,EAAE,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,0BAA0B,EAAE,0BAA0B,KAAK,MAAM,CAAC;IAC1K,sBAAsB,EAAE,CAAC,IAAI,EAAE,oBAAoB,KAAK,MAAM,CAAC;IAC/D,eAAe,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,wBAAwB,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IACjF,gBAAgB,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,KAAK,EAAE,CAAC;IAC7D,yBAAyB,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,OAAO,EAAE,gBAAgB,CAAC,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,wBAAwB,KAAK,MAAM,CAAC;IAExL,sBAAsB,EAAE,CAAC,QAAQ,KAAA,EAAE,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,wBAAwB,KAAK,OAAO,CAAC;IACrK,UAAU,EAAE,CAAC,eAAe,EAAE,MAAM,GAAG,MAAM,EAAE,eAAe,CAAC,EAAE,GAAG,EAAE,iBAAiB,CAAC,EAAE,4BAA4B,KAAK;QACzH,UAAU,EAAE,MAAM,MAAM,CAAC;QACzB,MAAM,EAAE,MAAM,MAAM,CAAC;KACtB,CAAC;IACF,gBAAgB,EAAE,CAAC,YAAY,KAAA,EAAE,YAAY,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IACrF,gBAAgB,EAAE,CAAC,IAAI,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;IAEtE,gBAAgB,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IACpD,eAAe,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IAEnD,2BAA2B,EAAE,oBAAoB,CAAC;IAClD,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,iCAAiC,EAAE,0BAA0B,CAAC;IAC9D,wBAAwB,EAAE,iBAAiB,CAAC;IAC5C,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,6BAA6B,EAAE,sBAAsB,CAAC;CACvD;;6CA6S4C,OAAO,KAAG,MAAM;gCAhSxB,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;wDAgBkB,MAAM;;;;IA6T/D;;;;;OAKG;+BACwB,MAAM,aAAa,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM;IAS9E;;;;;;OAMG;IACH,eAAe;6CAC0B,GAAG,EAAE,GAAG,MAAM;IA0CvD;;;OAGG;iCAC0B;QAC3B,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,UAAU,EAAE,MAAM,GAAG,MAAM,CAAC;QAC5B,cAAc,CAAC,EAAE,MAAM,CAAC;QACxB,kBAAkB,EAAE,MAAM,CAAC;QAC3B,WAAW,EAAE,GAAG,CAAC;QACjB,6BAA6B,CAAC,EAAE,OAAO,CAAC;QACxC,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,cAAc,EAAE,GAAG,CAAC;QACpB,wBAAwB,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAC;QAChD,iBAAiB,EAAE,MAAM,CAAC;QAC1B,eAAe,EAAE;YAAE,MAAM,EAAE,MAAM,CAAC;YAAC,QAAQ,EAAE;gBAAE,SAAS,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,MAAM,CAAA;aAAE,CAAA;SAAE,CAAA;KACrF,GAAG,MAAM;2CAoE6B,MAAM,mBAAmB,MAAM;;;;;;;;;;;IAKtE;;;;;;OAMG;yBAEwB,MAAM,QAAQ,wBAAwB,QAAQ,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;
|
|
1
|
+
{"version":3,"file":"libsaml.d.ts","sourceRoot":"","sources":["../../src/libsaml.ts"],"names":[],"mappings":"AAMA,OAAgB,EAMd,KAAK,4BAA4B,EAClC,MAAM,cAAc,CAAC;AACtB,OAAQ,KAAK,MAAM,MAAM,aAAa,CAAA;AAItC,OAAO,KAAK,EAAC,iBAAiB,EAAC,MAAM,eAAe,CAAC;AAkIrD;;;;GAIG;AAGH,MAAM,WAAW,oBAAoB;IACnC,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,UAAU,EAAE,MAAM,GAAG,MAAM,CAAC;IAC5B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,WAAW,EAAE,MAAM,GAAG,MAAM,CAAC;IAC7B,6BAA6B,CAAC,EAAE,OAAO,CAAC;IACxC,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,eAAe,CAAC,EAAE,GAAG,CAAC;IACtB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,wBAAwB,CAAC,EAAE,MAAM,EAAE,CAAC;CACrC;AAED,MAAM,WAAW,wBAAwB;IACvC,QAAQ,CAAC,EAAE,iBAAiB,CAAC;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,6BAA6B,CAAC,EAAE,OAAO,CAAC;CACzC;AAED,MAAM,WAAW,wBAAwB;IACvC,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,6BAA6B,CAAC,EAAE,OAAO,CAAC;CACzC;AAED,MAAM,WAAW,eAAe;IAC9B,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;IAEnB,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC9B,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC3B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,sBAAsB;IACrC,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;CAC1B;AAED,MAAM,WAAW,gCAAgC;IAC/C,0BAA0B,CAAC,EAAE,0BAA0B,CAAC;IACxD,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;CACvC;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;IAC7D,UAAU,CAAC,EAAE,sBAAsB,EAAE,CAAC;IACtC,mBAAmB,CAAC,EAAE,gCAAgC,CAAC;CACxD;AAED,MAAM,WAAW,0BAA2B,SAAQ,gBAAgB;CACnE;AAED,MAAM,WAAW,iBAAkB,SAAQ,gBAAgB;CAC1D;AAED,MAAM,WAAW,oBAAqB,SAAQ,gBAAgB;CAC7D;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;CAC9D;AAED,MAAM,WAAW,sBAAuB,SAAQ,gBAAgB;CAC/D;AAED,MAAM,MAAM,MAAM,GAAG,SAAS,GAAG,YAAY,CAAC;AAE9C,MAAM,WAAW,YAAY;IAC3B,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACpB;AAED,MAAM,WAAW,gBAAgB;IAC/B,mBAAmB,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,CAAC;IAC9C,WAAW,EAAE,CAAC,KAAK,KAAA,EAAE,YAAY,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IACvD,kBAAkB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,KAAK,MAAM,CAAC;IAC/D,yBAAyB,EAAE,CAAC,UAAU,EAAE,sBAAsB,EAAE,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,0BAA0B,EAAE,0BAA0B,KAAK,MAAM,CAAC;IAC1K,sBAAsB,EAAE,CAAC,IAAI,EAAE,oBAAoB,KAAK,MAAM,CAAC;IAC/D,eAAe,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,wBAAwB,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IACjF,gBAAgB,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,KAAK,EAAE,CAAC;IAC7D,yBAAyB,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,OAAO,EAAE,gBAAgB,CAAC,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,wBAAwB,KAAK,MAAM,CAAC;IAExL,sBAAsB,EAAE,CAAC,QAAQ,KAAA,EAAE,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,wBAAwB,KAAK,OAAO,CAAC;IACrK,UAAU,EAAE,CAAC,eAAe,EAAE,MAAM,GAAG,MAAM,EAAE,eAAe,CAAC,EAAE,GAAG,EAAE,iBAAiB,CAAC,EAAE,4BAA4B,KAAK;QACzH,UAAU,EAAE,MAAM,MAAM,CAAC;QACzB,MAAM,EAAE,MAAM,MAAM,CAAC;KACtB,CAAC;IACF,gBAAgB,EAAE,CAAC,YAAY,KAAA,EAAE,YAAY,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IACrF,gBAAgB,EAAE,CAAC,IAAI,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;IAEtE,gBAAgB,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IACpD,eAAe,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IAEnD,2BAA2B,EAAE,oBAAoB,CAAC;IAClD,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,iCAAiC,EAAE,0BAA0B,CAAC;IAC9D,wBAAwB,EAAE,iBAAiB,CAAC;IAC5C,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,6BAA6B,EAAE,sBAAsB,CAAC;CACvD;;6CA6S4C,OAAO,KAAG,MAAM;gCAhSxB,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;wDAgBkB,MAAM;;;;IA6T/D;;;;;OAKG;+BACwB,MAAM,aAAa,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM;IAS9E;;;;;;OAMG;IACH,eAAe;6CAC0B,GAAG,EAAE,GAAG,MAAM;IA0CvD;;;OAGG;iCAC0B;QAC3B,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,UAAU,EAAE,MAAM,GAAG,MAAM,CAAC;QAC5B,cAAc,CAAC,EAAE,MAAM,CAAC;QACxB,kBAAkB,EAAE,MAAM,CAAC;QAC3B,WAAW,EAAE,GAAG,CAAC;QACjB,6BAA6B,CAAC,EAAE,OAAO,CAAC;QACxC,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,cAAc,EAAE,GAAG,CAAC;QACpB,wBAAwB,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAC;QAChD,iBAAiB,EAAE,MAAM,CAAC;QAC1B,eAAe,EAAE;YAAE,MAAM,EAAE,MAAM,CAAC;YAAC,QAAQ,EAAE;gBAAE,SAAS,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,MAAM,CAAA;aAAE,CAAA;SAAE,CAAA;KACrF,GAAG,MAAM;2CAoE6B,MAAM,mBAAmB,MAAM;;;;;;;;;;;IAKtE;;;;;;OAMG;yBAEwB,MAAM,QAAQ,wBAAwB,QAAQ,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;6BA4UlE,MAAM,QAAQ,wBAAwB;IAuJ/D;;;;;OAKG;0BACmB,MAAM,cAAc,MAAM,GAAG,MAAM,GAAG,YAAY;IAsBxE;;;;;;;;OAQG;2CAGY,MAAM,OAChB,MAAM,eACE,MAAM,aACR,OAAO,qBACC,MAAM,oBACP,wBAAwB,GAC3C,MAAM,GAAG,MAAM;IAyBd;;;;;;;OAOG;qCAES,GAAG,eACF,MAAM,aACR,MAAM,GAAG,MAAM,oBACR,MAAM,oBACN,wBAAwB;IAoC5C;;;;SAIK;gCAEgB,MAAM,GAAG,MAAM,oBACf,GAAG,sBACD,4BAA4B;;;;IAiBjD;;;;;;OAMG;iEAEgD,MAAM;IAqEzD;;OAEG;IACH;;OAEG;gDAC0C,MAAM,SAAS,wBAAwB;;;;;;IAiHpF;;;;;OAKG;+BAC8B,GAAG,aAAa,MAAM,GAAG,OAAO,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAyFnF;;OAEG;sBACqB,MAAM,SAAQ,OAAO;;AA8BjD,wBAAyB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"libsamlSoap.d.ts","sourceRoot":"","sources":["../../src/libsamlSoap.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"libsamlSoap.d.ts","sourceRoot":"","sources":["../../src/libsamlSoap.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,cAAc,CAAC;AA6F7D,MAAM,WAAW,mBAAmB;IAClC,QAAQ,EAAE,OAAO,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,iBAAiB,GAAG,kBAAkB,CAAC;IAC7C,eAAe,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,yBAAyB,CAAC,EAAE,MAAM,EAAE,CAAC;IACrC,mBAAmB,CAAC,EAAE,OAAO,CAAC;CAC/B;AAsKD,iBAAe,2BAA2B,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,wBAAwB,GAAG,OAAO,CAAC,mBAAmB,CAAC,CA0CpH;;;;AAED,wBAEE"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"metadata-idp.d.ts","sourceRoot":"","sources":["../../src/metadata-idp.ts"],"names":[],"mappings":"AAAA;;;;EAIE;AACF,OAAO,QAAQ,EAAE,EAAE,KAAM,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAClE,OAAQ,KAAK,EAAsB,sBAAsB,EAAE,MAAM,YAAY,CAAC;AAM9E,MAAM,WAAW,oBAAqB,SAAQ,iBAAiB;CAE9D;AAKD,MAAM,CAAC,OAAO,WAAU,IAAI,EAAE,sBAAsB,eAEnD;AAED,qBAAa,WAAY,SAAQ,QAAQ;gBAC3B,IAAI,EAAE,sBAAsB;
|
|
1
|
+
{"version":3,"file":"metadata-idp.d.ts","sourceRoot":"","sources":["../../src/metadata-idp.ts"],"names":[],"mappings":"AAAA;;;;EAIE;AACF,OAAO,QAAQ,EAAE,EAAE,KAAM,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAClE,OAAQ,KAAK,EAAsB,sBAAsB,EAAE,MAAM,YAAY,CAAC;AAM9E,MAAM,WAAW,oBAAqB,SAAQ,iBAAiB;CAE9D;AAKD,MAAM,CAAC,OAAO,WAAU,IAAI,EAAE,sBAAsB,eAEnD;AAED,qBAAa,WAAY,SAAQ,QAAQ;gBAC3B,IAAI,EAAE,sBAAsB;IAmHxC;;;MAGE;IACF,yBAAyB,IAAI,OAAO;IAQpC;;;;MAIE;IACF,sBAAsB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM;IAUxD;;;;OAIG;IACH,4BAA4B,CAAE,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM;CAUhE"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"metadata-sp.d.ts","sourceRoot":"","sources":["../../src/metadata-sp.ts"],"names":[],"mappings":"AAAA;;;;EAIE;AACF,OAAO,QAAQ,EAAE,EAAC,KAAK,iBAAiB,EAAC,MAAM,eAAe,CAAC;AAE/D,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AAQxD,MAAM,WAAW,mBAAoB,SAAQ,iBAAiB;CAE7D;AAYD,KAAK,gBAAgB,GAAG,QAAQ,GAAG,SAAS,CAAC;AAC7C,UAAU,mBAAmB;IAC3B,IAAI,CAAC,EAAE,gBAAgB,CAAC;IACxB,6BAA6B,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAAC;CACxD;
|
|
1
|
+
{"version":3,"file":"metadata-sp.d.ts","sourceRoot":"","sources":["../../src/metadata-sp.ts"],"names":[],"mappings":"AAAA;;;;EAIE;AACF,OAAO,QAAQ,EAAE,EAAC,KAAK,iBAAiB,EAAC,MAAM,eAAe,CAAC;AAE/D,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AAQxD,MAAM,WAAW,mBAAoB,SAAQ,iBAAiB;CAE7D;AAYD,KAAK,gBAAgB,GAAG,QAAQ,GAAG,SAAS,CAAC;AAC7C,UAAU,mBAAmB;IAC3B,IAAI,CAAC,EAAE,gBAAgB,CAAC;IACxB,6BAA6B,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAAC;CACxD;AAsCD,MAAM,CAAC,OAAO,WAAU,IAAI,EAAE,qBAAqB,cAElD;AAED;;EAEE;AACF,qBAAa,UAAW,SAAQ,QAAQ;IAEtC;;;MAGE;gBACU,IAAI,EAAE,qBAAqB;IA6NvC;;;MAGE;IACK,sBAAsB,IAAI,OAAO;IAOxC;;;MAGE;IACK,oBAAoB,IAAI,OAAO;IAOtC;;;;MAIE;IACK,2BAA2B,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,MAAM;IACrD,2BAA2B,CAAC,OAAO,EAAE,MAAM,GAAG,SAAS,EAAE,OAAO,EAAE,mBAAmB,GAAG,MAAM;CAmItG"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"saml2-enhancements-integration.d.ts","sourceRoot":"","sources":["../../src/saml2-enhancements-integration.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EASH,oBAAoB,EACpB,OAAO,EACV,MAAM,yBAAyB,CAAC;AACjC,OAAO,KAAK,EACR,0BAA0B,EAC1B,wBAAwB,EACxB,6BAA6B,EAC7B,sBAAsB,EACzB,MAAM,YAAY,CAAC;
|
|
1
|
+
{"version":3,"file":"saml2-enhancements-integration.d.ts","sourceRoot":"","sources":["../../src/saml2-enhancements-integration.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EASH,oBAAoB,EACpB,OAAO,EACV,MAAM,yBAAyB,CAAC;AACjC,OAAO,KAAK,EACR,0BAA0B,EAC1B,wBAAwB,EACxB,6BAA6B,EAC7B,sBAAsB,EACzB,MAAM,YAAY,CAAC;AAIpB;;GAEG;AACH,wBAAgB,6BAA6B,CACzC,cAAc,EAAE,MAAM,EACtB,YAAY,EAAE,0BAA0B,GACzC,MAAM,CAqCR;AAED;;GAEG;AACH,wBAAgB,2BAA2B,CACvC,eAAe,EAAE,MAAM,EACvB,YAAY,EAAE,wBAAwB,GACvC,MAAM,CAqBR;AAED;;GAEG;AACH,wBAAgB,oCAAoC,CAChD,eAAe,EAAE,MAAM,EACvB,YAAY,EAAE,6BAA6B,GAC5C,MAAM,CAmBR;AAED;;GAEG;AACH,wBAAgB,yBAAyB,CACrC,WAAW,EAAE,MAAM,EACnB,YAAY,EAAE,sBAAsB,GACrC,MAAM,CAuBR;AAkDD,OAAO,EAAE,oBAAoB,EAAE,OAAO,EAAE,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"schemaValidator.d.ts","sourceRoot":"","sources":["../../src/schemaValidator.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"schemaValidator.d.ts","sourceRoot":"","sources":["../../src/schemaValidator.ts"],"names":[],"mappings":"AA4LA,eAAO,MAAM,QAAQ,GAAU,KAAK,MAAM,EAAE,SAAQ,OAAe,qBAuBlE,CAAC;AAEF,eAAO,MAAM,gBAAgB,GAAU,KAAK,MAAM,EAAE,UAAS,OAAe;;;EAoD3E,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validator.d.ts","sourceRoot":"","sources":["../../src/validator.ts"],"names":[],"mappings":"AACA,KAAK,cAAc,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAEvC,iBAAS,UAAU,CACf,YAAY,EAAE,MAAM,GAAG,SAAS,EAChC,eAAe,EAAE,MAAM,GAAG,SAAS,EACnC,KAAK,GAAE,cAAuB,GAC/B,OAAO,
|
|
1
|
+
{"version":3,"file":"validator.d.ts","sourceRoot":"","sources":["../../src/validator.ts"],"names":[],"mappings":"AACA,KAAK,cAAc,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAEvC,iBAAS,UAAU,CACf,YAAY,EAAE,MAAM,GAAG,SAAS,EAChC,eAAe,EAAE,MAAM,GAAG,SAAS,EACnC,KAAK,GAAE,cAAuB,GAC/B,OAAO,CA+BT;AAED,OAAO,EACL,UAAU,EACX,CAAC"}
|
|
@@ -0,0 +1,5 @@
|
|
|
1
|
+
import { DOMParser, type DOMParserOptions } from '@xmldom/xmldom';
|
|
2
|
+
export declare function normalizeDomParserOptions(options?: DOMParserOptions): DOMParserOptions;
|
|
3
|
+
export declare function createSilentDomParser(options?: DOMParserOptions): DOMParser;
|
|
4
|
+
export declare function parseXmlOrThrow(xml: string, mimeType?: string, options?: DOMParserOptions): import("@xmldom/xmldom").Document;
|
|
5
|
+
//# sourceMappingURL=xmlParser.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"xmlParser.d.ts","sourceRoot":"","sources":["../../src/xmlParser.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,KAAK,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAQlE,wBAAgB,yBAAyB,CAAC,OAAO,GAAE,gBAAqB,GAAG,gBAAgB,CAK1F;AAED,wBAAgB,qBAAqB,CAAC,OAAO,GAAE,gBAAqB,aAEnE;AAED,wBAAgB,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,GAAE,MAA0B,EAAE,OAAO,GAAE,gBAAqB,qCAEhH"}
|