samlify 2.10.0 → 2.10.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.circleci/config.yml +128 -0
- package/.github/workflows/deploy-docs.yml +56 -0
- package/CHANGELOG.md +7 -0
- package/build/index.js +7 -17
- package/build/index.js.map +1 -1
- package/build/src/api.js +4 -3
- package/build/src/api.js.map +1 -1
- package/build/src/binding-post.js +15 -25
- package/build/src/binding-post.js.map +1 -1
- package/build/src/binding-redirect.js +7 -17
- package/build/src/binding-redirect.js.map +1 -1
- package/build/src/binding-simplesign.js +14 -24
- package/build/src/binding-simplesign.js.map +1 -1
- package/build/src/entity-idp.js +4 -4
- package/build/src/entity-idp.js.map +1 -1
- package/build/src/entity-sp.js +2 -2
- package/build/src/entity-sp.js.map +1 -1
- package/build/src/entity.js +7 -17
- package/build/src/entity.js.map +1 -1
- package/build/src/extractor.js +2 -2
- package/build/src/extractor.js.map +1 -1
- package/build/src/flow.js +35 -29
- package/build/src/flow.js.map +1 -1
- package/build/src/libsaml.js +24 -30
- package/build/src/libsaml.js.map +1 -1
- package/build/src/metadata-idp.js +9 -9
- package/build/src/metadata-idp.js.map +1 -1
- package/build/src/metadata-sp.js +9 -9
- package/build/src/metadata-sp.js.map +1 -1
- package/build/src/metadata.js +7 -17
- package/build/src/metadata.js.map +1 -1
- package/build/src/urn.js +4 -4
- package/build/src/urn.js.map +1 -1
- package/build/src/utility.js +13 -12
- package/build/src/utility.js.map +1 -1
- package/build/src/validator.js +2 -1
- package/build/src/validator.js.map +1 -1
- package/package.json +12 -21
- package/src/flow.ts +24 -23
- package/src/libsaml.ts +18 -13
- package/tsconfig.json +8 -1
- package/types/src/binding-post.d.ts +1 -1
- package/types/src/binding-simplesign.d.ts +1 -1
- package/types/src/entity.d.ts +2 -1
- package/types/src/extractor.d.ts +1 -1
- package/types/src/libsaml.d.ts +7 -6
- package/types/src/metadata.d.ts +1 -0
- package/types/src/types.d.ts +8 -7
- package/types/src/utility.d.ts +2 -1
- package/types/src/validator.d.ts +1 -1
- package/types/vitest.config.d.ts +2 -0
- package/vitest.config.ts +12 -0
package/build/src/metadata-sp.js
CHANGED
|
@@ -30,7 +30,6 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
30
30
|
};
|
|
31
31
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
32
32
|
exports.SpMetadata = void 0;
|
|
33
|
-
exports.default = default_1;
|
|
34
33
|
/**
|
|
35
34
|
* @file metadata-sp.ts
|
|
36
35
|
* @author tngan
|
|
@@ -47,21 +46,22 @@ var xml_1 = __importDefault(require("xml"));
|
|
|
47
46
|
function default_1(meta) {
|
|
48
47
|
return new SpMetadata(meta);
|
|
49
48
|
}
|
|
49
|
+
exports.default = default_1;
|
|
50
50
|
/**
|
|
51
51
|
* @desc SP Metadata is for creating Service Provider, provides a set of API to manage the actions in SP.
|
|
52
52
|
*/
|
|
53
53
|
var SpMetadata = /** @class */ (function (_super) {
|
|
54
|
+
var e_1, _a, e_2, _b;
|
|
54
55
|
__extends(SpMetadata, _super);
|
|
55
56
|
/**
|
|
56
57
|
* @param {object/string} meta (either xml string or configuration in object)
|
|
57
58
|
* @return {object} prototypes including public functions
|
|
58
59
|
*/
|
|
59
60
|
function SpMetadata(meta) {
|
|
60
|
-
var e_1, _a, e_2, _b;
|
|
61
61
|
var isFile = (0, utility_1.isString)(meta) || meta instanceof Buffer;
|
|
62
62
|
// use object configuration instead of importing metadata file directly
|
|
63
63
|
if (!isFile) {
|
|
64
|
-
var
|
|
64
|
+
var _a = meta, _b = _a.elementsOrder, elementsOrder = _b === void 0 ? urn_1.elementsOrder.default : _b, entityID = _a.entityID, signingCert = _a.signingCert, encryptCert = _a.encryptCert, _c = _a.authnRequestsSigned, authnRequestsSigned = _c === void 0 ? false : _c, _d = _a.wantAssertionsSigned, wantAssertionsSigned = _d === void 0 ? false : _d, _e = _a.wantMessageSigned, wantMessageSigned = _e === void 0 ? false : _e, signatureConfig = _a.signatureConfig, _f = _a.nameIDFormat, nameIDFormat = _f === void 0 ? [] : _f, _g = _a.singleLogoutService, singleLogoutService = _g === void 0 ? [] : _g, _h = _a.assertionConsumerService, assertionConsumerService = _h === void 0 ? [] : _h;
|
|
65
65
|
var descriptors_1 = {
|
|
66
66
|
KeyDescriptor: [],
|
|
67
67
|
NameIDFormat: [],
|
|
@@ -80,28 +80,28 @@ var SpMetadata = /** @class */ (function (_super) {
|
|
|
80
80
|
console.warn('Construct service provider - missing signatureConfig');
|
|
81
81
|
}
|
|
82
82
|
try {
|
|
83
|
-
for (var
|
|
84
|
-
var cert =
|
|
83
|
+
for (var _j = __values((0, utility_1.castArrayOpt)(signingCert)), _k = _j.next(); !_k.done; _k = _j.next()) {
|
|
84
|
+
var cert = _k.value;
|
|
85
85
|
descriptors_1.KeyDescriptor.push(libsaml_1.default.createKeySection('signing', cert).KeyDescriptor);
|
|
86
86
|
}
|
|
87
87
|
}
|
|
88
88
|
catch (e_1_1) { e_1 = { error: e_1_1 }; }
|
|
89
89
|
finally {
|
|
90
90
|
try {
|
|
91
|
-
if (
|
|
91
|
+
if (_k && !_k.done && (_a = _j.return)) _a.call(_j);
|
|
92
92
|
}
|
|
93
93
|
finally { if (e_1) throw e_1.error; }
|
|
94
94
|
}
|
|
95
95
|
try {
|
|
96
|
-
for (var
|
|
97
|
-
var cert =
|
|
96
|
+
for (var _l = __values((0, utility_1.castArrayOpt)(encryptCert)), _m = _l.next(); !_m.done; _m = _l.next()) {
|
|
97
|
+
var cert = _m.value;
|
|
98
98
|
descriptors_1.KeyDescriptor.push(libsaml_1.default.createKeySection('encryption', cert).KeyDescriptor);
|
|
99
99
|
}
|
|
100
100
|
}
|
|
101
101
|
catch (e_2_1) { e_2 = { error: e_2_1 }; }
|
|
102
102
|
finally {
|
|
103
103
|
try {
|
|
104
|
-
if (
|
|
104
|
+
if (_m && !_m.done && (_b = _l.return)) _b.call(_l);
|
|
105
105
|
}
|
|
106
106
|
finally { if (e_2) throw e_2.error; }
|
|
107
107
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"metadata-sp.js","sourceRoot":"","sources":["../../src/metadata-sp.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"metadata-sp.js","sourceRoot":"","sources":["../../src/metadata-sp.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;EAIE;AACF,wDAAyD;AAEzD,6BAA0D;AAC1D,sDAAgC;AAChC,qCAAoE;AACpE,4CAAsB;AAetB;;GAEG;AACH,mBAAwB,IAA2B;IACjD,OAAO,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC;AAC9B,CAAC;AAFD,4BAEC;AAED;;EAEE;AACF;;IAAgC,8BAAQ;IAEtC;;;MAGE;IACF,oBAAY,IAA2B;QAErC,IAAM,MAAM,GAAG,IAAA,kBAAQ,EAAC,IAAI,CAAC,IAAI,IAAI,YAAY,MAAM,CAAC;QAExD,uEAAuE;QACvE,IAAI,CAAC,MAAM,EAAE;YAEL,IAAA,KAYF,IAAyB,EAX3B,qBAA6B,EAA7B,aAAa,mBAAG,mBAAK,CAAC,OAAO,KAAA,EAC7B,QAAQ,cAAA,EACR,WAAW,iBAAA,EACX,WAAW,iBAAA,EACX,2BAA2B,EAA3B,mBAAmB,mBAAG,KAAK,KAAA,EAC3B,4BAA4B,EAA5B,oBAAoB,mBAAG,KAAK,KAAA,EAC5B,yBAAyB,EAAzB,iBAAiB,mBAAG,KAAK,KAAA,EACzB,eAAe,qBAAA,EACf,oBAAiB,EAAjB,YAAY,mBAAG,EAAE,KAAA,EACjB,2BAAwB,EAAxB,mBAAmB,mBAAG,EAAE,KAAA,EACxB,gCAA6B,EAA7B,wBAAwB,mBAAG,EAAE,KACF,CAAC;YAE9B,IAAM,aAAW,GAAgB;gBAC/B,aAAa,EAAE,EAAE;gBACjB,YAAY,EAAE,EAAE;gBAChB,mBAAmB,EAAE,EAAE;gBACvB,wBAAwB,EAAE,EAAE;gBAC5B,yBAAyB,EAAE,EAAE;aAC9B,CAAC;YAEF,IAAM,iBAAe,GAAU,CAAC;oBAC9B,KAAK,EAAE;wBACL,mBAAmB,EAAE,MAAM,CAAC,mBAAmB,CAAC;wBAChD,oBAAoB,EAAE,MAAM,CAAC,oBAAoB,CAAC;wBAClD,0BAA0B,EAAE,eAAS,CAAC,KAAK,CAAC,QAAQ;qBACrD;iBACF,CAAC,CAAC;YAEH,IAAI,iBAAiB,IAAI,eAAe,KAAK,SAAS,EAAE;gBACtD,OAAO,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC;aACtE;;gBAED,KAAkB,IAAA,KAAA,SAAA,IAAA,sBAAY,EAAC,WAAW,CAAC,CAAA,gBAAA,4BAAE;oBAAzC,IAAM,IAAI,WAAA;oBACZ,aAAW,CAAC,aAAc,CAAC,IAAI,CAAC,iBAAO,CAAC,gBAAgB,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC,aAAa,CAAC,CAAC;iBAC1F;;;;;;;;;;gBAED,KAAkB,IAAA,KAAA,SAAA,IAAA,sBAAY,EAAC,WAAW,CAAC,CAAA,gBAAA,4BAAE;oBAAzC,IAAM,IAAI,WAAA;oBACZ,aAAW,CAAC,aAAc,CAAC,IAAI,CAAC,iBAAO,CAAC,gBAAgB,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC,aAAa,CAAC,CAAC;iBAC7F;;;;;;;;;YAED,IAAI,IAAA,yBAAe,EAAC,YAAY,CAAC,EAAE;gBACjC,YAAY,CAAC,OAAO,CAAC,UAAA,CAAC,IAAI,OAAA,aAAW,CAAC,YAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAjC,CAAiC,CAAC,CAAC;aAC9D;iBAAM;gBACL,gBAAgB;gBAChB,aAAW,CAAC,YAAa,CAAC,IAAI,CAAC,eAAS,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;aAC/D;YAED,IAAI,IAAA,yBAAe,EAAC,mBAAmB,CAAC,EAAE;gBACxC,mBAAmB,CAAC,OAAO,CAAC,UAAA,CAAC;oBAC3B,IAAM,IAAI,GAAQ;wBAChB,OAAO,EAAE,CAAC,CAAC,OAAO;wBAClB,QAAQ,EAAE,CAAC,CAAC,QAAQ;qBACrB,CAAC;oBACF,IAAI,CAAC,CAAC,SAAS,EAAE;wBACf,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;qBACvB;oBACD,aAAW,CAAC,mBAAoB,CAAC,IAAI,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;gBAC3D,CAAC,CAAC,CAAC;aACJ;YAED,IAAI,IAAA,yBAAe,EAAC,wBAAwB,CAAC,EAAE;gBAC7C,IAAI,YAAU,GAAG,CAAC,CAAC;gBACnB,wBAAwB,CAAC,OAAO,CAAC,UAAA,CAAC;oBAChC,IAAM,IAAI,GAAQ;wBAChB,KAAK,EAAE,MAAM,CAAC,YAAU,EAAE,CAAC;wBAC3B,OAAO,EAAE,CAAC,CAAC,OAAO;wBAClB,QAAQ,EAAE,CAAC,CAAC,QAAQ;qBACrB,CAAC;oBACF,IAAI,CAAC,CAAC,SAAS,EAAE;wBACf,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;qBACvB;oBACD,aAAW,CAAC,wBAAyB,CAAC,IAAI,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;gBAChE,CAAC,CAAC,CAAC;aACJ;iBAAM;gBACL,gEAAgE;aACjE;YAED,uBAAuB;YACvB,IAAM,eAAe,GAAG,aAAa,CAAC,MAAM,CAAC,UAAA,IAAI,IAAI,OAAA,IAAA,yBAAe,EAAC,aAAW,CAAC,IAAI,CAAC,CAAC,EAAlC,CAAkC,CAAC,CAAC;YACzF,eAAe,CAAC,OAAO,CAAC,UAAA,IAAI;gBAC1B,aAAW,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,UAAA,CAAC;;oBAAI,OAAA,iBAAe,CAAC,IAAI,WAAG,GAAC,IAAI,IAAG,CAAC,MAAG;gBAAnC,CAAmC,CAAC,CAAC;YACtE,CAAC,CAAC,CAAC;YAEH,0FAA0F;YAC1F,IAAI,GAAG,IAAA,aAAG,EAAC,CAAC;oBACV,gBAAgB,EAAE,CAAC;4BACjB,KAAK,EAAE;gCACL,QAAQ,UAAA;gCACR,OAAO,EAAE,eAAS,CAAC,KAAK,CAAC,QAAQ;gCACjC,iBAAiB,EAAE,eAAS,CAAC,KAAK,CAAC,SAAS;gCAC5C,UAAU,EAAE,oCAAoC;6BACjD;yBACF,EAAE,EAAE,eAAe,mBAAA,EAAE,CAAC;iBACxB,CAAC,CAAC,CAAC;SAEL;QAED,iDAAiD;eACjD,kBAAM,IAAuB,EAAE;YAC7B;gBACE,GAAG,EAAE,iBAAiB;gBACtB,SAAS,EAAE,CAAC,kBAAkB,EAAE,iBAAiB,CAAC;gBAClD,UAAU,EAAE,CAAC,sBAAsB,EAAE,qBAAqB,CAAC;aAC5D;YACD;gBACE,GAAG,EAAE,0BAA0B;gBAC/B,SAAS,EAAE,CAAC,kBAAkB,EAAE,iBAAiB,EAAE,0BAA0B,CAAC;gBAC9E,UAAU,EAAE,CAAC,SAAS,EAAE,UAAU,EAAE,WAAW,EAAE,OAAO,CAAC;aAC1D;SACF,CAAC;IAEJ,CAAC;IAED;;;MAGE;IACK,2CAAsB,GAA7B;QACE,OAAO,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,oBAAoB,KAAK,MAAM,CAAC;IACnE,CAAC;IACD;;;MAGE;IACK,yCAAoB,GAA3B;QACE,OAAO,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,mBAAmB,KAAK,MAAM,CAAC;IAClE,CAAC;IACD;;;;MAIE;IACK,gDAA2B,GAAlC,UAAmC,OAAe;QAChD,IAAI,IAAA,kBAAQ,EAAC,OAAO,CAAC,EAAE;YACrB,IAAI,UAAQ,CAAC;YACb,IAAM,UAAQ,GAAG,eAAS,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAC5C,IAAI,IAAA,yBAAe,EAAC,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,EAAE;gBACvD,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,OAAO,CAAC,UAAA,GAAG;oBAC5C,IAAI,GAAG,CAAC,OAAO,KAAK,UAAQ,EAAE;wBAC5B,UAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;wBACxB,OAAO;qBACR;gBACH,CAAC,CAAC,CAAC;aACJ;iBAAM;gBACL,IAAI,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,OAAO,KAAK,UAAQ,EAAE;oBAC3D,UAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,QAAQ,CAAC;iBACxD;aACF;YACD,OAAO,UAAQ,CAAC;SACjB;QACD,OAAO,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC;IAC5C,CAAC;IACH,iBAAC;AAAD,CAAC,AAvKD,CAAgC,kBAAQ,GAuKvC;AAvKY,gCAAU"}
|
package/build/src/metadata.js
CHANGED
|
@@ -15,23 +15,13 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
|
|
|
15
15
|
}) : function(o, v) {
|
|
16
16
|
o["default"] = v;
|
|
17
17
|
});
|
|
18
|
-
var __importStar = (this && this.__importStar) ||
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
return ownKeys(o);
|
|
26
|
-
};
|
|
27
|
-
return function (mod) {
|
|
28
|
-
if (mod && mod.__esModule) return mod;
|
|
29
|
-
var result = {};
|
|
30
|
-
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
-
__setModuleDefault(result, mod);
|
|
32
|
-
return result;
|
|
33
|
-
};
|
|
34
|
-
})();
|
|
18
|
+
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
+
if (mod && mod.__esModule) return mod;
|
|
20
|
+
var result = {};
|
|
21
|
+
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
+
__setModuleDefault(result, mod);
|
|
23
|
+
return result;
|
|
24
|
+
};
|
|
35
25
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
26
|
/**
|
|
37
27
|
* @file metadata.ts
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"metadata.js","sourceRoot":"","sources":["../../src/metadata.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"metadata.js","sourceRoot":"","sources":["../../src/metadata.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;EAIE;AACF,qCAAyB;AACzB,6BAAkC;AAClC,yCAAsC;AACtC,qCAAqC;AAarC;IAKE;;;MAGE;IACF,kBAAY,GAAoB,EAAE,UAAoB;QAApB,2BAAA,EAAA,eAAoB;QACpD,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QAChC,IAAI,CAAC,IAAI,GAAG,IAAA,mBAAO,EAAC,IAAI,CAAC,SAAS,EAAE,UAAU,CAAC,MAAM,CAAC;YACpD;gBACE,GAAG,EAAE,kBAAkB;gBACvB,SAAS,EAAE,CAAC,kBAAkB,CAAC;gBAC/B,UAAU,EAAE,EAAE;gBACd,OAAO,EAAE,IAAI;aACd;YACD;gBACE,GAAG,EAAE,UAAU;gBACf,SAAS,EAAE,CAAC,kBAAkB,CAAC;gBAC/B,UAAU,EAAE,CAAC,UAAU,CAAC;aACzB;YACD;gBACE,qDAAqD;gBACrD,GAAG,EAAE,mBAAmB;gBACxB,SAAS,EAAE,CAAC,kBAAkB,EAAE,gBAAgB,EAAE,eAAe,EAAE,SAAS,EAAE,UAAU,EAAE,iBAAiB,CAAC;gBAC5G,UAAU,EAAE,EAAE;aACf;YACD;gBACE,8DAA8D;gBAC9D,GAAG,EAAE,aAAa;gBAClB,SAAS,EAAE,CAAC,kBAAkB,EAAE,gBAAgB,EAAE,eAAe,CAAC;gBAClE,KAAK,EAAE,CAAC,KAAK,CAAC;gBACd,aAAa,EAAE,CAAC,SAAS,EAAE,UAAU,EAAE,iBAAiB,CAAC;gBACzD,UAAU,EAAE,EAAE;aACf;YACD;gBACE,GAAG,EAAE,qBAAqB;gBAC1B,SAAS,EAAE,CAAC,kBAAkB,EAAE,gBAAgB,EAAE,qBAAqB,CAAC;gBACxE,UAAU,EAAE,CAAC,SAAS,EAAE,UAAU,CAAC;aACpC;YACD;gBACE,GAAG,EAAE,cAAc;gBACnB,SAAS,EAAE,CAAC,kBAAkB,EAAE,gBAAgB,EAAE,cAAc,CAAC;gBACjE,UAAU,EAAE,EAAE;aACf;SACF,CAAC,CAAC,CAAC;QAEJ,yBAAyB;QACzB,IAAM,iBAAiB,GAAG,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC;QACtD,IAAI,OAAO,iBAAiB,KAAK,QAAQ,EAAE;YACzC,IAAI,CAAC,IAAI,CAAC,WAAW,GAAG;gBACtB,OAAO,EAAE,iBAAiB;gBAC1B,UAAU,EAAE,iBAAiB;aAC9B,CAAC;YACF,OAAO,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC;SACpC;QAED,IACE,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC;YACzC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,EACrC;YACA,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;SAC3D;IAEH,CAAC;IAED;;;MAGE;IACK,8BAAW,GAAlB;QACE,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED;;;MAGE;IACK,iCAAc,GAArB,UAAsB,UAAkB;QACtC,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;IAC/C,CAAC;IAED;;;MAGE;IACK,8BAAW,GAAlB;QACE,OAAO,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC;IAC5B,CAAC;IAED;;;;MAIE;IACK,qCAAkB,GAAzB,UAA0B,GAAW;QACnC,OAAO,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;IAC5C,CAAC;IAED;;;MAGE;IACK,kCAAe,GAAtB;QACE,OAAO,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC;IAChC,CAAC;IAED;;;;MAIE;IACK,yCAAsB,GAA7B,UAA8B,OAA2B;QACvD,IAAI,OAAO,IAAI,IAAA,kBAAQ,EAAC,OAAO,CAAC,EAAE;YAChC,IAAM,UAAQ,GAAG,eAAS,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAC5C,IAAI,mBAAmB,GAAG,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC;YACxD,IAAI,CAAC,CAAC,mBAAmB,YAAY,KAAK,CAAC,EAAE;gBAC3C,mBAAmB,GAAG,CAAC,mBAAmB,CAAC,CAAC;aAC5C;YACF,IAAM,OAAO,GAAG,mBAAmB,CAAC,IAAI,CAAC,UAAA,GAAG,IAAI,OAAA,GAAG,CAAC,OAAO,KAAK,UAAQ,EAAxB,CAAwB,CAAC,CAAC;YAC1E,IAAI,OAAO,EAAE;gBACX,OAAO,OAAO,CAAC,QAAQ,CAAC;aACzB;SACF;QACD,OAAO,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC;IACvC,CAAC;IAED;;;;MAIE;IACK,qCAAkB,GAAzB,UAA0B,QAAkB;QAC1C,IAAI,eAAe,GAAG,EAAE,CAAC;QACzB,IAAI,QAAQ,EAAE;YACZ,eAAe,GAAG,QAAQ,CAAC,MAAM,CAAC,UAAC,GAAQ,EAAE,OAAO;gBAClD,IAAM,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC/C,OAAO,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YAClC,CAAC,EAAE,EAAE,CAAC,CAAC;SACR;QACD,OAAO,eAAe,CAAC;IACzB,CAAC;IACH,eAAC;AAAD,CAAC,AAhJD,IAgJC"}
|
package/build/src/urn.js
CHANGED
|
@@ -12,12 +12,12 @@ var BindingNamespace;
|
|
|
12
12
|
BindingNamespace["Post"] = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST";
|
|
13
13
|
BindingNamespace["SimpleSign"] = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign";
|
|
14
14
|
BindingNamespace["Artifact"] = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact";
|
|
15
|
-
})(BindingNamespace
|
|
15
|
+
})(BindingNamespace = exports.BindingNamespace || (exports.BindingNamespace = {}));
|
|
16
16
|
var MessageSignatureOrder;
|
|
17
17
|
(function (MessageSignatureOrder) {
|
|
18
18
|
MessageSignatureOrder["STE"] = "sign-then-encrypt";
|
|
19
19
|
MessageSignatureOrder["ETS"] = "encrypt-then-sign";
|
|
20
|
-
})(MessageSignatureOrder
|
|
20
|
+
})(MessageSignatureOrder = exports.MessageSignatureOrder || (exports.MessageSignatureOrder = {}));
|
|
21
21
|
var StatusCode;
|
|
22
22
|
(function (StatusCode) {
|
|
23
23
|
// top-tier
|
|
@@ -45,7 +45,7 @@ var StatusCode;
|
|
|
45
45
|
StatusCode["UnknownAttrProfile"] = "urn:oasis:names:tc:SAML:2.0:status:UnknownAttrProfile";
|
|
46
46
|
StatusCode["UnknownPrincipal"] = "urn:oasis:names:tc:SAML:2.0:status:UnknownPrincipal";
|
|
47
47
|
StatusCode["UnsupportedBinding"] = "urn:oasis:names:tc:SAML:2.0:status:UnsupportedBinding";
|
|
48
|
-
})(StatusCode
|
|
48
|
+
})(StatusCode = exports.StatusCode || (exports.StatusCode = {}));
|
|
49
49
|
var namespace = {
|
|
50
50
|
binding: {
|
|
51
51
|
redirect: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
|
|
@@ -174,7 +174,7 @@ var ParserType;
|
|
|
174
174
|
ParserType["SAMLResponse"] = "SAMLResponse";
|
|
175
175
|
ParserType["LogoutRequest"] = "LogoutRequest";
|
|
176
176
|
ParserType["LogoutResponse"] = "LogoutResponse";
|
|
177
|
-
})(ParserType
|
|
177
|
+
})(ParserType = exports.ParserType || (exports.ParserType = {}));
|
|
178
178
|
var wording = {
|
|
179
179
|
urlParams: {
|
|
180
180
|
samlRequest: 'SAMLRequest',
|
package/build/src/urn.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"urn.js","sourceRoot":"","sources":["../../src/urn.ts"],"names":[],"mappings":";AAAA;;;;EAIE;;;AAEF,IAAY,gBAKX;AALD,WAAY,gBAAgB;IAC1B,mFAA+D,CAAA;IAC/D,2EAAuD,CAAA;IACvD,4FAAwE,CAAA;IACxE,mFAA+D,CAAA;AACjE,CAAC,EALW,gBAAgB,
|
|
1
|
+
{"version":3,"file":"urn.js","sourceRoot":"","sources":["../../src/urn.ts"],"names":[],"mappings":";AAAA;;;;EAIE;;;AAEF,IAAY,gBAKX;AALD,WAAY,gBAAgB;IAC1B,mFAA+D,CAAA;IAC/D,2EAAuD,CAAA;IACvD,4FAAwE,CAAA;IACxE,mFAA+D,CAAA;AACjE,CAAC,EALW,gBAAgB,GAAhB,wBAAgB,KAAhB,wBAAgB,QAK3B;AAED,IAAY,qBAGX;AAHD,WAAY,qBAAqB;IAC/B,kDAAyB,CAAA;IACzB,kDAAyB,CAAA;AAC3B,CAAC,EAHW,qBAAqB,GAArB,6BAAqB,KAArB,6BAAqB,QAGhC;AAED,IAAY,UA0BX;AA1BD,WAAY,UAAU;IACpB,WAAW;IACX,oEAAsD,CAAA;IACtD,wEAA0D,CAAA;IAC1D,wEAA0D,CAAA;IAC1D,oFAAsE,CAAA;IACtE,0CAA0C;IAC1C,2EAA6D,CAAA;IAC7D,kGAAoF,CAAA;IACpF,4FAA8E,CAAA;IAC9E,kFAAoE,CAAA;IACpE,kFAAoE,CAAA;IACpE,wEAA0D,CAAA;IAC1D,kFAAoE,CAAA;IACpE,gFAAkE,CAAA;IAClE,0FAA4E,CAAA;IAC5E,gFAAkE,CAAA;IAClE,0FAA4E,CAAA;IAC5E,sGAAwF,CAAA;IACxF,gGAAkF,CAAA;IAClF,8FAAgF,CAAA;IAChF,gGAAkF,CAAA;IAClF,sFAAwE,CAAA;IACxE,0FAA4E,CAAA;IAC5E,sFAAwE,CAAA;IACxE,0FAA4E,CAAA;AAC9E,CAAC,EA1BW,UAAU,GAAV,kBAAU,KAAV,kBAAU,QA0BrB;AAED,IAAM,SAAS,GAAG;IAChB,OAAO,EAAE;QACP,QAAQ,EAAE,oDAAoD;QAC9D,IAAI,EAAE,gDAAgD;QACtD,UAAU,EAAE,2DAA2D;QACvE,QAAQ,EAAE,oDAAoD;KAC/D;IACD,KAAK,EAAE;QACL,QAAQ,EAAE,sCAAsC;QAChD,SAAS,EAAE,uCAAuC;QAClD,QAAQ,EAAE,sCAAsC;QAChD,UAAU,EAAE,yCAAyC;QACrD,WAAW,EAAE,0CAA0C;KACxD;IACD,oBAAoB,EAAE;QACpB,QAAQ,EAAE,iDAAiD;QAC3D,0BAA0B,EAAE,mEAAmE;KAChG;IACD,MAAM,EAAE;QACN,YAAY,EAAE,wDAAwD;QACtE,UAAU,EAAE,sDAAsD;QAClE,SAAS,EAAE,qDAAqD;QAChE,MAAM,EAAE,kDAAkD;QAC1D,WAAW,EAAE,uDAAuD;QACpE,QAAQ,EAAE,oDAAoD;QAC9D,0BAA0B,EAAE,sEAAsE;QAClG,eAAe,EAAE,2DAA2D;KAC7E;IACD,UAAU,EAAE;QACV,qCAAqC;QACrC,OAAO,EAAE,4CAA4C;QACrD,SAAS,EAAE,8CAA8C;QACzD,SAAS,EAAE,8CAA8C;QACzD,eAAe,EAAE,oDAAoD;QACrE,4BAA4B;QAC5B,UAAU,EAAE,gDAAgD;QAC5D,sBAAsB,EAAE,2DAA2D;QACnF,mBAAmB,EAAE,wDAAwD;QAC7E,cAAc,EAAE,mDAAmD;QACnE,cAAc,EAAE,mDAAmD;QACnE,SAAS,EAAE,8CAA8C;QACzD,cAAc,EAAE,mDAAmD;QACnE,aAAa,EAAE,kDAAkD;QACjE,kBAAkB,EAAE,uDAAuD;QAC3E,aAAa,EAAE,kDAAkD;QACjE,kBAAkB,EAAE,uDAAuD;QAC3E,wBAAwB,EAAE,6DAA6D;QACvF,qBAAqB,EAAE,0DAA0D;QACjF,oBAAoB,EAAE,yDAAyD;QAC/E,qBAAqB,EAAE,0DAA0D;QACjF,gBAAgB,EAAE,qDAAqD;QACvE,kBAAkB,EAAE,uDAAuD;QAC3E,gBAAgB,EAAE,qDAAqD;QACvE,kBAAkB,EAAE,uDAAuD;KAC5E;CACF,CAAC;AA4GO,8BAAS;AA1GlB,IAAM,IAAI,GAAG;IACX,OAAO,EAAE;QACP,WAAW,EAAE,eAAe;QAC5B,2BAA2B,EAAE,+BAA+B;QAC5D,oBAAoB,EAAE,wBAAwB;QAC9C,WAAW,EAAE,eAAe;QAC5B,QAAQ,EAAE,YAAY;QACtB,cAAc,EAAE,kBAAkB;QAClC,kBAAkB,EAAE,sBAAsB;QAC1C,mBAAmB,EAAE,uBAAuB;QAC5C,sBAAsB,EAAE,0BAA0B;QAClD,WAAW,EAAE,eAAe;QAC5B,QAAQ,EAAE,YAAY;QACtB,EAAE,EAAE,MAAM;QACV,MAAM,EAAE,UAAU;QAClB,YAAY,EAAE,gBAAgB;QAC9B,YAAY,EAAE,gBAAgB;QAC9B,MAAM,EAAE,UAAU;QAClB,YAAY,EAAE,gBAAgB;QAC9B,eAAe,EAAE,mBAAmB;QACpC,YAAY,EAAE,gBAAgB;QAC9B,gBAAgB,EAAE,oBAAoB;QACtC,mCAAmC,EAAE,uCAAuC;QAC5E,UAAU,EAAE,cAAc;KAC3B;IACD,MAAM,EAAE;QACN,YAAY,EAAE,cAAc;QAC5B,aAAa,EAAE,eAAe;QAC9B,aAAa,EAAE,UAAU;QACzB,cAAc,EAAE,gBAAgB;KACjC;CACF,CAAC;AA2EkB,oBAAI;AAzExB,IAAM,qBAAqB,GAAG;IAC5B,YAAY,EAAE;QACZ,iBAAiB,EAAE,mBAAmB;QACtC,iBAAiB,EAAE,mBAAmB;KACvC;CACF,CAAC;AAoE4D,sDAAqB;AAlEnF,IAAM,UAAU,GAAG;IACjB,SAAS,EAAE;QACT,QAAQ,EAAE,4CAA4C;QACtD,UAAU,EAAE,mDAAmD;QAC/D,UAAU,EAAE,mDAAmD;KAChE;IACD,UAAU,EAAE;QACV,IAAI,EAAE;YACJ,OAAO,EAAE,6CAA6C;YACtD,OAAO,EAAE,6CAA6C;YACtD,OAAO,EAAE,gDAAgD;YACzD,WAAW,EAAE,4CAA4C;SAC1D;QACD,GAAG,EAAE;YACH,cAAc,EAAE,iDAAiD;YACjE,OAAO,EAAE,0CAA0C;SACpD;KACF;IACD,MAAM,EAAE;QACN,4CAA4C,EAAE,wCAAwC;QACtF,mDAAmD,EAAE,yCAAyC;QAC9F,mDAAmD,EAAE,yCAAyC,EAAE,6DAA6D;KAC9J;CACF,CAAC;AA2CwB,gCAAU;AAzCpC,IAAY,UAKX;AALD,WAAY,UAAU;IACpB,yCAA2B,CAAA;IAC3B,2CAA6B,CAAA;IAC7B,6CAA+B,CAAA;IAC/B,+CAAiC,CAAA;AACnC,CAAC,EALW,UAAU,GAAV,kBAAU,KAAV,kBAAU,QAKrB;AAED,IAAM,OAAO,GAAG;IACd,SAAS,EAAE;QACT,WAAW,EAAE,aAAa;QAC1B,YAAY,EAAE,cAAc;QAC5B,aAAa,EAAE,eAAe;QAC9B,cAAc,EAAE,gBAAgB;QAChC,MAAM,EAAE,QAAQ;QAChB,SAAS,EAAE,WAAW;QACtB,UAAU,EAAE,YAAY;KACzB;IACD,OAAO,EAAE;QACP,QAAQ,EAAE,UAAU;QACpB,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,YAAY;QACxB,QAAQ,EAAE,UAAU;KACrB;IACD,OAAO,EAAE;QACP,OAAO,EAAE,SAAS;QAClB,OAAO,EAAE,YAAY;KACtB;IACD,QAAQ,EAAE;QACR,EAAE,EAAE,aAAa;QACjB,GAAG,EAAE,cAAc;KACpB;CACF,CAAC;AAUoC,0BAAO;AAR7C,uEAAuE;AACvE,iEAAiE;AACjE,IAAM,aAAa,GAAG;IACpB,OAAO,EAAE,CAAC,eAAe,EAAE,cAAc,EAAE,qBAAqB,EAAE,0BAA0B,CAAC;IAC7F,QAAQ,EAAE,CAAC,eAAe,EAAE,cAAc,EAAE,qBAAqB,EAAE,0BAA0B,CAAC;IAC9F,UAAU,EAAE,CAAC,eAAe,EAAE,qBAAqB,EAAE,cAAc,EAAE,0BAA0B,EAAE,2BAA2B,CAAC;CAC9H,CAAC;AAE6C,sCAAa"}
|
package/build/src/utility.js
CHANGED
|
@@ -25,18 +25,7 @@ var __spreadArray = (this && this.__spreadArray) || function (to, from, pack) {
|
|
|
25
25
|
return to.concat(ar || Array.prototype.slice.call(from));
|
|
26
26
|
};
|
|
27
27
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
28
|
-
exports.zipObject =
|
|
29
|
-
exports.flattenDeep = flattenDeep;
|
|
30
|
-
exports.last = last;
|
|
31
|
-
exports.uniq = uniq;
|
|
32
|
-
exports.get = get;
|
|
33
|
-
exports.isString = isString;
|
|
34
|
-
exports.base64Decode = base64Decode;
|
|
35
|
-
exports.inflateString = inflateString;
|
|
36
|
-
exports.readPrivateKey = readPrivateKey;
|
|
37
|
-
exports.isNonEmptyArray = isNonEmptyArray;
|
|
38
|
-
exports.castArrayOpt = castArrayOpt;
|
|
39
|
-
exports.notEmpty = notEmpty;
|
|
28
|
+
exports.notEmpty = exports.castArrayOpt = exports.isNonEmptyArray = exports.readPrivateKey = exports.inflateString = exports.base64Decode = exports.isString = exports.get = exports.uniq = exports.last = exports.flattenDeep = exports.zipObject = void 0;
|
|
40
29
|
/**
|
|
41
30
|
* @file utility.ts
|
|
42
31
|
* @author tngan
|
|
@@ -68,6 +57,7 @@ function zipObject(arr1, arr2, skipDuplicated) {
|
|
|
68
57
|
return res;
|
|
69
58
|
}, {});
|
|
70
59
|
}
|
|
60
|
+
exports.zipObject = zipObject;
|
|
71
61
|
/**
|
|
72
62
|
* @desc Alternative to lodash.flattenDeep
|
|
73
63
|
* @reference https://github.com/you-dont-need/You-Dont-Need-Lodash-Underscore#_flattendeep
|
|
@@ -78,6 +68,7 @@ function flattenDeep(input) {
|
|
|
78
68
|
? input.reduce(function (a, b) { return a.concat(flattenDeep(b)); }, [])
|
|
79
69
|
: [input];
|
|
80
70
|
}
|
|
71
|
+
exports.flattenDeep = flattenDeep;
|
|
81
72
|
/**
|
|
82
73
|
* @desc Alternative to lodash.last
|
|
83
74
|
* @reference https://github.com/you-dont-need/You-Dont-Need-Lodash-Underscore#_last
|
|
@@ -86,6 +77,7 @@ function flattenDeep(input) {
|
|
|
86
77
|
function last(input) {
|
|
87
78
|
return input.slice(-1)[0];
|
|
88
79
|
}
|
|
80
|
+
exports.last = last;
|
|
89
81
|
/**
|
|
90
82
|
* @desc Alternative to lodash.uniq
|
|
91
83
|
* @reference https://github.com/you-dont-need/You-Dont-Need-Lodash-Underscore#_uniq
|
|
@@ -95,6 +87,7 @@ function uniq(input) {
|
|
|
95
87
|
var set = new Set(input);
|
|
96
88
|
return __spreadArray([], __read(set), false);
|
|
97
89
|
}
|
|
90
|
+
exports.uniq = uniq;
|
|
98
91
|
/**
|
|
99
92
|
* @desc Alternative to lodash.get
|
|
100
93
|
* @reference https://github.com/you-dont-need/You-Dont-Need-Lodash-Underscore#_get
|
|
@@ -106,6 +99,7 @@ function get(obj, path, defaultValue) {
|
|
|
106
99
|
return path.split('.')
|
|
107
100
|
.reduce(function (a, c) { return (a && a[c] ? a[c] : (defaultValue || null)); }, obj);
|
|
108
101
|
}
|
|
102
|
+
exports.get = get;
|
|
109
103
|
/**
|
|
110
104
|
* @desc Check if the input is string
|
|
111
105
|
* @param {any} input
|
|
@@ -113,6 +107,7 @@ function get(obj, path, defaultValue) {
|
|
|
113
107
|
function isString(input) {
|
|
114
108
|
return typeof input === 'string';
|
|
115
109
|
}
|
|
110
|
+
exports.isString = isString;
|
|
116
111
|
/**
|
|
117
112
|
* @desc Encode string with base64 format
|
|
118
113
|
* @param {string} message plain-text message
|
|
@@ -131,6 +126,7 @@ function base64Decode(base64Message, isBytes) {
|
|
|
131
126
|
var bytes = Buffer.from(base64Message, BASE64_STR);
|
|
132
127
|
return Boolean(isBytes) ? bytes : bytes.toString();
|
|
133
128
|
}
|
|
129
|
+
exports.base64Decode = base64Decode;
|
|
134
130
|
/**
|
|
135
131
|
* @desc Compress the string
|
|
136
132
|
* @param {string} message
|
|
@@ -152,6 +148,7 @@ function inflateString(compressedString) {
|
|
|
152
148
|
.map(function (byte) { return String.fromCharCode(byte); })
|
|
153
149
|
.join('');
|
|
154
150
|
}
|
|
151
|
+
exports.inflateString = inflateString;
|
|
155
152
|
/**
|
|
156
153
|
* @desc Abstract the normalizeCerString and normalizePemString
|
|
157
154
|
* @param {buffer} File stream or string
|
|
@@ -224,6 +221,7 @@ function getPublicKeyPemFromCertificate(x509Certificate) {
|
|
|
224
221
|
function readPrivateKey(keyString, passphrase, isOutputString) {
|
|
225
222
|
return isString(passphrase) ? this.convertToString(node_forge_1.pki.privateKeyToPem(node_forge_1.pki.decryptRsaPrivateKey(String(keyString), passphrase)), isOutputString) : keyString;
|
|
226
223
|
}
|
|
224
|
+
exports.readPrivateKey = readPrivateKey;
|
|
227
225
|
/**
|
|
228
226
|
* @desc Inline syntax sugar
|
|
229
227
|
*/
|
|
@@ -236,14 +234,17 @@ function convertToString(input, isOutputString) {
|
|
|
236
234
|
function isNonEmptyArray(a) {
|
|
237
235
|
return Array.isArray(a) && a.length > 0;
|
|
238
236
|
}
|
|
237
|
+
exports.isNonEmptyArray = isNonEmptyArray;
|
|
239
238
|
function castArrayOpt(a) {
|
|
240
239
|
if (a === undefined)
|
|
241
240
|
return [];
|
|
242
241
|
return Array.isArray(a) ? a : [a];
|
|
243
242
|
}
|
|
243
|
+
exports.castArrayOpt = castArrayOpt;
|
|
244
244
|
function notEmpty(value) {
|
|
245
245
|
return value !== null && value !== undefined;
|
|
246
246
|
}
|
|
247
|
+
exports.notEmpty = notEmpty;
|
|
247
248
|
var utility = {
|
|
248
249
|
isString: isString,
|
|
249
250
|
base64Encode: base64Encode,
|
package/build/src/utility.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utility.js","sourceRoot":"","sources":["../../src/utility.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"utility.js","sourceRoot":"","sources":["../../src/utility.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;EAIE;AACF,yCAA6C;AAC7C,6BAAwC;AAExC,IAAM,UAAU,GAAG,QAAQ,CAAC;AAE5B;;;;GAIG;AACH,SAAgB,SAAS,CAAC,IAAc,EAAE,IAAW,EAAE,cAAqB;IAArB,+BAAA,EAAA,qBAAqB;IAC1E,OAAO,IAAI,CAAC,MAAM,CAAC,UAAC,GAAG,EAAE,CAAC,EAAE,CAAC;QAE3B,IAAI,cAAc,EAAE;YAClB,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YACjB,OAAO,GAAG,CAAC;SACZ;QACD,2EAA2E;QAC3E,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,SAAS,EAAE;YACxB,GAAG,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC5B,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBACxB,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YAC7B,OAAO,GAAG,CAAC;SACZ;QAED,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACjB,OAAO,GAAG,CAAC;IAEb,CAAC,EAAE,EAAE,CAAC,CAAC;AACT,CAAC;AAnBD,8BAmBC;AACD;;;;GAIG;AACH,SAAgB,WAAW,CAAC,KAAY;IACtC,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QAC3B,CAAC,CAAC,KAAK,CAAC,MAAM,CAAE,UAAC,CAAC,EAAE,CAAC,IAAK,OAAA,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,EAAxB,CAAwB,EAAG,EAAE,CAAC;QACxD,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;AACZ,CAAC;AAJD,kCAIC;AACD;;;;GAIG;AACH,SAAgB,IAAI,CAAC,KAAY;IAC/B,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC5B,CAAC;AAFD,oBAEC;AACD;;;;GAIG;AACH,SAAgB,IAAI,CAAC,KAAe;IAClC,IAAM,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;IAC3B,gCAAY,GAAG,UAAE;AACnB,CAAC;AAHD,oBAGC;AACD;;;;;;GAMG;AACH,SAAgB,GAAG,CAAC,GAAG,EAAE,IAAI,EAAE,YAAY;IACzC,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC;SACrB,MAAM,CAAC,UAAC,CAAC,EAAE,CAAC,IAAK,OAAA,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,IAAI,IAAI,CAAC,CAAC,EAA3C,CAA2C,EAAE,GAAG,CAAC,CAAC;AACtE,CAAC;AAHD,kBAGC;AACD;;;GAGG;AACH,SAAgB,QAAQ,CAAC,KAAU;IACjC,OAAO,OAAO,KAAK,KAAK,QAAQ,CAAC;AACnC,CAAC;AAFD,4BAEC;AACD;;;;EAIE;AACF,SAAS,YAAY,CAAC,OAA0B;IAC9C,OAAO,MAAM,CAAC,IAAI,CAAC,OAAiB,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;AAC7D,CAAC;AACD;;;;;EAKE;AACF,SAAgB,YAAY,CAAC,aAAqB,EAAE,OAAiB;IACnE,IAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;IACrD,OAAO,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;AACrD,CAAC;AAHD,oCAGC;AACD;;;;EAIE;AACF,SAAS,aAAa,CAAC,OAAe;IACpC,IAAM,KAAK,GAAG,KAAK,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,UAAA,IAAI,IAAI,OAAA,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,EAAlB,CAAkB,CAAC,CAAC;IAC5E,OAAO,KAAK,CAAC,IAAI,CAAC,IAAA,cAAO,EAAC,KAAK,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACnD,CAAC;AACD;;;;EAIE;AACF,SAAgB,aAAa,CAAC,gBAAwB;IACpD,IAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,UAAU,CAAC,CAAC;IAC9D,IAAM,KAAK,GAAG,KAAK,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,UAAA,IAAI,IAAI,OAAA,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,EAAlB,CAAkB,CAAC,CAAC;IACnG,OAAO,KAAK,CAAC,IAAI,CAAC,IAAA,cAAO,EAAC,KAAK,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;SAC7C,GAAG,CAAC,UAAC,IAAY,IAAK,OAAA,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,EAAzB,CAAyB,CAAC;SAChD,IAAI,CAAC,EAAE,CAAC,CAAC;AACd,CAAC;AAND,sCAMC;AACD;;;;;EAKE;AACF,SAAS,mBAAmB,CAAC,GAAoB,EAAE,MAAc;IAC/D,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,qBAAc,MAAM,UAAO,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,mBAAY,MAAM,UAAO,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACnL,CAAC;AACD;;;;EAIE;AACF,SAAS,kBAAkB,CAAC,UAA2B;IACrD,OAAO,mBAAmB,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;AACxD,CAAC;AACD;;;;EAIE;AACF,SAAS,kBAAkB,CAAC,SAA0B;IACpD,OAAO,mBAAmB,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,iBAAiB,CAAC,CAAC;AACtE,CAAC;AACD;;;;EAIE;AACF,SAAS,UAAU,CAAC,GAAG;IACrB,OAAO,UAAG,GAAG,CAAC,QAAQ,gBAAM,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,SAAG,GAAG,CAAC,WAAW,CAAE,CAAC;AAClE,CAAC;AACD;;;;EAIE;AACF,SAAS,WAAW,CAAC,GAAG,EAAE,YAAiB;IAAjB,6BAAA,EAAA,iBAAiB;IACzC,OAAO,GAAG,IAAI,YAAY,CAAC;AAC7B,CAAC;AACD;;;;;EAKE;AACF,SAAS,YAAY,CAAC,IAAI,EAAE,IAAI;IAC9B,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;AACvC,CAAC;AACD;;;;EAIE;AACF,SAAS,8BAA8B,CAAC,eAAuB;IAC7D,IAAM,YAAY,GAAG,iBAAI,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC;IACpD,IAAM,GAAG,GAAG,iBAAI,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;IACvC,IAAM,IAAI,GAAG,gBAAG,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC;IAC1C,OAAO,gBAAG,CAAC,cAAc,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;AAC5C,CAAC;AACD;;;;;;EAME;AACF,SAAgB,cAAc,CAAC,SAA0B,EAAE,UAA8B,EAAE,cAAwB;IACjH,OAAO,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,gBAAG,CAAC,eAAe,CAAC,gBAAG,CAAC,oBAAoB,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,UAAU,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;AAC/J,CAAC;AAFD,wCAEC;AACD;;EAEE;AACF,SAAS,eAAe,CAAC,KAAK,EAAE,cAAc;IAC5C,OAAO,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;AACzD,CAAC;AACD;;GAEG;AACH,SAAgB,eAAe,CAAC,CAAC;IAC/B,OAAO,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;AAC1C,CAAC;AAFD,0CAEC;AAED,SAAgB,YAAY,CAAI,CAAW;IACzC,IAAI,CAAC,KAAK,SAAS;QAAE,OAAO,EAAE,CAAA;IAC9B,OAAO,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;AACnC,CAAC;AAHD,oCAGC;AAED,SAAgB,QAAQ,CAAS,KAAgC;IAC/D,OAAO,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS,CAAC;AAC/C,CAAC;AAFD,4BAEC;AAED,IAAM,OAAO,GAAG;IACd,QAAQ,UAAA;IACR,YAAY,cAAA;IACZ,YAAY,cAAA;IACZ,aAAa,eAAA;IACb,aAAa,eAAA;IACb,kBAAkB,oBAAA;IAClB,kBAAkB,oBAAA;IAClB,UAAU,YAAA;IACV,WAAW,aAAA;IACX,YAAY,cAAA;IACZ,8BAA8B,gCAAA;IAC9B,cAAc,gBAAA;IACd,eAAe,iBAAA;IACf,eAAe,iBAAA;CAChB,CAAC;AAEF,kBAAe,OAAO,CAAC"}
|
package/build/src/validator.js
CHANGED
|
@@ -16,7 +16,7 @@ var __read = (this && this.__read) || function (o, n) {
|
|
|
16
16
|
return ar;
|
|
17
17
|
};
|
|
18
18
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
19
|
-
exports.verifyTime =
|
|
19
|
+
exports.verifyTime = void 0;
|
|
20
20
|
function verifyTime(utcNotBefore, utcNotOnOrAfter, drift) {
|
|
21
21
|
if (drift === void 0) { drift = [0, 0]; }
|
|
22
22
|
var now = new Date();
|
|
@@ -41,4 +41,5 @@ function verifyTime(utcNotBefore, utcNotOnOrAfter, drift) {
|
|
|
41
41
|
return (+notBeforeLocal + notBeforeDrift <= +now &&
|
|
42
42
|
+now < +notOnOrAfterLocal + notOnOrAfterDrift);
|
|
43
43
|
}
|
|
44
|
+
exports.verifyTime = verifyTime;
|
|
44
45
|
//# sourceMappingURL=validator.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validator.js","sourceRoot":"","sources":["../../src/validator.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"validator.js","sourceRoot":"","sources":["../../src/validator.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;AAGA,SAAS,UAAU,CACjB,YAAgC,EAChC,eAAmC,EACnC,KAA8B;IAA9B,sBAAA,EAAA,SAAyB,CAAC,EAAE,CAAC,CAAC;IAG9B,IAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IAEvB,IAAI,CAAC,YAAY,IAAI,CAAC,eAAe,EAAE;QACrC,kHAAkH;QAClH,OAAO,CAAC,IAAI,CAAC,2FAA2F,CAAC,CAAC;QAC1G,OAAO,IAAI,CAAC;KACb;IAED,IAAI,cAAc,GAAgB,IAAI,CAAC;IACvC,IAAI,iBAAiB,GAAgB,IAAI,CAAC;IAEpC,IAAA,KAAA,OAAsC,KAAK,IAAA,EAA1C,cAAc,QAAA,EAAE,iBAAiB,QAAS,CAAC;IAElD,IAAI,YAAY,IAAI,CAAC,eAAe,EAAE;QACpC,cAAc,GAAG,IAAI,IAAI,CAAC,YAAY,CAAC,CAAC;QACxC,OAAO,CAAC,cAAc,GAAG,cAAc,IAAI,CAAC,GAAG,CAAC;KACjD;IACD,IAAI,CAAC,YAAY,IAAI,eAAe,EAAE;QACpC,iBAAiB,GAAG,IAAI,IAAI,CAAC,eAAe,CAAC,CAAC;QAC9C,OAAO,CAAC,GAAG,GAAG,CAAC,iBAAiB,GAAG,iBAAiB,CAAC;KACtD;IAED,cAAc,GAAG,IAAI,IAAI,CAAC,YAAa,CAAC,CAAC;IACzC,iBAAiB,GAAG,IAAI,IAAI,CAAC,eAAgB,CAAC,CAAC;IAE/C,OAAO,CACL,CAAC,cAAc,GAAG,cAAc,IAAI,CAAC,GAAG;QACxC,CAAC,GAAG,GAAG,CAAC,iBAAiB,GAAG,iBAAiB,CAC9C,CAAC;AAEJ,CAAC;AAGC,gCAAU"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "samlify",
|
|
3
|
-
"version": "2.10.
|
|
3
|
+
"version": "2.10.2",
|
|
4
4
|
"description": "High-level API for Single Sign On (SAML 2.0)",
|
|
5
5
|
"main": "build/index.js",
|
|
6
6
|
"keywords": [
|
|
@@ -13,12 +13,15 @@
|
|
|
13
13
|
"typings": "types/index.d.ts",
|
|
14
14
|
"scripts": {
|
|
15
15
|
"build": "yarn audit;make rebuild",
|
|
16
|
-
"docs": "
|
|
16
|
+
"docs:dev": "vitepress dev docs",
|
|
17
|
+
"docs:build": "vitepress build docs",
|
|
18
|
+
"docs:preview": "vitepress preview docs",
|
|
17
19
|
"lint": "tslint -p .",
|
|
18
20
|
"lint:fix": "tslint -p . --fix",
|
|
19
21
|
"pretest": "make pretest",
|
|
20
|
-
"test": "NODE_ENV=test
|
|
21
|
-
"
|
|
22
|
+
"test": "NODE_ENV=test vitest run",
|
|
23
|
+
"test:watch": "NODE_ENV=test vitest",
|
|
24
|
+
"coverage": "vitest run --coverage",
|
|
22
25
|
"hooks:postinstall": "ln -sf $PWD/.pre-commit.sh $PWD/.git/hooks/pre-commit"
|
|
23
26
|
},
|
|
24
27
|
"contributors": [
|
|
@@ -39,35 +42,23 @@
|
|
|
39
42
|
"pako": "^1.0.10",
|
|
40
43
|
"uuid": "^8.3.2",
|
|
41
44
|
"xml": "^1.0.1",
|
|
42
|
-
"xml-crypto": "^6.1.
|
|
45
|
+
"xml-crypto": "^6.1.2",
|
|
43
46
|
"xml-escape": "^1.1.0",
|
|
44
47
|
"xpath": "^0.0.32"
|
|
45
48
|
},
|
|
46
49
|
"devDependencies": {
|
|
47
|
-
"@
|
|
50
|
+
"@authenio/samlify-xsd-schema-validator": "^1.0.5",
|
|
48
51
|
"@types/node": "^11.11.3",
|
|
49
52
|
"@types/node-forge": "^1.0.1",
|
|
50
53
|
"@types/node-rsa": "^1.1.1",
|
|
51
54
|
"@types/pako": "^1.0.1",
|
|
52
55
|
"@types/uuid": "^8.3.4",
|
|
53
56
|
"@types/xmldom": "^0.1.31",
|
|
54
|
-
"ava": "^4.1.0",
|
|
55
|
-
"coveralls": "^3.1.1",
|
|
56
|
-
"nyc": "^15.1.0",
|
|
57
57
|
"timekeeper": "^2.2.0",
|
|
58
58
|
"ts-node": "^10.7.0",
|
|
59
59
|
"tslint": "^6.1.3",
|
|
60
|
-
"typescript": "^4.4.2"
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
"extensions": [
|
|
64
|
-
"ts"
|
|
65
|
-
],
|
|
66
|
-
"require": [
|
|
67
|
-
"ts-node/register"
|
|
68
|
-
],
|
|
69
|
-
"files": [
|
|
70
|
-
"!**/*.d.ts"
|
|
71
|
-
]
|
|
60
|
+
"typescript": "^4.4.2",
|
|
61
|
+
"vitepress": "^1.0.0",
|
|
62
|
+
"vitest": "^1.0.0"
|
|
72
63
|
}
|
|
73
64
|
}
|
package/src/flow.ts
CHANGED
|
@@ -208,34 +208,35 @@ async function postFlow(options): Promise<FlowResult> {
|
|
|
208
208
|
|
|
209
209
|
// verify the signatures (the response is encrypted then signed, then verify first then decrypt)
|
|
210
210
|
if (
|
|
211
|
-
checkSignature
|
|
212
|
-
from.entitySetting.messageSigningOrder === MessageSignatureOrder.ETS
|
|
211
|
+
checkSignature
|
|
213
212
|
) {
|
|
213
|
+
// VerifiedAssertionNode is signed. Depending on use case, it may actually be a Response Node
|
|
214
214
|
const [verified, verifiedAssertionNode] = libsaml.verifySignature(samlContent, verificationOptions);
|
|
215
|
-
if (!verified) {
|
|
216
|
-
return Promise.reject('ERR_FAIL_TO_VERIFY_ETS_SIGNATURE');
|
|
217
|
-
}
|
|
218
|
-
if (!decryptRequired) {
|
|
219
|
-
extractorFields = getDefaultExtractorFields(parserType, verifiedAssertionNode);
|
|
220
|
-
}
|
|
221
|
-
}
|
|
222
215
|
|
|
223
|
-
|
|
224
|
-
|
|
225
|
-
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
|
|
235
|
-
|
|
216
|
+
// First two cases are encrypted assertion cases
|
|
217
|
+
// This case the verifiedAssertionNode is actually a response
|
|
218
|
+
if (decryptRequired && verified && parserType === 'SAMLResponse' && verifiedAssertionNode) {
|
|
219
|
+
// now it is extracted from solely signed contents
|
|
220
|
+
const result = await libsaml.decryptAssertion(self, verifiedAssertionNode);
|
|
221
|
+
samlContent = result[0];
|
|
222
|
+
// extractor depends on signed content
|
|
223
|
+
extractorFields = getDefaultExtractorFields(parserType, result[1]);
|
|
224
|
+
} else if (decryptRequired && !verified) {
|
|
225
|
+
// Encrypted Assertion, the assertion is signed
|
|
226
|
+
const result = await libsaml.decryptAssertion(self, samlContent);
|
|
227
|
+
const decryptedDoc = result[0];
|
|
228
|
+
const [decryptedDocVerified, verifiedDecryptedAssertion] = libsaml.verifySignature(decryptedDoc, verificationOptions);
|
|
229
|
+
if (decryptedDocVerified) {
|
|
230
|
+
// extractor depends on signed content
|
|
231
|
+
extractorFields = getDefaultExtractorFields(parserType, verifiedDecryptedAssertion);
|
|
232
|
+
} else {
|
|
233
|
+
return Promise.reject('FAILED_TO_VERIFY_SIGNATURE');
|
|
234
|
+
}
|
|
235
|
+
} else if (verified) {
|
|
236
|
+
// extractor depends on signed content
|
|
236
237
|
extractorFields = getDefaultExtractorFields(parserType, verifiedAssertionNode);
|
|
237
238
|
} else {
|
|
238
|
-
return Promise.reject('
|
|
239
|
+
return Promise.reject('FAILED_TO_VERIFY_SIGNATURE');
|
|
239
240
|
}
|
|
240
241
|
}
|
|
241
242
|
|
package/src/libsaml.ts
CHANGED
|
@@ -366,7 +366,7 @@ const libSaml = () => {
|
|
|
366
366
|
* - The first element is `true` if the signature is valid, `false` otherwise.
|
|
367
367
|
* - The second element is the cryptographically authenticated assertion node as a string, or `null` if not found.
|
|
368
368
|
*/
|
|
369
|
-
verifySignature(xml: string, opts: SignatureVerifierOptions) {
|
|
369
|
+
verifySignature(xml: string, opts: SignatureVerifierOptions) : [boolean, string | null] {
|
|
370
370
|
const { dom } = getContext();
|
|
371
371
|
const doc = dom.parseFromString(xml);
|
|
372
372
|
|
|
@@ -395,10 +395,9 @@ const libSaml = () => {
|
|
|
395
395
|
|
|
396
396
|
// guarantee to have a signature in saml response
|
|
397
397
|
if (selection.length === 0) {
|
|
398
|
-
|
|
398
|
+
return [false, null]; // we return false now
|
|
399
399
|
}
|
|
400
400
|
|
|
401
|
-
|
|
402
401
|
// need to refactor later on
|
|
403
402
|
for (const signatureNode of selection){
|
|
404
403
|
const sig = new SignedXml();
|
|
@@ -457,18 +456,15 @@ const libSaml = () => {
|
|
|
457
456
|
|
|
458
457
|
sig.loadSignature(signatureNode);
|
|
459
458
|
|
|
460
|
-
doc.removeChild(signatureNode);
|
|
461
|
-
|
|
462
459
|
verified = sig.checkSignature(doc.toString());
|
|
463
460
|
|
|
464
461
|
// immediately throw error when any one of the signature is failed to get verified
|
|
465
462
|
if (!verified) {
|
|
466
|
-
|
|
463
|
+
continue;
|
|
464
|
+
// throw new Error('ERR_FAILED_TO_VERIFY_SIGNATURE');
|
|
467
465
|
}
|
|
468
|
-
//
|
|
469
|
-
|
|
470
|
-
// mainly a sanity check here for SAML. (Although ours would still be secure, if multiple references are used)
|
|
471
|
-
if (!(sig.getReferences().length >= 1)) {
|
|
466
|
+
// Require there to be at least one reference that was signed
|
|
467
|
+
if (!(sig.getSignedReferences().length >= 1)) {
|
|
472
468
|
throw new Error('NO_SIGNATURE_REFERENCES')
|
|
473
469
|
}
|
|
474
470
|
const signedVerifiedXML = sig.getSignedReferences()[0];
|
|
@@ -476,15 +472,25 @@ const libSaml = () => {
|
|
|
476
472
|
// process the verified signature:
|
|
477
473
|
// case 1, rootSignedDoc is a response:
|
|
478
474
|
if (rootNode.localName === 'Response') {
|
|
479
|
-
|
|
480
475
|
// try getting the Xml from the first assertion
|
|
481
476
|
const assertions = select(
|
|
482
477
|
"./*[local-name()='Assertion']",
|
|
483
478
|
rootNode
|
|
484
479
|
);
|
|
480
|
+
|
|
481
|
+
const encryptedAssertions = select(
|
|
482
|
+
"./*[local-name()='EncryptedAssertion']",
|
|
483
|
+
rootNode
|
|
484
|
+
);
|
|
485
485
|
// now we can process the assertion as an assertion
|
|
486
486
|
if (assertions.length === 1) {
|
|
487
487
|
return [true, assertions[0].toString()];
|
|
488
|
+
} else if (encryptedAssertions.length >= 1) {
|
|
489
|
+
return [true, rootNode.toString()]; // we need to return a Response node, which will be decrypted later
|
|
490
|
+
} else {
|
|
491
|
+
// something has gone seriously wrong here.
|
|
492
|
+
// we don't have any assertion to give back
|
|
493
|
+
return [true, null]
|
|
488
494
|
}
|
|
489
495
|
} else if (rootNode.localName === 'Assertion') {
|
|
490
496
|
return [true, rootNode.toString()];
|
|
@@ -492,9 +498,8 @@ const libSaml = () => {
|
|
|
492
498
|
return [true, null]; // signature is valid. But there is no assertion node here. It could be metadata node, hence return null
|
|
493
499
|
}
|
|
494
500
|
};
|
|
501
|
+
return [false, null]; // we didn't verify anything, none of the signatures are valid
|
|
495
502
|
|
|
496
|
-
// something has gone seriously wrong if we are still here
|
|
497
|
-
throw new Error('ERR_ZERO_SIGNATURE');
|
|
498
503
|
|
|
499
504
|
/*
|
|
500
505
|
// response must be signed, either entire document or assertion
|
package/tsconfig.json
CHANGED
|
@@ -14,6 +14,7 @@
|
|
|
14
14
|
"removeComments": false,
|
|
15
15
|
"strictNullChecks": true,
|
|
16
16
|
"esModuleInterop": true,
|
|
17
|
+
"skipLibCheck": true,
|
|
17
18
|
"paths": {},
|
|
18
19
|
"lib": [
|
|
19
20
|
"dom",
|
|
@@ -24,10 +25,16 @@
|
|
|
24
25
|
]
|
|
25
26
|
},
|
|
26
27
|
"atom": { "rewriteTsconfig": false },
|
|
28
|
+
"include": [
|
|
29
|
+
"src/**/*.ts",
|
|
30
|
+
"index.ts"
|
|
31
|
+
],
|
|
27
32
|
"exclude": [
|
|
28
33
|
"node_modules",
|
|
29
34
|
"types/**/*.ts",
|
|
30
|
-
"test/**/*.ts"
|
|
35
|
+
"test/**/*.ts",
|
|
36
|
+
"build",
|
|
37
|
+
"docs"
|
|
31
38
|
],
|
|
32
39
|
"compileOnSave": false,
|
|
33
40
|
"buildOnSave": false
|
|
@@ -19,7 +19,7 @@ declare function base64LoginRequest(referenceTagXPath: string, entity: any, cust
|
|
|
19
19
|
* @param {function} customTagReplacement used when developers have their own login response template
|
|
20
20
|
* @param {boolean} encryptThenSign whether or not to encrypt then sign first (if signing). Defaults to sign-then-encrypt
|
|
21
21
|
*/
|
|
22
|
-
declare function base64LoginResponse(requestInfo: any
|
|
22
|
+
declare function base64LoginResponse(requestInfo: any, entity: any, user?: any, customTagReplacement?: (template: string) => BindingContext, encryptThenSign?: boolean): Promise<BindingContext>;
|
|
23
23
|
/**
|
|
24
24
|
* @desc Generate a base64 encoded logout request
|
|
25
25
|
* @param {object} user current logged user (e.g. req.user)
|
|
@@ -31,7 +31,7 @@ declare function base64LoginRequest(entity: any, customTagReplacement?: (templat
|
|
|
31
31
|
* @param {string} relayState the relay state
|
|
32
32
|
* @param {function} customTagReplacement used when developers have their own login response template
|
|
33
33
|
*/
|
|
34
|
-
declare function base64LoginResponse(requestInfo: any
|
|
34
|
+
declare function base64LoginResponse(requestInfo: any, entity: any, user?: any, relayState?: string, customTagReplacement?: (template: string) => BindingContext): Promise<BindingSimpleSignContext>;
|
|
35
35
|
declare const simpleSignBinding: {
|
|
36
36
|
base64LoginRequest: typeof base64LoginRequest;
|
|
37
37
|
base64LoginResponse: typeof base64LoginResponse;
|
package/types/src/entity.d.ts
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
/// <reference types="node" />
|
|
1
2
|
import { IdpMetadata as IdpMetadataConstructor } from './metadata-idp';
|
|
2
3
|
import { SpMetadata as SpMetadataConstructor } from './metadata-sp';
|
|
3
4
|
import { MetadataIdpConstructor, MetadataSpConstructor, EntitySetting } from './types';
|
|
@@ -30,7 +31,7 @@ export interface ParseResult {
|
|
|
30
31
|
extract: any;
|
|
31
32
|
sigAlg: string;
|
|
32
33
|
}
|
|
33
|
-
export type EntityConstructor = (MetadataIdpConstructor | MetadataSpConstructor) & {
|
|
34
|
+
export declare type EntityConstructor = (MetadataIdpConstructor | MetadataSpConstructor) & {
|
|
34
35
|
metadata?: string | Buffer;
|
|
35
36
|
};
|
|
36
37
|
export default class Entity {
|