samlify 2.9.1 → 2.10.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/index.js +17 -7
- package/build/index.js.map +1 -1
- package/build/src/api.js +3 -4
- package/build/src/api.js.map +1 -1
- package/build/src/binding-post.js +25 -15
- package/build/src/binding-post.js.map +1 -1
- package/build/src/binding-redirect.js +17 -7
- package/build/src/binding-redirect.js.map +1 -1
- package/build/src/binding-simplesign.js +24 -14
- package/build/src/binding-simplesign.js.map +1 -1
- package/build/src/entity-idp.js +4 -4
- package/build/src/entity-idp.js.map +1 -1
- package/build/src/entity-sp.js +2 -2
- package/build/src/entity-sp.js.map +1 -1
- package/build/src/entity.js +17 -7
- package/build/src/entity.js.map +1 -1
- package/build/src/extractor.js +2 -2
- package/build/src/extractor.js.map +1 -1
- package/build/src/flow.js +4 -5
- package/build/src/flow.js.map +1 -1
- package/build/src/libsaml.js +156 -74
- package/build/src/libsaml.js.map +1 -1
- package/build/src/metadata-idp.js +9 -9
- package/build/src/metadata-idp.js.map +1 -1
- package/build/src/metadata-sp.js +9 -9
- package/build/src/metadata-sp.js.map +1 -1
- package/build/src/metadata.js +17 -7
- package/build/src/metadata.js.map +1 -1
- package/build/src/urn.js +4 -4
- package/build/src/urn.js.map +1 -1
- package/build/src/utility.js +12 -13
- package/build/src/utility.js.map +1 -1
- package/build/src/validator.js +1 -2
- package/build/src/validator.js.map +1 -1
- package/package.json +2 -2
- package/src/libsaml.ts +73 -36
- package/types/src/binding-post.d.ts +1 -1
- package/types/src/binding-simplesign.d.ts +1 -1
- package/types/src/entity.d.ts +1 -2
- package/types/src/extractor.d.ts +1 -1
- package/types/src/libsaml.d.ts +14 -10
- package/types/src/metadata.d.ts +0 -1
- package/types/src/types.d.ts +7 -8
- package/types/src/utility.d.ts +1 -2
- package/types/src/validator.d.ts +1 -1
package/build/src/metadata-sp.js
CHANGED
|
@@ -30,6 +30,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
30
30
|
};
|
|
31
31
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
32
32
|
exports.SpMetadata = void 0;
|
|
33
|
+
exports.default = default_1;
|
|
33
34
|
/**
|
|
34
35
|
* @file metadata-sp.ts
|
|
35
36
|
* @author tngan
|
|
@@ -46,22 +47,21 @@ var xml_1 = __importDefault(require("xml"));
|
|
|
46
47
|
function default_1(meta) {
|
|
47
48
|
return new SpMetadata(meta);
|
|
48
49
|
}
|
|
49
|
-
exports.default = default_1;
|
|
50
50
|
/**
|
|
51
51
|
* @desc SP Metadata is for creating Service Provider, provides a set of API to manage the actions in SP.
|
|
52
52
|
*/
|
|
53
53
|
var SpMetadata = /** @class */ (function (_super) {
|
|
54
|
-
var e_1, _a, e_2, _b;
|
|
55
54
|
__extends(SpMetadata, _super);
|
|
56
55
|
/**
|
|
57
56
|
* @param {object/string} meta (either xml string or configuration in object)
|
|
58
57
|
* @return {object} prototypes including public functions
|
|
59
58
|
*/
|
|
60
59
|
function SpMetadata(meta) {
|
|
60
|
+
var e_1, _a, e_2, _b;
|
|
61
61
|
var isFile = (0, utility_1.isString)(meta) || meta instanceof Buffer;
|
|
62
62
|
// use object configuration instead of importing metadata file directly
|
|
63
63
|
if (!isFile) {
|
|
64
|
-
var
|
|
64
|
+
var _c = meta, _d = _c.elementsOrder, elementsOrder = _d === void 0 ? urn_1.elementsOrder.default : _d, entityID = _c.entityID, signingCert = _c.signingCert, encryptCert = _c.encryptCert, _e = _c.authnRequestsSigned, authnRequestsSigned = _e === void 0 ? false : _e, _f = _c.wantAssertionsSigned, wantAssertionsSigned = _f === void 0 ? false : _f, _g = _c.wantMessageSigned, wantMessageSigned = _g === void 0 ? false : _g, signatureConfig = _c.signatureConfig, _h = _c.nameIDFormat, nameIDFormat = _h === void 0 ? [] : _h, _j = _c.singleLogoutService, singleLogoutService = _j === void 0 ? [] : _j, _k = _c.assertionConsumerService, assertionConsumerService = _k === void 0 ? [] : _k;
|
|
65
65
|
var descriptors_1 = {
|
|
66
66
|
KeyDescriptor: [],
|
|
67
67
|
NameIDFormat: [],
|
|
@@ -80,28 +80,28 @@ var SpMetadata = /** @class */ (function (_super) {
|
|
|
80
80
|
console.warn('Construct service provider - missing signatureConfig');
|
|
81
81
|
}
|
|
82
82
|
try {
|
|
83
|
-
for (var
|
|
84
|
-
var cert =
|
|
83
|
+
for (var _l = __values((0, utility_1.castArrayOpt)(signingCert)), _m = _l.next(); !_m.done; _m = _l.next()) {
|
|
84
|
+
var cert = _m.value;
|
|
85
85
|
descriptors_1.KeyDescriptor.push(libsaml_1.default.createKeySection('signing', cert).KeyDescriptor);
|
|
86
86
|
}
|
|
87
87
|
}
|
|
88
88
|
catch (e_1_1) { e_1 = { error: e_1_1 }; }
|
|
89
89
|
finally {
|
|
90
90
|
try {
|
|
91
|
-
if (
|
|
91
|
+
if (_m && !_m.done && (_a = _l.return)) _a.call(_l);
|
|
92
92
|
}
|
|
93
93
|
finally { if (e_1) throw e_1.error; }
|
|
94
94
|
}
|
|
95
95
|
try {
|
|
96
|
-
for (var
|
|
97
|
-
var cert =
|
|
96
|
+
for (var _o = __values((0, utility_1.castArrayOpt)(encryptCert)), _p = _o.next(); !_p.done; _p = _o.next()) {
|
|
97
|
+
var cert = _p.value;
|
|
98
98
|
descriptors_1.KeyDescriptor.push(libsaml_1.default.createKeySection('encryption', cert).KeyDescriptor);
|
|
99
99
|
}
|
|
100
100
|
}
|
|
101
101
|
catch (e_2_1) { e_2 = { error: e_2_1 }; }
|
|
102
102
|
finally {
|
|
103
103
|
try {
|
|
104
|
-
if (
|
|
104
|
+
if (_p && !_p.done && (_b = _o.return)) _b.call(_o);
|
|
105
105
|
}
|
|
106
106
|
finally { if (e_2) throw e_2.error; }
|
|
107
107
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"metadata-sp.js","sourceRoot":"","sources":["../../src/metadata-sp.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"metadata-sp.js","sourceRoot":"","sources":["../../src/metadata-sp.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA4BA,4BAEC;AA9BD;;;;EAIE;AACF,wDAAyD;AAEzD,6BAA0D;AAC1D,sDAAgC;AAChC,qCAAoE;AACpE,4CAAsB;AAetB;;GAEG;AACH,mBAAwB,IAA2B;IACjD,OAAO,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC;AAC9B,CAAC;AAED;;EAEE;AACF;IAAgC,8BAAQ;IAEtC;;;MAGE;IACF,oBAAY,IAA2B;;QAErC,IAAM,MAAM,GAAG,IAAA,kBAAQ,EAAC,IAAI,CAAC,IAAI,IAAI,YAAY,MAAM,CAAC;QAExD,uEAAuE;QACvE,IAAI,CAAC,MAAM,EAAE,CAAC;YAEN,IAAA,KAYF,IAAyB,EAX3B,qBAA6B,EAA7B,aAAa,mBAAG,mBAAK,CAAC,OAAO,KAAA,EAC7B,QAAQ,cAAA,EACR,WAAW,iBAAA,EACX,WAAW,iBAAA,EACX,2BAA2B,EAA3B,mBAAmB,mBAAG,KAAK,KAAA,EAC3B,4BAA4B,EAA5B,oBAAoB,mBAAG,KAAK,KAAA,EAC5B,yBAAyB,EAAzB,iBAAiB,mBAAG,KAAK,KAAA,EACzB,eAAe,qBAAA,EACf,oBAAiB,EAAjB,YAAY,mBAAG,EAAE,KAAA,EACjB,2BAAwB,EAAxB,mBAAmB,mBAAG,EAAE,KAAA,EACxB,gCAA6B,EAA7B,wBAAwB,mBAAG,EAAE,KACF,CAAC;YAE9B,IAAM,aAAW,GAAgB;gBAC/B,aAAa,EAAE,EAAE;gBACjB,YAAY,EAAE,EAAE;gBAChB,mBAAmB,EAAE,EAAE;gBACvB,wBAAwB,EAAE,EAAE;gBAC5B,yBAAyB,EAAE,EAAE;aAC9B,CAAC;YAEF,IAAM,iBAAe,GAAU,CAAC;oBAC9B,KAAK,EAAE;wBACL,mBAAmB,EAAE,MAAM,CAAC,mBAAmB,CAAC;wBAChD,oBAAoB,EAAE,MAAM,CAAC,oBAAoB,CAAC;wBAClD,0BAA0B,EAAE,eAAS,CAAC,KAAK,CAAC,QAAQ;qBACrD;iBACF,CAAC,CAAC;YAEH,IAAI,iBAAiB,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;gBACvD,OAAO,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC;YACvE,CAAC;;gBAED,KAAkB,IAAA,KAAA,SAAA,IAAA,sBAAY,EAAC,WAAW,CAAC,CAAA,gBAAA,4BAAE,CAAC;oBAA1C,IAAM,IAAI,WAAA;oBACZ,aAAW,CAAC,aAAc,CAAC,IAAI,CAAC,iBAAO,CAAC,gBAAgB,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC,aAAa,CAAC,CAAC;gBAC3F,CAAC;;;;;;;;;;gBAED,KAAkB,IAAA,KAAA,SAAA,IAAA,sBAAY,EAAC,WAAW,CAAC,CAAA,gBAAA,4BAAE,CAAC;oBAA1C,IAAM,IAAI,WAAA;oBACZ,aAAW,CAAC,aAAc,CAAC,IAAI,CAAC,iBAAO,CAAC,gBAAgB,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC,aAAa,CAAC,CAAC;gBAC9F,CAAC;;;;;;;;;YAED,IAAI,IAAA,yBAAe,EAAC,YAAY,CAAC,EAAE,CAAC;gBAClC,YAAY,CAAC,OAAO,CAAC,UAAA,CAAC,IAAI,OAAA,aAAW,CAAC,YAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAjC,CAAiC,CAAC,CAAC;YAC/D,CAAC;iBAAM,CAAC;gBACN,gBAAgB;gBAChB,aAAW,CAAC,YAAa,CAAC,IAAI,CAAC,eAAS,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;YAChE,CAAC;YAED,IAAI,IAAA,yBAAe,EAAC,mBAAmB,CAAC,EAAE,CAAC;gBACzC,mBAAmB,CAAC,OAAO,CAAC,UAAA,CAAC;oBAC3B,IAAM,IAAI,GAAQ;wBAChB,OAAO,EAAE,CAAC,CAAC,OAAO;wBAClB,QAAQ,EAAE,CAAC,CAAC,QAAQ;qBACrB,CAAC;oBACF,IAAI,CAAC,CAAC,SAAS,EAAE,CAAC;wBAChB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;oBACxB,CAAC;oBACD,aAAW,CAAC,mBAAoB,CAAC,IAAI,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;gBAC3D,CAAC,CAAC,CAAC;YACL,CAAC;YAED,IAAI,IAAA,yBAAe,EAAC,wBAAwB,CAAC,EAAE,CAAC;gBAC9C,IAAI,YAAU,GAAG,CAAC,CAAC;gBACnB,wBAAwB,CAAC,OAAO,CAAC,UAAA,CAAC;oBAChC,IAAM,IAAI,GAAQ;wBAChB,KAAK,EAAE,MAAM,CAAC,YAAU,EAAE,CAAC;wBAC3B,OAAO,EAAE,CAAC,CAAC,OAAO;wBAClB,QAAQ,EAAE,CAAC,CAAC,QAAQ;qBACrB,CAAC;oBACF,IAAI,CAAC,CAAC,SAAS,EAAE,CAAC;wBAChB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;oBACxB,CAAC;oBACD,aAAW,CAAC,wBAAyB,CAAC,IAAI,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;gBAChE,CAAC,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,gEAAgE;YAClE,CAAC;YAED,uBAAuB;YACvB,IAAM,eAAe,GAAG,aAAa,CAAC,MAAM,CAAC,UAAA,IAAI,IAAI,OAAA,IAAA,yBAAe,EAAC,aAAW,CAAC,IAAI,CAAC,CAAC,EAAlC,CAAkC,CAAC,CAAC;YACzF,eAAe,CAAC,OAAO,CAAC,UAAA,IAAI;gBAC1B,aAAW,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,UAAA,CAAC;;oBAAI,OAAA,iBAAe,CAAC,IAAI,WAAG,GAAC,IAAI,IAAG,CAAC,MAAG;gBAAnC,CAAmC,CAAC,CAAC;YACtE,CAAC,CAAC,CAAC;YAEH,0FAA0F;YAC1F,IAAI,GAAG,IAAA,aAAG,EAAC,CAAC;oBACV,gBAAgB,EAAE,CAAC;4BACjB,KAAK,EAAE;gCACL,QAAQ,UAAA;gCACR,OAAO,EAAE,eAAS,CAAC,KAAK,CAAC,QAAQ;gCACjC,iBAAiB,EAAE,eAAS,CAAC,KAAK,CAAC,SAAS;gCAC5C,UAAU,EAAE,oCAAoC;6BACjD;yBACF,EAAE,EAAE,eAAe,mBAAA,EAAE,CAAC;iBACxB,CAAC,CAAC,CAAC;QAEN,CAAC;QAED,iDAAiD;QACjD,OAAA,MAAK,YAAC,IAAuB,EAAE;YAC7B;gBACE,GAAG,EAAE,iBAAiB;gBACtB,SAAS,EAAE,CAAC,kBAAkB,EAAE,iBAAiB,CAAC;gBAClD,UAAU,EAAE,CAAC,sBAAsB,EAAE,qBAAqB,CAAC;aAC5D;YACD;gBACE,GAAG,EAAE,0BAA0B;gBAC/B,SAAS,EAAE,CAAC,kBAAkB,EAAE,iBAAiB,EAAE,0BAA0B,CAAC;gBAC9E,UAAU,EAAE,CAAC,SAAS,EAAE,UAAU,EAAE,WAAW,EAAE,OAAO,CAAC;aAC1D;SACF,CAAC,SAAC;IAEL,CAAC;IAED;;;MAGE;IACK,2CAAsB,GAA7B;QACE,OAAO,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,oBAAoB,KAAK,MAAM,CAAC;IACnE,CAAC;IACD;;;MAGE;IACK,yCAAoB,GAA3B;QACE,OAAO,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,mBAAmB,KAAK,MAAM,CAAC;IAClE,CAAC;IACD;;;;MAIE;IACK,gDAA2B,GAAlC,UAAmC,OAAe;QAChD,IAAI,IAAA,kBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC;YACtB,IAAI,UAAQ,CAAC;YACb,IAAM,UAAQ,GAAG,eAAS,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAC5C,IAAI,IAAA,yBAAe,EAAC,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,EAAE,CAAC;gBACxD,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,OAAO,CAAC,UAAA,GAAG;oBAC5C,IAAI,GAAG,CAAC,OAAO,KAAK,UAAQ,EAAE,CAAC;wBAC7B,UAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;wBACxB,OAAO;oBACT,CAAC;gBACH,CAAC,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,IAAI,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,OAAO,KAAK,UAAQ,EAAE,CAAC;oBAC5D,UAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,QAAQ,CAAC;gBACzD,CAAC;YACH,CAAC;YACD,OAAO,UAAQ,CAAC;QAClB,CAAC;QACD,OAAO,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC;IAC5C,CAAC;IACH,iBAAC;AAAD,CAAC,AAvKD,CAAgC,kBAAQ,GAuKvC;AAvKY,gCAAU"}
|
package/build/src/metadata.js
CHANGED
|
@@ -15,13 +15,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
|
|
|
15
15
|
}) : function(o, v) {
|
|
16
16
|
o["default"] = v;
|
|
17
17
|
});
|
|
18
|
-
var __importStar = (this && this.__importStar) || function (
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
};
|
|
18
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
+
var ownKeys = function(o) {
|
|
20
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
+
var ar = [];
|
|
22
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
+
return ar;
|
|
24
|
+
};
|
|
25
|
+
return ownKeys(o);
|
|
26
|
+
};
|
|
27
|
+
return function (mod) {
|
|
28
|
+
if (mod && mod.__esModule) return mod;
|
|
29
|
+
var result = {};
|
|
30
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
+
__setModuleDefault(result, mod);
|
|
32
|
+
return result;
|
|
33
|
+
};
|
|
34
|
+
})();
|
|
25
35
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
26
36
|
/**
|
|
27
37
|
* @file metadata.ts
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"metadata.js","sourceRoot":"","sources":["../../src/metadata.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"metadata.js","sourceRoot":"","sources":["../../src/metadata.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;EAIE;AACF,qCAAyB;AACzB,6BAAkC;AAClC,yCAAsC;AACtC,qCAAqC;AAarC;IAKE;;;MAGE;IACF,kBAAY,GAAoB,EAAE,UAAoB;QAApB,2BAAA,EAAA,eAAoB;QACpD,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QAChC,IAAI,CAAC,IAAI,GAAG,IAAA,mBAAO,EAAC,IAAI,CAAC,SAAS,EAAE,UAAU,CAAC,MAAM,CAAC;YACpD;gBACE,GAAG,EAAE,kBAAkB;gBACvB,SAAS,EAAE,CAAC,kBAAkB,CAAC;gBAC/B,UAAU,EAAE,EAAE;gBACd,OAAO,EAAE,IAAI;aACd;YACD;gBACE,GAAG,EAAE,UAAU;gBACf,SAAS,EAAE,CAAC,kBAAkB,CAAC;gBAC/B,UAAU,EAAE,CAAC,UAAU,CAAC;aACzB;YACD;gBACE,qDAAqD;gBACrD,GAAG,EAAE,mBAAmB;gBACxB,SAAS,EAAE,CAAC,kBAAkB,EAAE,gBAAgB,EAAE,eAAe,EAAE,SAAS,EAAE,UAAU,EAAE,iBAAiB,CAAC;gBAC5G,UAAU,EAAE,EAAE;aACf;YACD;gBACE,8DAA8D;gBAC9D,GAAG,EAAE,aAAa;gBAClB,SAAS,EAAE,CAAC,kBAAkB,EAAE,gBAAgB,EAAE,eAAe,CAAC;gBAClE,KAAK,EAAE,CAAC,KAAK,CAAC;gBACd,aAAa,EAAE,CAAC,SAAS,EAAE,UAAU,EAAE,iBAAiB,CAAC;gBACzD,UAAU,EAAE,EAAE;aACf;YACD;gBACE,GAAG,EAAE,qBAAqB;gBAC1B,SAAS,EAAE,CAAC,kBAAkB,EAAE,gBAAgB,EAAE,qBAAqB,CAAC;gBACxE,UAAU,EAAE,CAAC,SAAS,EAAE,UAAU,CAAC;aACpC;YACD;gBACE,GAAG,EAAE,cAAc;gBACnB,SAAS,EAAE,CAAC,kBAAkB,EAAE,gBAAgB,EAAE,cAAc,CAAC;gBACjE,UAAU,EAAE,EAAE;aACf;SACF,CAAC,CAAC,CAAC;QAEJ,yBAAyB;QACzB,IAAM,iBAAiB,GAAG,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC;QACtD,IAAI,OAAO,iBAAiB,KAAK,QAAQ,EAAE,CAAC;YAC1C,IAAI,CAAC,IAAI,CAAC,WAAW,GAAG;gBACtB,OAAO,EAAE,iBAAiB;gBAC1B,UAAU,EAAE,iBAAiB;aAC9B,CAAC;YACF,OAAO,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC;QACrC,CAAC;QAED,IACE,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC;YACzC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,EACrC,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC5D,CAAC;IAEH,CAAC;IAED;;;MAGE;IACK,8BAAW,GAAlB;QACE,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED;;;MAGE;IACK,iCAAc,GAArB,UAAsB,UAAkB;QACtC,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;IAC/C,CAAC;IAED;;;MAGE;IACK,8BAAW,GAAlB;QACE,OAAO,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC;IAC5B,CAAC;IAED;;;;MAIE;IACK,qCAAkB,GAAzB,UAA0B,GAAW;QACnC,OAAO,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;IAC5C,CAAC;IAED;;;MAGE;IACK,kCAAe,GAAtB;QACE,OAAO,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC;IAChC,CAAC;IAED;;;;MAIE;IACK,yCAAsB,GAA7B,UAA8B,OAA2B;QACvD,IAAI,OAAO,IAAI,IAAA,kBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC;YACjC,IAAM,UAAQ,GAAG,eAAS,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAC5C,IAAI,mBAAmB,GAAG,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC;YACxD,IAAI,CAAC,CAAC,mBAAmB,YAAY,KAAK,CAAC,EAAE,CAAC;gBAC5C,mBAAmB,GAAG,CAAC,mBAAmB,CAAC,CAAC;YAC7C,CAAC;YACF,IAAM,OAAO,GAAG,mBAAmB,CAAC,IAAI,CAAC,UAAA,GAAG,IAAI,OAAA,GAAG,CAAC,OAAO,KAAK,UAAQ,EAAxB,CAAwB,CAAC,CAAC;YAC1E,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,OAAO,CAAC,QAAQ,CAAC;YAC1B,CAAC;QACH,CAAC;QACD,OAAO,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC;IACvC,CAAC;IAED;;;;MAIE;IACK,qCAAkB,GAAzB,UAA0B,QAAkB;QAC1C,IAAI,eAAe,GAAG,EAAE,CAAC;QACzB,IAAI,QAAQ,EAAE,CAAC;YACb,eAAe,GAAG,QAAQ,CAAC,MAAM,CAAC,UAAC,GAAQ,EAAE,OAAO;gBAClD,IAAM,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC/C,OAAO,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YAClC,CAAC,EAAE,EAAE,CAAC,CAAC;QACT,CAAC;QACD,OAAO,eAAe,CAAC;IACzB,CAAC;IACH,eAAC;AAAD,CAAC,AAhJD,IAgJC"}
|
package/build/src/urn.js
CHANGED
|
@@ -12,12 +12,12 @@ var BindingNamespace;
|
|
|
12
12
|
BindingNamespace["Post"] = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST";
|
|
13
13
|
BindingNamespace["SimpleSign"] = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign";
|
|
14
14
|
BindingNamespace["Artifact"] = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact";
|
|
15
|
-
})(BindingNamespace
|
|
15
|
+
})(BindingNamespace || (exports.BindingNamespace = BindingNamespace = {}));
|
|
16
16
|
var MessageSignatureOrder;
|
|
17
17
|
(function (MessageSignatureOrder) {
|
|
18
18
|
MessageSignatureOrder["STE"] = "sign-then-encrypt";
|
|
19
19
|
MessageSignatureOrder["ETS"] = "encrypt-then-sign";
|
|
20
|
-
})(MessageSignatureOrder
|
|
20
|
+
})(MessageSignatureOrder || (exports.MessageSignatureOrder = MessageSignatureOrder = {}));
|
|
21
21
|
var StatusCode;
|
|
22
22
|
(function (StatusCode) {
|
|
23
23
|
// top-tier
|
|
@@ -45,7 +45,7 @@ var StatusCode;
|
|
|
45
45
|
StatusCode["UnknownAttrProfile"] = "urn:oasis:names:tc:SAML:2.0:status:UnknownAttrProfile";
|
|
46
46
|
StatusCode["UnknownPrincipal"] = "urn:oasis:names:tc:SAML:2.0:status:UnknownPrincipal";
|
|
47
47
|
StatusCode["UnsupportedBinding"] = "urn:oasis:names:tc:SAML:2.0:status:UnsupportedBinding";
|
|
48
|
-
})(StatusCode
|
|
48
|
+
})(StatusCode || (exports.StatusCode = StatusCode = {}));
|
|
49
49
|
var namespace = {
|
|
50
50
|
binding: {
|
|
51
51
|
redirect: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
|
|
@@ -174,7 +174,7 @@ var ParserType;
|
|
|
174
174
|
ParserType["SAMLResponse"] = "SAMLResponse";
|
|
175
175
|
ParserType["LogoutRequest"] = "LogoutRequest";
|
|
176
176
|
ParserType["LogoutResponse"] = "LogoutResponse";
|
|
177
|
-
})(ParserType
|
|
177
|
+
})(ParserType || (exports.ParserType = ParserType = {}));
|
|
178
178
|
var wording = {
|
|
179
179
|
urlParams: {
|
|
180
180
|
samlRequest: 'SAMLRequest',
|
package/build/src/urn.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"urn.js","sourceRoot":"","sources":["../../src/urn.ts"],"names":[],"mappings":";AAAA;;;;EAIE;;;AAEF,IAAY,gBAKX;AALD,WAAY,gBAAgB;IAC1B,mFAA+D,CAAA;IAC/D,2EAAuD,CAAA;IACvD,4FAAwE,CAAA;IACxE,mFAA+D,CAAA;AACjE,CAAC,EALW,gBAAgB,
|
|
1
|
+
{"version":3,"file":"urn.js","sourceRoot":"","sources":["../../src/urn.ts"],"names":[],"mappings":";AAAA;;;;EAIE;;;AAEF,IAAY,gBAKX;AALD,WAAY,gBAAgB;IAC1B,mFAA+D,CAAA;IAC/D,2EAAuD,CAAA;IACvD,4FAAwE,CAAA;IACxE,mFAA+D,CAAA;AACjE,CAAC,EALW,gBAAgB,gCAAhB,gBAAgB,QAK3B;AAED,IAAY,qBAGX;AAHD,WAAY,qBAAqB;IAC/B,kDAAyB,CAAA;IACzB,kDAAyB,CAAA;AAC3B,CAAC,EAHW,qBAAqB,qCAArB,qBAAqB,QAGhC;AAED,IAAY,UA0BX;AA1BD,WAAY,UAAU;IACpB,WAAW;IACX,oEAAsD,CAAA;IACtD,wEAA0D,CAAA;IAC1D,wEAA0D,CAAA;IAC1D,oFAAsE,CAAA;IACtE,0CAA0C;IAC1C,2EAA6D,CAAA;IAC7D,kGAAoF,CAAA;IACpF,4FAA8E,CAAA;IAC9E,kFAAoE,CAAA;IACpE,kFAAoE,CAAA;IACpE,wEAA0D,CAAA;IAC1D,kFAAoE,CAAA;IACpE,gFAAkE,CAAA;IAClE,0FAA4E,CAAA;IAC5E,gFAAkE,CAAA;IAClE,0FAA4E,CAAA;IAC5E,sGAAwF,CAAA;IACxF,gGAAkF,CAAA;IAClF,8FAAgF,CAAA;IAChF,gGAAkF,CAAA;IAClF,sFAAwE,CAAA;IACxE,0FAA4E,CAAA;IAC5E,sFAAwE,CAAA;IACxE,0FAA4E,CAAA;AAC9E,CAAC,EA1BW,UAAU,0BAAV,UAAU,QA0BrB;AAED,IAAM,SAAS,GAAG;IAChB,OAAO,EAAE;QACP,QAAQ,EAAE,oDAAoD;QAC9D,IAAI,EAAE,gDAAgD;QACtD,UAAU,EAAE,2DAA2D;QACvE,QAAQ,EAAE,oDAAoD;KAC/D;IACD,KAAK,EAAE;QACL,QAAQ,EAAE,sCAAsC;QAChD,SAAS,EAAE,uCAAuC;QAClD,QAAQ,EAAE,sCAAsC;QAChD,UAAU,EAAE,yCAAyC;QACrD,WAAW,EAAE,0CAA0C;KACxD;IACD,oBAAoB,EAAE;QACpB,QAAQ,EAAE,iDAAiD;QAC3D,0BAA0B,EAAE,mEAAmE;KAChG;IACD,MAAM,EAAE;QACN,YAAY,EAAE,wDAAwD;QACtE,UAAU,EAAE,sDAAsD;QAClE,SAAS,EAAE,qDAAqD;QAChE,MAAM,EAAE,kDAAkD;QAC1D,WAAW,EAAE,uDAAuD;QACpE,QAAQ,EAAE,oDAAoD;QAC9D,0BAA0B,EAAE,sEAAsE;QAClG,eAAe,EAAE,2DAA2D;KAC7E;IACD,UAAU,EAAE;QACV,qCAAqC;QACrC,OAAO,EAAE,4CAA4C;QACrD,SAAS,EAAE,8CAA8C;QACzD,SAAS,EAAE,8CAA8C;QACzD,eAAe,EAAE,oDAAoD;QACrE,4BAA4B;QAC5B,UAAU,EAAE,gDAAgD;QAC5D,sBAAsB,EAAE,2DAA2D;QACnF,mBAAmB,EAAE,wDAAwD;QAC7E,cAAc,EAAE,mDAAmD;QACnE,cAAc,EAAE,mDAAmD;QACnE,SAAS,EAAE,8CAA8C;QACzD,cAAc,EAAE,mDAAmD;QACnE,aAAa,EAAE,kDAAkD;QACjE,kBAAkB,EAAE,uDAAuD;QAC3E,aAAa,EAAE,kDAAkD;QACjE,kBAAkB,EAAE,uDAAuD;QAC3E,wBAAwB,EAAE,6DAA6D;QACvF,qBAAqB,EAAE,0DAA0D;QACjF,oBAAoB,EAAE,yDAAyD;QAC/E,qBAAqB,EAAE,0DAA0D;QACjF,gBAAgB,EAAE,qDAAqD;QACvE,kBAAkB,EAAE,uDAAuD;QAC3E,gBAAgB,EAAE,qDAAqD;QACvE,kBAAkB,EAAE,uDAAuD;KAC5E;CACF,CAAC;AA4GO,8BAAS;AA1GlB,IAAM,IAAI,GAAG;IACX,OAAO,EAAE;QACP,WAAW,EAAE,eAAe;QAC5B,2BAA2B,EAAE,+BAA+B;QAC5D,oBAAoB,EAAE,wBAAwB;QAC9C,WAAW,EAAE,eAAe;QAC5B,QAAQ,EAAE,YAAY;QACtB,cAAc,EAAE,kBAAkB;QAClC,kBAAkB,EAAE,sBAAsB;QAC1C,mBAAmB,EAAE,uBAAuB;QAC5C,sBAAsB,EAAE,0BAA0B;QAClD,WAAW,EAAE,eAAe;QAC5B,QAAQ,EAAE,YAAY;QACtB,EAAE,EAAE,MAAM;QACV,MAAM,EAAE,UAAU;QAClB,YAAY,EAAE,gBAAgB;QAC9B,YAAY,EAAE,gBAAgB;QAC9B,MAAM,EAAE,UAAU;QAClB,YAAY,EAAE,gBAAgB;QAC9B,eAAe,EAAE,mBAAmB;QACpC,YAAY,EAAE,gBAAgB;QAC9B,gBAAgB,EAAE,oBAAoB;QACtC,mCAAmC,EAAE,uCAAuC;QAC5E,UAAU,EAAE,cAAc;KAC3B;IACD,MAAM,EAAE;QACN,YAAY,EAAE,cAAc;QAC5B,aAAa,EAAE,eAAe;QAC9B,aAAa,EAAE,UAAU;QACzB,cAAc,EAAE,gBAAgB;KACjC;CACF,CAAC;AA2EkB,oBAAI;AAzExB,IAAM,qBAAqB,GAAG;IAC5B,YAAY,EAAE;QACZ,iBAAiB,EAAE,mBAAmB;QACtC,iBAAiB,EAAE,mBAAmB;KACvC;CACF,CAAC;AAoE4D,sDAAqB;AAlEnF,IAAM,UAAU,GAAG;IACjB,SAAS,EAAE;QACT,QAAQ,EAAE,4CAA4C;QACtD,UAAU,EAAE,mDAAmD;QAC/D,UAAU,EAAE,mDAAmD;KAChE;IACD,UAAU,EAAE;QACV,IAAI,EAAE;YACJ,OAAO,EAAE,6CAA6C;YACtD,OAAO,EAAE,6CAA6C;YACtD,OAAO,EAAE,gDAAgD;YACzD,WAAW,EAAE,4CAA4C;SAC1D;QACD,GAAG,EAAE;YACH,cAAc,EAAE,iDAAiD;YACjE,OAAO,EAAE,0CAA0C;SACpD;KACF;IACD,MAAM,EAAE;QACN,4CAA4C,EAAE,wCAAwC;QACtF,mDAAmD,EAAE,yCAAyC;QAC9F,mDAAmD,EAAE,yCAAyC,EAAE,6DAA6D;KAC9J;CACF,CAAC;AA2CwB,gCAAU;AAzCpC,IAAY,UAKX;AALD,WAAY,UAAU;IACpB,yCAA2B,CAAA;IAC3B,2CAA6B,CAAA;IAC7B,6CAA+B,CAAA;IAC/B,+CAAiC,CAAA;AACnC,CAAC,EALW,UAAU,0BAAV,UAAU,QAKrB;AAED,IAAM,OAAO,GAAG;IACd,SAAS,EAAE;QACT,WAAW,EAAE,aAAa;QAC1B,YAAY,EAAE,cAAc;QAC5B,aAAa,EAAE,eAAe;QAC9B,cAAc,EAAE,gBAAgB;QAChC,MAAM,EAAE,QAAQ;QAChB,SAAS,EAAE,WAAW;QACtB,UAAU,EAAE,YAAY;KACzB;IACD,OAAO,EAAE;QACP,QAAQ,EAAE,UAAU;QACpB,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,YAAY;QACxB,QAAQ,EAAE,UAAU;KACrB;IACD,OAAO,EAAE;QACP,OAAO,EAAE,SAAS;QAClB,OAAO,EAAE,YAAY;KACtB;IACD,QAAQ,EAAE;QACR,EAAE,EAAE,aAAa;QACjB,GAAG,EAAE,cAAc;KACpB;CACF,CAAC;AAUoC,0BAAO;AAR7C,uEAAuE;AACvE,iEAAiE;AACjE,IAAM,aAAa,GAAG;IACpB,OAAO,EAAE,CAAC,eAAe,EAAE,cAAc,EAAE,qBAAqB,EAAE,0BAA0B,CAAC;IAC7F,QAAQ,EAAE,CAAC,eAAe,EAAE,cAAc,EAAE,qBAAqB,EAAE,0BAA0B,CAAC;IAC9F,UAAU,EAAE,CAAC,eAAe,EAAE,qBAAqB,EAAE,cAAc,EAAE,0BAA0B,EAAE,2BAA2B,CAAC;CAC9H,CAAC;AAE6C,sCAAa"}
|
package/build/src/utility.js
CHANGED
|
@@ -25,7 +25,18 @@ var __spreadArray = (this && this.__spreadArray) || function (to, from, pack) {
|
|
|
25
25
|
return to.concat(ar || Array.prototype.slice.call(from));
|
|
26
26
|
};
|
|
27
27
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
28
|
-
exports.
|
|
28
|
+
exports.zipObject = zipObject;
|
|
29
|
+
exports.flattenDeep = flattenDeep;
|
|
30
|
+
exports.last = last;
|
|
31
|
+
exports.uniq = uniq;
|
|
32
|
+
exports.get = get;
|
|
33
|
+
exports.isString = isString;
|
|
34
|
+
exports.base64Decode = base64Decode;
|
|
35
|
+
exports.inflateString = inflateString;
|
|
36
|
+
exports.readPrivateKey = readPrivateKey;
|
|
37
|
+
exports.isNonEmptyArray = isNonEmptyArray;
|
|
38
|
+
exports.castArrayOpt = castArrayOpt;
|
|
39
|
+
exports.notEmpty = notEmpty;
|
|
29
40
|
/**
|
|
30
41
|
* @file utility.ts
|
|
31
42
|
* @author tngan
|
|
@@ -57,7 +68,6 @@ function zipObject(arr1, arr2, skipDuplicated) {
|
|
|
57
68
|
return res;
|
|
58
69
|
}, {});
|
|
59
70
|
}
|
|
60
|
-
exports.zipObject = zipObject;
|
|
61
71
|
/**
|
|
62
72
|
* @desc Alternative to lodash.flattenDeep
|
|
63
73
|
* @reference https://github.com/you-dont-need/You-Dont-Need-Lodash-Underscore#_flattendeep
|
|
@@ -68,7 +78,6 @@ function flattenDeep(input) {
|
|
|
68
78
|
? input.reduce(function (a, b) { return a.concat(flattenDeep(b)); }, [])
|
|
69
79
|
: [input];
|
|
70
80
|
}
|
|
71
|
-
exports.flattenDeep = flattenDeep;
|
|
72
81
|
/**
|
|
73
82
|
* @desc Alternative to lodash.last
|
|
74
83
|
* @reference https://github.com/you-dont-need/You-Dont-Need-Lodash-Underscore#_last
|
|
@@ -77,7 +86,6 @@ exports.flattenDeep = flattenDeep;
|
|
|
77
86
|
function last(input) {
|
|
78
87
|
return input.slice(-1)[0];
|
|
79
88
|
}
|
|
80
|
-
exports.last = last;
|
|
81
89
|
/**
|
|
82
90
|
* @desc Alternative to lodash.uniq
|
|
83
91
|
* @reference https://github.com/you-dont-need/You-Dont-Need-Lodash-Underscore#_uniq
|
|
@@ -87,7 +95,6 @@ function uniq(input) {
|
|
|
87
95
|
var set = new Set(input);
|
|
88
96
|
return __spreadArray([], __read(set), false);
|
|
89
97
|
}
|
|
90
|
-
exports.uniq = uniq;
|
|
91
98
|
/**
|
|
92
99
|
* @desc Alternative to lodash.get
|
|
93
100
|
* @reference https://github.com/you-dont-need/You-Dont-Need-Lodash-Underscore#_get
|
|
@@ -99,7 +106,6 @@ function get(obj, path, defaultValue) {
|
|
|
99
106
|
return path.split('.')
|
|
100
107
|
.reduce(function (a, c) { return (a && a[c] ? a[c] : (defaultValue || null)); }, obj);
|
|
101
108
|
}
|
|
102
|
-
exports.get = get;
|
|
103
109
|
/**
|
|
104
110
|
* @desc Check if the input is string
|
|
105
111
|
* @param {any} input
|
|
@@ -107,7 +113,6 @@ exports.get = get;
|
|
|
107
113
|
function isString(input) {
|
|
108
114
|
return typeof input === 'string';
|
|
109
115
|
}
|
|
110
|
-
exports.isString = isString;
|
|
111
116
|
/**
|
|
112
117
|
* @desc Encode string with base64 format
|
|
113
118
|
* @param {string} message plain-text message
|
|
@@ -126,7 +131,6 @@ function base64Decode(base64Message, isBytes) {
|
|
|
126
131
|
var bytes = Buffer.from(base64Message, BASE64_STR);
|
|
127
132
|
return Boolean(isBytes) ? bytes : bytes.toString();
|
|
128
133
|
}
|
|
129
|
-
exports.base64Decode = base64Decode;
|
|
130
134
|
/**
|
|
131
135
|
* @desc Compress the string
|
|
132
136
|
* @param {string} message
|
|
@@ -148,7 +152,6 @@ function inflateString(compressedString) {
|
|
|
148
152
|
.map(function (byte) { return String.fromCharCode(byte); })
|
|
149
153
|
.join('');
|
|
150
154
|
}
|
|
151
|
-
exports.inflateString = inflateString;
|
|
152
155
|
/**
|
|
153
156
|
* @desc Abstract the normalizeCerString and normalizePemString
|
|
154
157
|
* @param {buffer} File stream or string
|
|
@@ -221,7 +224,6 @@ function getPublicKeyPemFromCertificate(x509Certificate) {
|
|
|
221
224
|
function readPrivateKey(keyString, passphrase, isOutputString) {
|
|
222
225
|
return isString(passphrase) ? this.convertToString(node_forge_1.pki.privateKeyToPem(node_forge_1.pki.decryptRsaPrivateKey(String(keyString), passphrase)), isOutputString) : keyString;
|
|
223
226
|
}
|
|
224
|
-
exports.readPrivateKey = readPrivateKey;
|
|
225
227
|
/**
|
|
226
228
|
* @desc Inline syntax sugar
|
|
227
229
|
*/
|
|
@@ -234,17 +236,14 @@ function convertToString(input, isOutputString) {
|
|
|
234
236
|
function isNonEmptyArray(a) {
|
|
235
237
|
return Array.isArray(a) && a.length > 0;
|
|
236
238
|
}
|
|
237
|
-
exports.isNonEmptyArray = isNonEmptyArray;
|
|
238
239
|
function castArrayOpt(a) {
|
|
239
240
|
if (a === undefined)
|
|
240
241
|
return [];
|
|
241
242
|
return Array.isArray(a) ? a : [a];
|
|
242
243
|
}
|
|
243
|
-
exports.castArrayOpt = castArrayOpt;
|
|
244
244
|
function notEmpty(value) {
|
|
245
245
|
return value !== null && value !== undefined;
|
|
246
246
|
}
|
|
247
|
-
exports.notEmpty = notEmpty;
|
|
248
247
|
var utility = {
|
|
249
248
|
isString: isString,
|
|
250
249
|
base64Encode: base64Encode,
|
package/build/src/utility.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utility.js","sourceRoot":"","sources":["../../src/utility.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"utility.js","sourceRoot":"","sources":["../../src/utility.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;AAeA,8BAmBC;AAMD,kCAIC;AAMD,oBAEC;AAMD,oBAGC;AAQD,kBAGC;AAKD,4BAEC;AAeD,oCAGC;AAeD,sCAMC;AAqED,wCAEC;AAUD,0CAEC;AAED,oCAGC;AAED,4BAEC;AAlND;;;;EAIE;AACF,yCAA6C;AAC7C,6BAAwC;AAExC,IAAM,UAAU,GAAG,QAAQ,CAAC;AAE5B;;;;GAIG;AACH,SAAgB,SAAS,CAAC,IAAc,EAAE,IAAW,EAAE,cAAqB;IAArB,+BAAA,EAAA,qBAAqB;IAC1E,OAAO,IAAI,CAAC,MAAM,CAAC,UAAC,GAAG,EAAE,CAAC,EAAE,CAAC;QAE3B,IAAI,cAAc,EAAE,CAAC;YACnB,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YACjB,OAAO,GAAG,CAAC;QACb,CAAC;QACD,2EAA2E;QAC3E,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,SAAS,EAAE,CAAC;YACzB,GAAG,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC5B,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBACxB,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YAC7B,OAAO,GAAG,CAAC;QACb,CAAC;QAED,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACjB,OAAO,GAAG,CAAC;IAEb,CAAC,EAAE,EAAE,CAAC,CAAC;AACT,CAAC;AACD;;;;GAIG;AACH,SAAgB,WAAW,CAAC,KAAY;IACtC,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QAC3B,CAAC,CAAC,KAAK,CAAC,MAAM,CAAE,UAAC,CAAC,EAAE,CAAC,IAAK,OAAA,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,EAAxB,CAAwB,EAAG,EAAE,CAAC;QACxD,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;AACZ,CAAC;AACD;;;;GAIG;AACH,SAAgB,IAAI,CAAC,KAAY;IAC/B,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC5B,CAAC;AACD;;;;GAIG;AACH,SAAgB,IAAI,CAAC,KAAe;IAClC,IAAM,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;IAC3B,gCAAY,GAAG,UAAE;AACnB,CAAC;AACD;;;;;;GAMG;AACH,SAAgB,GAAG,CAAC,GAAG,EAAE,IAAI,EAAE,YAAY;IACzC,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC;SACrB,MAAM,CAAC,UAAC,CAAC,EAAE,CAAC,IAAK,OAAA,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,IAAI,IAAI,CAAC,CAAC,EAA3C,CAA2C,EAAE,GAAG,CAAC,CAAC;AACtE,CAAC;AACD;;;GAGG;AACH,SAAgB,QAAQ,CAAC,KAAU;IACjC,OAAO,OAAO,KAAK,KAAK,QAAQ,CAAC;AACnC,CAAC;AACD;;;;EAIE;AACF,SAAS,YAAY,CAAC,OAA0B;IAC9C,OAAO,MAAM,CAAC,IAAI,CAAC,OAAiB,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;AAC7D,CAAC;AACD;;;;;EAKE;AACF,SAAgB,YAAY,CAAC,aAAqB,EAAE,OAAiB;IACnE,IAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;IACrD,OAAO,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;AACrD,CAAC;AACD;;;;EAIE;AACF,SAAS,aAAa,CAAC,OAAe;IACpC,IAAM,KAAK,GAAG,KAAK,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,UAAA,IAAI,IAAI,OAAA,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,EAAlB,CAAkB,CAAC,CAAC;IAC5E,OAAO,KAAK,CAAC,IAAI,CAAC,IAAA,cAAO,EAAC,KAAK,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACnD,CAAC;AACD;;;;EAIE;AACF,SAAgB,aAAa,CAAC,gBAAwB;IACpD,IAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,UAAU,CAAC,CAAC;IAC9D,IAAM,KAAK,GAAG,KAAK,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,UAAA,IAAI,IAAI,OAAA,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,EAAlB,CAAkB,CAAC,CAAC;IACnG,OAAO,KAAK,CAAC,IAAI,CAAC,IAAA,cAAO,EAAC,KAAK,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;SAC7C,GAAG,CAAC,UAAC,IAAY,IAAK,OAAA,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,EAAzB,CAAyB,CAAC;SAChD,IAAI,CAAC,EAAE,CAAC,CAAC;AACd,CAAC;AACD;;;;;EAKE;AACF,SAAS,mBAAmB,CAAC,GAAoB,EAAE,MAAc;IAC/D,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,qBAAc,MAAM,UAAO,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,mBAAY,MAAM,UAAO,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACnL,CAAC;AACD;;;;EAIE;AACF,SAAS,kBAAkB,CAAC,UAA2B;IACrD,OAAO,mBAAmB,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;AACxD,CAAC;AACD;;;;EAIE;AACF,SAAS,kBAAkB,CAAC,SAA0B;IACpD,OAAO,mBAAmB,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,iBAAiB,CAAC,CAAC;AACtE,CAAC;AACD;;;;EAIE;AACF,SAAS,UAAU,CAAC,GAAG;IACrB,OAAO,UAAG,GAAG,CAAC,QAAQ,gBAAM,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,SAAG,GAAG,CAAC,WAAW,CAAE,CAAC;AAClE,CAAC;AACD;;;;EAIE;AACF,SAAS,WAAW,CAAC,GAAG,EAAE,YAAiB;IAAjB,6BAAA,EAAA,iBAAiB;IACzC,OAAO,GAAG,IAAI,YAAY,CAAC;AAC7B,CAAC;AACD;;;;;EAKE;AACF,SAAS,YAAY,CAAC,IAAI,EAAE,IAAI;IAC9B,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;AACvC,CAAC;AACD;;;;EAIE;AACF,SAAS,8BAA8B,CAAC,eAAuB;IAC7D,IAAM,YAAY,GAAG,iBAAI,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC;IACpD,IAAM,GAAG,GAAG,iBAAI,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;IACvC,IAAM,IAAI,GAAG,gBAAG,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC;IAC1C,OAAO,gBAAG,CAAC,cAAc,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;AAC5C,CAAC;AACD;;;;;;EAME;AACF,SAAgB,cAAc,CAAC,SAA0B,EAAE,UAA8B,EAAE,cAAwB;IACjH,OAAO,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,gBAAG,CAAC,eAAe,CAAC,gBAAG,CAAC,oBAAoB,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,UAAU,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;AAC/J,CAAC;AACD;;EAEE;AACF,SAAS,eAAe,CAAC,KAAK,EAAE,cAAc;IAC5C,OAAO,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;AACzD,CAAC;AACD;;GAEG;AACH,SAAgB,eAAe,CAAC,CAAC;IAC/B,OAAO,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;AAC1C,CAAC;AAED,SAAgB,YAAY,CAAI,CAAW;IACzC,IAAI,CAAC,KAAK,SAAS;QAAE,OAAO,EAAE,CAAA;IAC9B,OAAO,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;AACnC,CAAC;AAED,SAAgB,QAAQ,CAAS,KAAgC;IAC/D,OAAO,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS,CAAC;AAC/C,CAAC;AAED,IAAM,OAAO,GAAG;IACd,QAAQ,UAAA;IACR,YAAY,cAAA;IACZ,YAAY,cAAA;IACZ,aAAa,eAAA;IACb,aAAa,eAAA;IACb,kBAAkB,oBAAA;IAClB,kBAAkB,oBAAA;IAClB,UAAU,YAAA;IACV,WAAW,aAAA;IACX,YAAY,cAAA;IACZ,8BAA8B,gCAAA;IAC9B,cAAc,gBAAA;IACd,eAAe,iBAAA;IACf,eAAe,iBAAA;CAChB,CAAC;AAEF,kBAAe,OAAO,CAAC"}
|
package/build/src/validator.js
CHANGED
|
@@ -16,7 +16,7 @@ var __read = (this && this.__read) || function (o, n) {
|
|
|
16
16
|
return ar;
|
|
17
17
|
};
|
|
18
18
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
19
|
-
exports.verifyTime =
|
|
19
|
+
exports.verifyTime = verifyTime;
|
|
20
20
|
function verifyTime(utcNotBefore, utcNotOnOrAfter, drift) {
|
|
21
21
|
if (drift === void 0) { drift = [0, 0]; }
|
|
22
22
|
var now = new Date();
|
|
@@ -41,5 +41,4 @@ function verifyTime(utcNotBefore, utcNotOnOrAfter, drift) {
|
|
|
41
41
|
return (+notBeforeLocal + notBeforeDrift <= +now &&
|
|
42
42
|
+now < +notOnOrAfterLocal + notOnOrAfterDrift);
|
|
43
43
|
}
|
|
44
|
-
exports.verifyTime = verifyTime;
|
|
45
44
|
//# sourceMappingURL=validator.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validator.js","sourceRoot":"","sources":["../../src/validator.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"validator.js","sourceRoot":"","sources":["../../src/validator.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;AA0CE,gCAAU;AAvCZ,SAAS,UAAU,CACjB,YAAgC,EAChC,eAAmC,EACnC,KAA8B;IAA9B,sBAAA,EAAA,SAAyB,CAAC,EAAE,CAAC,CAAC;IAG9B,IAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IAEvB,IAAI,CAAC,YAAY,IAAI,CAAC,eAAe,EAAE,CAAC;QACtC,kHAAkH;QAClH,OAAO,CAAC,IAAI,CAAC,2FAA2F,CAAC,CAAC;QAC1G,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,cAAc,GAAgB,IAAI,CAAC;IACvC,IAAI,iBAAiB,GAAgB,IAAI,CAAC;IAEpC,IAAA,KAAA,OAAsC,KAAK,IAAA,EAA1C,cAAc,QAAA,EAAE,iBAAiB,QAAS,CAAC;IAElD,IAAI,YAAY,IAAI,CAAC,eAAe,EAAE,CAAC;QACrC,cAAc,GAAG,IAAI,IAAI,CAAC,YAAY,CAAC,CAAC;QACxC,OAAO,CAAC,cAAc,GAAG,cAAc,IAAI,CAAC,GAAG,CAAC;IAClD,CAAC;IACD,IAAI,CAAC,YAAY,IAAI,eAAe,EAAE,CAAC;QACrC,iBAAiB,GAAG,IAAI,IAAI,CAAC,eAAe,CAAC,CAAC;QAC9C,OAAO,CAAC,GAAG,GAAG,CAAC,iBAAiB,GAAG,iBAAiB,CAAC;IACvD,CAAC;IAED,cAAc,GAAG,IAAI,IAAI,CAAC,YAAa,CAAC,CAAC;IACzC,iBAAiB,GAAG,IAAI,IAAI,CAAC,eAAgB,CAAC,CAAC;IAE/C,OAAO,CACL,CAAC,cAAc,GAAG,cAAc,IAAI,CAAC,GAAG;QACxC,CAAC,GAAG,GAAG,CAAC,iBAAiB,GAAG,iBAAiB,CAC9C,CAAC;AAEJ,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "samlify",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.10.0",
|
|
4
4
|
"description": "High-level API for Single Sign On (SAML 2.0)",
|
|
5
5
|
"main": "build/index.js",
|
|
6
6
|
"keywords": [
|
|
@@ -39,7 +39,7 @@
|
|
|
39
39
|
"pako": "^1.0.10",
|
|
40
40
|
"uuid": "^8.3.2",
|
|
41
41
|
"xml": "^1.0.1",
|
|
42
|
-
"xml-crypto": "^
|
|
42
|
+
"xml-crypto": "^6.1.0",
|
|
43
43
|
"xml-escape": "^1.1.0",
|
|
44
44
|
"xpath": "^0.0.32"
|
|
45
45
|
},
|
package/src/libsaml.ts
CHANGED
|
@@ -9,12 +9,14 @@ import { algorithms, wording, namespace } from './urn';
|
|
|
9
9
|
import { select } from 'xpath';
|
|
10
10
|
import { MetadataInterface } from './metadata';
|
|
11
11
|
import nrsa, { SigningSchemeHash } from 'node-rsa';
|
|
12
|
-
import { SignedXml
|
|
12
|
+
import { SignedXml } from 'xml-crypto';
|
|
13
13
|
import * as xmlenc from '@authenio/xml-encryption';
|
|
14
14
|
import { extract } from './extractor';
|
|
15
15
|
import camelCase from 'camelcase';
|
|
16
16
|
import { getContext } from './api';
|
|
17
17
|
import xmlEscape from 'xml-escape';
|
|
18
|
+
import * as fs from 'fs';
|
|
19
|
+
import {DOMParser} from '@xmldom/xmldom';
|
|
18
20
|
|
|
19
21
|
const signatureAlgorithms = algorithms.signature;
|
|
20
22
|
const digestAlgorithms = algorithms.digest;
|
|
@@ -95,6 +97,7 @@ export interface LibSamlInterface {
|
|
|
95
97
|
verifySignature: (xml: string, opts: SignatureVerifierOptions) => [boolean, any];
|
|
96
98
|
createKeySection: (use: KeyUse, cert: string | Buffer) => {};
|
|
97
99
|
constructMessageSignature: (octetString: string, key: string, passphrase?: string, isBase64?: boolean, signingAlgorithm?: string) => string;
|
|
100
|
+
|
|
98
101
|
verifyMessageSignature: (metadata, octetString: string, signature: string | Buffer, verifyAlgorithm?: string) => boolean;
|
|
99
102
|
getKeyInfo: (x509Certificate: string, signatureConfig?: any) => void;
|
|
100
103
|
encryptAssertion: (sourceEntity, targetEntity, entireXML: string) => Promise<string>;
|
|
@@ -326,28 +329,28 @@ const libSaml = () => {
|
|
|
326
329
|
} = opts;
|
|
327
330
|
const sig = new SignedXml();
|
|
328
331
|
// Add assertion sections as reference
|
|
332
|
+
const digestAlgorithm = getDigestMethod(signatureAlgorithm);
|
|
329
333
|
if (referenceTagXPath) {
|
|
330
|
-
sig.addReference(
|
|
331
|
-
referenceTagXPath,
|
|
332
|
-
transformationAlgorithms,
|
|
333
|
-
|
|
334
|
-
);
|
|
334
|
+
sig.addReference({
|
|
335
|
+
xpath: referenceTagXPath,
|
|
336
|
+
transforms: transformationAlgorithms,
|
|
337
|
+
digestAlgorithm: digestAlgorithm
|
|
338
|
+
});
|
|
335
339
|
}
|
|
336
340
|
if (isMessageSigned) {
|
|
337
|
-
sig.addReference(
|
|
341
|
+
sig.addReference({
|
|
338
342
|
// reference to the root node
|
|
339
|
-
'/*',
|
|
340
|
-
transformationAlgorithms,
|
|
341
|
-
|
|
342
|
-
|
|
343
|
-
'',
|
|
344
|
-
'',
|
|
345
|
-
false,
|
|
346
|
-
);
|
|
343
|
+
xpath: '/*',
|
|
344
|
+
transforms: transformationAlgorithms,
|
|
345
|
+
digestAlgorithm
|
|
346
|
+
});
|
|
347
347
|
}
|
|
348
348
|
sig.signatureAlgorithm = signatureAlgorithm;
|
|
349
|
-
sig.
|
|
350
|
-
sig.
|
|
349
|
+
sig.publicCert = this.getKeyInfo(signingCert, signatureConfig).getKey();
|
|
350
|
+
sig.getKeyInfoContent = this.getKeyInfo(signingCert, signatureConfig).getKeyInfo;
|
|
351
|
+
sig.privateKey = utility.readPrivateKey(privateKey, privateKeyPass, true);
|
|
352
|
+
sig.canonicalizationAlgorithm = 'http://www.w3.org/2001/10/xml-exc-c14n#';
|
|
353
|
+
|
|
351
354
|
if (signatureConfig) {
|
|
352
355
|
sig.computeSignature(rawSamlMessage, signatureConfig);
|
|
353
356
|
} else {
|
|
@@ -359,11 +362,15 @@ const libSaml = () => {
|
|
|
359
362
|
* @desc Verify the XML signature
|
|
360
363
|
* @param {string} xml xml
|
|
361
364
|
* @param {SignatureVerifierOptions} opts cert declares the X509 certificate
|
|
362
|
-
|
|
363
|
-
|
|
365
|
+
* @return {[boolean, string | null]} - A tuple where:
|
|
366
|
+
* - The first element is `true` if the signature is valid, `false` otherwise.
|
|
367
|
+
* - The second element is the cryptographically authenticated assertion node as a string, or `null` if not found.
|
|
368
|
+
*/
|
|
364
369
|
verifySignature(xml: string, opts: SignatureVerifierOptions) {
|
|
365
370
|
const { dom } = getContext();
|
|
366
371
|
const doc = dom.parseFromString(xml);
|
|
372
|
+
|
|
373
|
+
const docParser = new DOMParser();
|
|
367
374
|
// In order to avoid the wrapping attack, we have changed to use absolute xpath instead of naively fetching the signature element
|
|
368
375
|
// message signature (logout response / saml response)
|
|
369
376
|
const messageSignatureXpath = "/*[contains(local-name(), 'Response') or contains(local-name(), 'Request')]/*[local-name(.)='Signature']";
|
|
@@ -374,7 +381,6 @@ const libSaml = () => {
|
|
|
374
381
|
|
|
375
382
|
// select the signature node
|
|
376
383
|
let selection: any = [];
|
|
377
|
-
let assertionNode: string | null = null;
|
|
378
384
|
const messageSignatureNode = select(messageSignatureXpath, doc);
|
|
379
385
|
const assertionSignatureNode = select(assertionSignatureXpath, doc);
|
|
380
386
|
const wrappingElementNode = select(wrappingElementsXPath, doc);
|
|
@@ -392,10 +398,11 @@ const libSaml = () => {
|
|
|
392
398
|
throw new Error('ERR_ZERO_SIGNATURE');
|
|
393
399
|
}
|
|
394
400
|
|
|
395
|
-
|
|
396
|
-
let verified = true;
|
|
401
|
+
|
|
397
402
|
// need to refactor later on
|
|
398
|
-
|
|
403
|
+
for (const signatureNode of selection){
|
|
404
|
+
const sig = new SignedXml();
|
|
405
|
+
let verified = false;
|
|
399
406
|
|
|
400
407
|
sig.signatureAlgorithm = opts.signatureAlgorithm!;
|
|
401
408
|
|
|
@@ -404,7 +411,7 @@ const libSaml = () => {
|
|
|
404
411
|
}
|
|
405
412
|
|
|
406
413
|
if (opts.keyFile) {
|
|
407
|
-
sig.
|
|
414
|
+
sig.publicCert = fs.readFileSync(opts.keyFile)
|
|
408
415
|
}
|
|
409
416
|
|
|
410
417
|
if (opts.metadata) {
|
|
@@ -440,28 +447,56 @@ const libSaml = () => {
|
|
|
440
447
|
throw new Error('ERROR_UNMATCH_CERTIFICATE_DECLARATION_IN_METADATA');
|
|
441
448
|
}
|
|
442
449
|
|
|
443
|
-
sig.
|
|
450
|
+
sig.publicCert = this.getKeyInfo(x509Certificate).getKey();
|
|
444
451
|
|
|
445
452
|
} else {
|
|
446
453
|
// Select first one from metadata
|
|
447
|
-
sig.
|
|
454
|
+
sig.publicCert = this.getKeyInfo(metadataCert[0]).getKey();
|
|
448
455
|
}
|
|
449
|
-
|
|
450
456
|
}
|
|
451
457
|
|
|
452
458
|
sig.loadSignature(signatureNode);
|
|
453
459
|
|
|
454
460
|
doc.removeChild(signatureNode);
|
|
455
461
|
|
|
456
|
-
verified =
|
|
462
|
+
verified = sig.checkSignature(doc.toString());
|
|
457
463
|
|
|
458
464
|
// immediately throw error when any one of the signature is failed to get verified
|
|
459
465
|
if (!verified) {
|
|
460
466
|
throw new Error('ERR_FAILED_TO_VERIFY_SIGNATURE');
|
|
461
467
|
}
|
|
468
|
+
// attempt is made to get the signed Reference as a string();
|
|
469
|
+
// note, we don't have access to the actual signedReferences API unfortunately
|
|
470
|
+
// mainly a sanity check here for SAML. (Although ours would still be secure, if multiple references are used)
|
|
471
|
+
if (!(sig.getReferences().length >= 1)) {
|
|
472
|
+
throw new Error('NO_SIGNATURE_REFERENCES')
|
|
473
|
+
}
|
|
474
|
+
const signedVerifiedXML = sig.getSignedReferences()[0];
|
|
475
|
+
const rootNode = docParser.parseFromString(signedVerifiedXML, 'text/xml').documentElement;
|
|
476
|
+
// process the verified signature:
|
|
477
|
+
// case 1, rootSignedDoc is a response:
|
|
478
|
+
if (rootNode.localName === 'Response') {
|
|
479
|
+
|
|
480
|
+
// try getting the Xml from the first assertion
|
|
481
|
+
const assertions = select(
|
|
482
|
+
"./*[local-name()='Assertion']",
|
|
483
|
+
rootNode
|
|
484
|
+
);
|
|
485
|
+
// now we can process the assertion as an assertion
|
|
486
|
+
if (assertions.length === 1) {
|
|
487
|
+
return [true, assertions[0].toString()];
|
|
488
|
+
}
|
|
489
|
+
} else if (rootNode.localName === 'Assertion') {
|
|
490
|
+
return [true, rootNode.toString()];
|
|
491
|
+
} else {
|
|
492
|
+
return [true, null]; // signature is valid. But there is no assertion node here. It could be metadata node, hence return null
|
|
493
|
+
}
|
|
494
|
+
};
|
|
462
495
|
|
|
463
|
-
|
|
496
|
+
// something has gone seriously wrong if we are still here
|
|
497
|
+
throw new Error('ERR_ZERO_SIGNATURE');
|
|
464
498
|
|
|
499
|
+
/*
|
|
465
500
|
// response must be signed, either entire document or assertion
|
|
466
501
|
// default we will take the assertion section under root
|
|
467
502
|
if (messageSignatureNode.length === 1) {
|
|
@@ -503,7 +538,7 @@ const libSaml = () => {
|
|
|
503
538
|
assertionNode = verifiedDoc.assertion.toString();
|
|
504
539
|
}
|
|
505
540
|
|
|
506
|
-
return [verified, assertionNode]
|
|
541
|
+
return [verified, assertionNode];*/
|
|
507
542
|
},
|
|
508
543
|
/**
|
|
509
544
|
* @desc Helper function to create the key section in metadata (abstraction for signing and encrypt use)
|
|
@@ -586,12 +621,14 @@ const libSaml = () => {
|
|
|
586
621
|
* @return {string} public key
|
|
587
622
|
*/
|
|
588
623
|
getKeyInfo(x509Certificate: string, signatureConfig: any = {}) {
|
|
589
|
-
|
|
590
|
-
|
|
591
|
-
|
|
592
|
-
|
|
593
|
-
|
|
594
|
-
|
|
624
|
+
const prefix = signatureConfig.prefix ? `${signatureConfig.prefix}:` : '';
|
|
625
|
+
return {
|
|
626
|
+
getKeyInfo: () => {
|
|
627
|
+
return `<${prefix}X509Data><${prefix}X509Certificate>${x509Certificate}</${prefix}X509Certificate></${prefix}X509Data>`;
|
|
628
|
+
},
|
|
629
|
+
getKey: () => {
|
|
630
|
+
return utility.getPublicKeyPemFromCertificate(x509Certificate).toString();
|
|
631
|
+
},
|
|
595
632
|
};
|
|
596
633
|
},
|
|
597
634
|
/**
|
|
@@ -19,7 +19,7 @@ declare function base64LoginRequest(referenceTagXPath: string, entity: any, cust
|
|
|
19
19
|
* @param {function} customTagReplacement used when developers have their own login response template
|
|
20
20
|
* @param {boolean} encryptThenSign whether or not to encrypt then sign first (if signing). Defaults to sign-then-encrypt
|
|
21
21
|
*/
|
|
22
|
-
declare function base64LoginResponse(requestInfo: any, entity: any, user?: any, customTagReplacement?: (template: string) => BindingContext, encryptThenSign?: boolean): Promise<BindingContext>;
|
|
22
|
+
declare function base64LoginResponse(requestInfo: any | undefined, entity: any, user?: any, customTagReplacement?: (template: string) => BindingContext, encryptThenSign?: boolean): Promise<BindingContext>;
|
|
23
23
|
/**
|
|
24
24
|
* @desc Generate a base64 encoded logout request
|
|
25
25
|
* @param {object} user current logged user (e.g. req.user)
|
|
@@ -31,7 +31,7 @@ declare function base64LoginRequest(entity: any, customTagReplacement?: (templat
|
|
|
31
31
|
* @param {string} relayState the relay state
|
|
32
32
|
* @param {function} customTagReplacement used when developers have their own login response template
|
|
33
33
|
*/
|
|
34
|
-
declare function base64LoginResponse(requestInfo: any, entity: any, user?: any, relayState?: string, customTagReplacement?: (template: string) => BindingContext): Promise<BindingSimpleSignContext>;
|
|
34
|
+
declare function base64LoginResponse(requestInfo: any | undefined, entity: any, user?: any, relayState?: string, customTagReplacement?: (template: string) => BindingContext): Promise<BindingSimpleSignContext>;
|
|
35
35
|
declare const simpleSignBinding: {
|
|
36
36
|
base64LoginRequest: typeof base64LoginRequest;
|
|
37
37
|
base64LoginResponse: typeof base64LoginResponse;
|
package/types/src/entity.d.ts
CHANGED
|
@@ -1,4 +1,3 @@
|
|
|
1
|
-
/// <reference types="node" />
|
|
2
1
|
import { IdpMetadata as IdpMetadataConstructor } from './metadata-idp';
|
|
3
2
|
import { SpMetadata as SpMetadataConstructor } from './metadata-sp';
|
|
4
3
|
import { MetadataIdpConstructor, MetadataSpConstructor, EntitySetting } from './types';
|
|
@@ -31,7 +30,7 @@ export interface ParseResult {
|
|
|
31
30
|
extract: any;
|
|
32
31
|
sigAlg: string;
|
|
33
32
|
}
|
|
34
|
-
export
|
|
33
|
+
export type EntityConstructor = (MetadataIdpConstructor | MetadataSpConstructor) & {
|
|
35
34
|
metadata?: string | Buffer;
|
|
36
35
|
};
|
|
37
36
|
export default class Entity {
|
package/types/src/extractor.d.ts
CHANGED
|
@@ -6,7 +6,7 @@ interface ExtractorField {
|
|
|
6
6
|
attributePath?: string[];
|
|
7
7
|
context?: boolean;
|
|
8
8
|
}
|
|
9
|
-
export
|
|
9
|
+
export type ExtractorFields = ExtractorField[];
|
|
10
10
|
export declare const loginRequestFields: ExtractorFields;
|
|
11
11
|
export declare const loginResponseStatusFields: {
|
|
12
12
|
key: string;
|