passport-saml
Advanced tools
Comparing version 0.10.0 to 0.11.0
@@ -30,2 +30,6 @@ var zlib = require('zlib'); | ||
if (!options.host) { | ||
options.host = 'localhost'; | ||
} | ||
if (!options.issuer) { | ||
@@ -69,2 +73,21 @@ options.issuer = 'onelogin_saml'; | ||
SAML.prototype.getProtocol = function (req) { | ||
return this.options.protocol || (req.protocol || 'http').concat('://'); | ||
}; | ||
SAML.prototype.getCallbackUrl = function (req) { | ||
// Post-auth destination | ||
if (this.options.callbackUrl) { | ||
return this.options.callbackUrl; | ||
} else { | ||
var host; | ||
if (req.headers) { | ||
host = req.headers.host; | ||
} else { | ||
host = this.options.host; | ||
} | ||
return this.getProtocol(req) + host + this.options.path; | ||
} | ||
}; | ||
SAML.prototype.generateUniqueID = function () { | ||
@@ -93,4 +116,2 @@ var chars = "abcdef0123456789"; | ||
var instant = self.generateInstant(); | ||
var protocol = self.options.protocol || (req.protocol || 'http').concat('://'); | ||
var callbackUrl; | ||
var forceAuthn = self.options.forceAuthn || false; | ||
@@ -106,9 +127,2 @@ | ||
.then(function(){ | ||
// Post-auth destination | ||
if (self.options.callbackUrl) { | ||
callbackUrl = self.options.callbackUrl; | ||
} else { | ||
callbackUrl = protocol + req.headers.host + self.options.path; | ||
} | ||
var request = { | ||
@@ -121,3 +135,3 @@ 'samlp:AuthnRequest': { | ||
'@ProtocolBinding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST', | ||
'@AssertionConsumerServiceURL': callbackUrl, | ||
'@AssertionConsumerServiceURL': self.getCallbackUrl(req), | ||
'@Destination': self.options.entryPoint, | ||
@@ -352,3 +366,3 @@ 'saml:Issuer' : { | ||
return false; | ||
var signature = signatures[0].toString(); | ||
var signature = signatures[0]; | ||
var sig = new xmlCrypto.SignedXml(); | ||
@@ -755,3 +769,20 @@ sig.keyInfoProvider = { | ||
SAML.prototype.generateServiceProviderMetadata = function( decryptionCert ) { | ||
var keyDescriptor = null; | ||
var metadata = { | ||
'EntityDescriptor' : { | ||
'@xmlns': 'urn:oasis:names:tc:SAML:2.0:metadata', | ||
'@xmlns:ds': 'http://www.w3.org/2000/09/xmldsig#', | ||
'@entityID': this.options.issuer, | ||
'SPSSODescriptor' : { | ||
'@protocolSupportEnumeration': 'urn:oasis:names:tc:SAML:2.0:protocol', | ||
'NameIDFormat' : this.options.identifierFormat, | ||
'AssertionConsumerService' : { | ||
'@index': '1', | ||
'@isDefault': 'true', | ||
'@Binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST', | ||
'@Location': this.getCallbackUrl({}) | ||
} | ||
}, | ||
} | ||
}; | ||
if (this.options.decryptionPvk) { | ||
@@ -767,3 +798,3 @@ if (!decryptionCert) { | ||
keyDescriptor = { | ||
metadata.EntityDescriptor.SPSSODescriptor.KeyDescriptor = { | ||
'ds:KeyInfo' : { | ||
@@ -785,26 +816,2 @@ 'ds:X509Data' : { | ||
if (!this.options.callbackUrl) { | ||
throw new Error( | ||
"Unable to generate service provider metadata when callbackUrl option is not set"); | ||
} | ||
var metadata = { | ||
'EntityDescriptor' : { | ||
'@xmlns': 'urn:oasis:names:tc:SAML:2.0:metadata', | ||
'@xmlns:ds': 'http://www.w3.org/2000/09/xmldsig#', | ||
'@entityID': this.options.issuer, | ||
'SPSSODescriptor' : { | ||
'@protocolSupportEnumeration': 'urn:oasis:names:tc:SAML:2.0:protocol', | ||
'KeyDescriptor' : keyDescriptor, | ||
'NameIDFormat' : this.options.identifierFormat, | ||
'AssertionConsumerService' : { | ||
'@index': '1', | ||
'@isDefault': 'true', | ||
'@Binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST', | ||
'@Location': this.options.callbackUrl | ||
} | ||
}, | ||
} | ||
}; | ||
return xmlbuilder.create(metadata).end({ pretty: true, indent: ' ', newline: '\n' }); | ||
@@ -811,0 +818,0 @@ }; |
{ | ||
"name": "passport-saml", | ||
"version": "0.10.0", | ||
"version": "0.11.0", | ||
"licenses": [ | ||
@@ -36,3 +36,3 @@ { | ||
"xml2js": "0.4.x", | ||
"xml-crypto": "0.3.x", | ||
"xml-crypto": "0.6.x", | ||
"xmldom": "0.1.x", | ||
@@ -39,0 +39,0 @@ "xmlbuilder": "2.5.x", |
@@ -48,2 +48,3 @@ Passport-SAML | ||
* `protocol`: protocol for callback; will be combined with path and server host information to construct callback url if `callbackUrl` is not specified (default: `http://`) | ||
* `host`: host for callback; will be combined with path and protocol to construct callback url if `callbackUrl` is not specified (default: `localhost`) | ||
* `entryPoint`: identity provider entrypoint | ||
@@ -50,0 +51,0 @@ * `issuer`: issuer string to supply to identity provider |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is too big to display
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
234961
17
2403
205
+ Addedxml-crypto@0.6.1(transitive)
- Removedxml-crypto@0.3.26(transitive)
Updatedxml-crypto@0.6.x