passport-saml
Advanced tools
passport-saml - npm Package Compare versions
Comparing version 0.2.0 to 0.2.1
@@ -487,2 +487,57 @@ var zlib = require('zlib'); | ||
| SAML.prototype.generateServiceProviderMetadata = function( decryptionCert ) { | ||
| var keyDescriptor = null; | ||
| if (this.options.decryptionPvk) { | ||
| if (!decryptionCert) { | ||
| throw new Error( | ||
| "Missing decryptionCert while generating metadata for decrypting service provider"); | ||
| } | ||
| decryptionCert = decryptionCert.replace( /-+BEGIN CERTIFICATE-+\r?\n?/, '' ); | ||
| decryptionCert = decryptionCert.replace( /-+END CERTIFICATE-+\r?\n?/, '' ); | ||
| keyDescriptor = { | ||
| 'ds:KeyInfo' : { | ||
| 'ds:X509Data' : { | ||
| 'ds:X509Certificate': { | ||
| '#text': decryptionCert | ||
| } | ||
| } | ||
| }, | ||
| '#list' : [ | ||
| // this should be the set that the xmlenc library supports | ||
| { 'EncryptionMethod': { '@Algorithm': 'http://www.w3.org/2001/04/xmlenc#aes256-cbc' } }, | ||
| { 'EncryptionMethod': { '@Algorithm': 'http://www.w3.org/2001/04/xmlenc#aes128-cbc' } }, | ||
| { 'EncryptionMethod': { '@Algorithm': 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc' } }, | ||
| ] | ||
| }; | ||
| } | ||
| if (!this.options.callbackUrl) { | ||
| throw new Error( | ||
| "Unable to generate service provider metadata when callbackUrl option is not set"); | ||
| } | ||
| var metadata = { | ||
| 'EntityDescriptor' : { | ||
| '@xmlns': 'urn:oasis:names:tc:SAML:2.0:metadata', | ||
| '@xmlns:ds': 'http://www.w3.org/2000/09/xmldsig#', | ||
| '@entityID': this.options.issuer, | ||
| 'SPSSODescriptor' : { | ||
| '@protocolSupportEnumeration': 'urn:oasis:names:tc:SAML:2.0:protocol', | ||
| 'KeyDescriptor' : keyDescriptor, | ||
| 'NameIDFormat' : this.options.identifierFormat, | ||
| 'AssertionConsumerService' : { | ||
| '@index': '1', | ||
| '@isDefault': 'true', | ||
| '@Binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST', | ||
| '@Location': this.options.callbackUrl | ||
| } | ||
| }, | ||
| } | ||
| }; | ||
| return xmlbuilder.create(metadata).end({ pretty: true, indent: ' ', newline: '\n' }); | ||
| }; | ||
| exports.SAML = SAML; |
@@ -89,2 +89,6 @@ var passport = require('passport'); | ||
| Strategy.prototype.generateServiceProviderMetadata = function( decryptionCert ) { | ||
| return this._saml.generateServiceProviderMetadata( decryptionCert ); | ||
| }; | ||
| module.exports = Strategy; |
| { | ||
| "name": "passport-saml", | ||
| "version": "0.2.0", | ||
| "version": "0.2.1", | ||
| "licenses": [{ | ||
@@ -5,0 +5,0 @@ "type": "MIT", |
@@ -80,2 +80,9 @@ Passport-SAML | ||
| ### generateServiceProviderMetadata( decryptionCert ) | ||
| As a convenience, the strategy object exposes a `generateServiceProviderMetadata` method which will generate a service provider metadata document suitable for supplying to an identity provider. This method will only work on strategies which are configured with a `callbackUrl` (since the relative path for the callback is not sufficient information to generate a complete metadata document). | ||
| The `decryptionCert` argument should be a certificate matching the `decryptionPvk` and is required if the strategy is configured with a `decryptionPvk`. | ||
| ## Security and signatures | ||
@@ -82,0 +89,0 @@ |
Sorry, the diff of this file is too big to display
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by6.11%
142035
- Number of package files
- increased by11.76%
19
- Lines of code
- increased by5.71%
1315
- Number of lines in readme file
- increased by6.31%
118
No dependency changes