passport-saml - npm Package Compare versions

Comparing version 0.20.0 to 0.20.2

lib/passport-saml/saml.js

@@ -202,2 +202,6 @@ var zlib = require('zlib');
 
+    if (self.options.providerName) {
+      request['samlp:AuthnRequest']['@ProviderName'] = self.options.providerName;
+    }
+
     callback(null, xmlbuilder.create(request).end());
@@ -312,4 +316,8 @@ })
     if (self.options.privateCert) {
-      // sets .SigAlg and .Signature
-      self.signRequest(samlMessage);
+      try {
+        // sets .SigAlg and .Signature
+        self.signRequest(samlMessage);
+      } catch (ex) {
+        return callback(ex);
+      }
     }
@@ -316,0 +324,0 @@ Object.keys(samlMessage).forEach(function(k) {

package.json

 {
   "name": "passport-saml",
-  "version": "0.20.0",
-  "licenses": [
-    {
-      "type": "MIT",
-      "url": "https://github.com/bergie/passport-saml/raw/master/LICENSE"
-    }
-  ],
+  "version": "0.20.2",
+  "license" : "MIT",
   "keywords": [
@@ -25,3 +20,4 @@ "saml",
     "Herbert Vojčík",
-    "Peter Loer"
+    "Peter Loer",
+    "Mark Stosberg"
   ],
@@ -36,6 +32,6 @@ "repository": {
     "q": "^1.5.0",
-    "xml-crypto": "^0.9.0",
+    "xml-crypto": "^0.10.1",
     "xml-encryption": "^0.11.0",
     "xml2js": "0.4.x",
-    "xmlbuilder": "^8.2.2",
+    "xmlbuilder": "^9.0.4",
     "xmldom": "0.1.x"
@@ -45,7 +41,7 @@ },
     "body-parser": "^1.17.1",
-    "express": "4.x",
+    "express": "^4.16.2",
     "jshint": "*",
     "mocha": "*",
-    "passport": "0.3.x",
-    "request": "*",
+    "passport": "0.4.x",
+    "request": "^2.83.0",
     "should": "*",
@@ -52,0 +48,0 @@ "sinon": "^2.1.0"

README.md

 Passport-SAML
 =============
+[![Build Status](https://travis-ci.org/bergie/passport-saml.svg?branch=master)](https://travis-ci.org/bergie/passport-saml) [![GitHub version](https://badge.fury.io/gh/bergie%2Fpassport-saml.svg)](https://badge.fury.io/gh/bergie%2Fpassport-saml) [![npm version](https://badge.fury.io/js/passport-saml.svg)](http://badge.fury.io/js/passport-saml) [![dependencies](https://david-dm.org/bergie/passport-saml.svg)](https://david-dm.org/bergie/passport-saml.svg) [![devDependencies](https://david-dm.org/bergie/passport-saml/dev-status.svg)](https://david-dm.org/bergie/passport-saml/dev-status.svg) [![peerDependencies](https://david-dm.org/bergie/passport-saml/peer-status.svg)](https://david-dm.org/bergie/passport-saml/peer-status.svg)
 
+[![NPM](https://nodei.co/npm/passport-saml.png?downloads=true&downloadRank=true&stars=true)](https://nodei.co/npm/passport-saml/)
+
 This is a [SAML 2.0](http://en.wikipedia.org/wiki/SAML_2.0) authentication provider for [Passport](http://passportjs.org/), the Node.js authentication library.
@@ -65,2 +68,3 @@
   * `forceAuthn`: if set to true, the initial SAML request from the service provider specifies that the IdP should force re-authentication of the user, even if they possess a valid session.
+  * `providerName`: optional human-readable name of the requester for use by the presenter's user agent or the identity provider
   * `skipRequestCompression`: if set to true, the SAML request from the service provider won't be compressed.
@@ -79,2 +83,3 @@ * `authnRequestBinding`: if set to `HTTP-POST`, will request authentication from IDP via HTTP POST binding, otherwise defaults to HTTP Redirect
 
+
 ### Provide the authentication callback
@@ -123,4 +128,5 @@
 
-It is a good idea to validate the incoming SAML Responses. For this, you can provide the Identity Provider's public signing certificate using the `cert` configuration key:
 
+It is a good idea to validate the incoming SAML Responses. For this, you can provide the Identity Provider's public PEM-encoded X.509 certificate using the `cert` confguration key. The "BEGIN CERTIFICATE" and "END CERTIFICATE" lines should be stripped out and the certificate should be provided on a single line.
+
 ```javascript
@@ -130,2 +136,8 @@ cert: 'MIICizCCAfQCCQCY8tKaMc0BMjANBgkqh ... W=='
 
+If you have a certificate in the binary DER encoding, you can convert it to the necessary PEM encoding like this:
+
+```bash
+     openssl x509 -inform der -in my_certificate.cer -out my_certificate.pem
+````
+
 ## Usage with Active Directory Federation Services
@@ -132,0 +144,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

311387

increased by2.12%

Lines of code

2860

increased by2.8%

Number of lines in readme file

224

increased by5.66%

Dependency changes

• + Addedxml-crypto@0.10.1(transitive)

• + Addedxmlbuilder@9.0.7(transitive)

• - Removedxml-crypto@0.9.0(transitive)

• - Removedxmlbuilder@8.2.2(transitive)

• Updatedxml-crypto@^0.10.1

• Updatedxmlbuilder@^9.0.4