passport-saml - npm Package Compare versions

Comparing version 0.3.0 to 0.4.0

lib/passport-saml/saml.js

		@@ -24,6 +24,2 @@ var zlib = require('zlib');

		if (!options.protocol) {
		options.protocol = 'https://';
		}

		if (!options.path) {
		@@ -84,2 +80,3 @@ options.path = '/saml/consume';
		var instant = this.generateInstant();
		var protocol = this.options.protocol \|\| (req.protocol \|\| 'http').concat('://');
		var callbackUrl;
		@@ -95,3 +92,3 @@
		} else {
		callbackUrl = this.options.protocol + req.headers.host + this.options.path;
		callbackUrl = protocol + req.headers.host + this.options.path;
		}
		@@ -258,3 +255,3 @@
		var self = this;
		var xpathSigQuery = ".//*[local-name(.)='Signature' and " +
		var xpathSigQuery = ".//*[local-name(.)='Signature' and " +
		"namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']";
		@@ -286,3 +283,3 @@ var signatures = xpath(currentNode, xpathSigQuery);
		return false;
		// If we find any extra referenced nodes, reject. (xml-crypto only verifies one digest, so
		// If we find any extra referenced nodes, reject. (xml-crypto only verifies one digest, so
		// multiple candidate references is bad news)
		@@ -328,4 +325,4 @@ var totalReferencedNodes = xpath(currentNode.ownerDocument, "//*[@ID='" + refId + "']");
		if (assertions.length == 1) {
		if (self.options.cert &&
		!validSignature &&
		if (self.options.cert &&
		!validSignature &&
		!self.validateSignature(xml, assertions[0], self.options.cert)) {
		@@ -431,7 +428,7 @@ return callback(new Error('Invalid signature'), null, false);

		if (nameID[0].$.Format) {
		if (nameID[0].$ && nameID[0].$.Format) {
		profile.nameIDFormat = nameID[0].$.Format;
		}
		}
		}
		}

		@@ -529,2 +526,4 @@ var nowMs = new Date().getTime();

		profile.getAssertionXml = function() { return xml; };

		callback(null, profile, false);
		@@ -531,0 +530,0 @@ });

lib/passport-saml/strategy.js

		@@ -28,2 +28,4 @@ var passport = require('passport');

		options.samlFallback = options.samlFallback \|\| 'login-request';

		function validateCallback(err, profile, loggedOut) {
		@@ -70,5 +72,3 @@ if (err) {
		this._saml.validatePostRequest(req.body, validateCallback);
		} else if (options.samlFallback) {
		// Initiate fallback redirection

		} else {
		var operation = {
		@@ -82,4 +82,2 @@ 'login-request': 'getAuthorizeUrl',
		this._saml[operation](req, redirectIfSuccess);
		} else {
		return self.fail();
		}
		@@ -86,0 +84,0 @@ };

package.json

		{
		"name": "passport-saml",
		"version": "0.3.0",
		"version": "0.4.0",
		"licenses": [
		@@ -5,0 +5,0 @@ {

README.md

		@@ -8,3 +8,3 @@ Passport-SAML

		Passport-SAML has been tested to work with both [SimpleSAMLphp](http://simplesamlphp.org/) based Identity Providers, and with [Active Directory Federation Services](http://en.wikipedia.org/wiki/Active_Directory_Federation_Services).
		Passport-SAML has been tested to work with Onelogin, Okta, Shibboleth, [SimpleSAMLphp](http://simplesamlphp.org/) based Identity Providers, and with [Active Directory Federation Services](http://en.wikipedia.org/wiki/Active_Directory_Federation_Services).

		@@ -82,5 +82,2 @@ ## Installation

		Additional config values supported:
		* `samlFallback`: if set to `login-request`, will initiate a redirect to identity provider on authentication failure

		### generateServiceProviderMetadata( decryptionCert )
		@@ -158,10 +155,9 @@
		{
		save: function(key, value){

		save: function(key, value) {
		// save the key with the optional value
		},
		exists: function(key){
		// returns true/false if the key exists or not
		get: function(key) {
		// returns the value of the key if it exists, otherwise null
		},
		remove: function(key){
		remove: function(key) {
		// removes the key from the cache
		@@ -168,0 +164,0 @@ }

test/tests.js

Sorry, the diff of this file is too big to display

passport-saml - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics