passport-saml - npm Package Compare versions

passport-saml

Package Overview

Dependencies

Maintainers

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 3.1.2 to 3.2.0

306

CHANGELOG.md

		# Changelog

		## v3.0.0 (2021-05-14)
		## v3.1.2 (2021-08-26)

		#### 💣 Major Changes:
		#### 🔗 Dependencies:

		- Node saml separation [#574](https://github.com/node-saml/passport-saml/pull/574)
		- Remove support for deprecated `privateCert` [#569](https://github.com/node-saml/passport-saml/pull/569)
		- Enforce more secure XML encryption [#584](https://github.com/node-saml/passport-saml/pull/584)
		- Add Node 16 support; drop Node 10 [#589](https://github.com/node-saml/passport-saml/pull/589)
		- Update all dependencies to latest [#590](https://github.com/node-saml/passport-saml/pull/590)
		- Require cert for every strategy [#548](https://github.com/node-saml/passport-saml/pull/548)
		- Update xmldom to 0.7.2 - branch 3.x [#633](https://github.com/node-saml/passport-saml/pull/633)

		#### 🚀 Minor Changes:
		---

		- Update xml-crypto to v2.1.1 [#558](https://github.com/node-saml/passport-saml/pull/558)
		- Allow for authnRequestBinding in SAML options [#529](https://github.com/node-saml/passport-saml/pull/529)
		- Add optional setting to set a ceiling on how old a SAML response is allowed to be [#577](https://github.com/node-saml/passport-saml/pull/577)
		- Move XML functions to utility module [#571](https://github.com/node-saml/passport-saml/pull/571)
		- Improve the typing of the Strategy class hierarchy. [#554](https://github.com/node-saml/passport-saml/pull/554)
		- Resolve XML-encoded carriage returns during signature validation [#576](https://github.com/node-saml/passport-saml/pull/576)
		- Make sure CI builds test latest versions of dependencies [#570](https://github.com/node-saml/passport-saml/pull/570)
		- Add WantAssertionsSigned [#536](https://github.com/node-saml/passport-saml/pull/536)
		## v3.1.1 (2021-07-28)

		#### 🔗 Dependencies:
		#### 🐛 Bug Fixes:

		- bump xmldom to 0.5.x since all lower versions have security issue [#551](https://github.com/node-saml/passport-saml/pull/551)
		- Update xml-encryption to v1.2.3 [#560](https://github.com/node-saml/passport-saml/pull/560)
		- Update xml-encryption to v1.2.3 [#567](https://github.com/node-saml/passport-saml/pull/567)
		- Update all packages to latest semver-minor [#588](https://github.com/node-saml/passport-saml/pull/588)
		- Patch algorithm definitions [#625](https://github.com/node-saml/passport-saml/pull/625)

		#### ⚙️ Technical Tasks:

		- Fix main path in package.json [#623](https://github.com/node-saml/passport-saml/pull/623)

		#### 🙈 Other:

		- Remove `node-saml` code and use an import instead [#612](https://github.com/node-saml/passport-saml/pull/612)

		---

		## v3.1.0 (2021-06-17)

		#### 🐛 Bug Fixes:

		- Fix incorrect import of compiled files in tests [#572](https://github.com/node-saml/passport-saml/pull/572)
		- [security] Limit transforms for signed nodes [#595](https://github.com/node-saml/passport-saml/pull/595)
		- [pending-refinement] Fix: Conflicting profile properties between profile and attributes [#593](https://github.com/node-saml/passport-saml/pull/593)
		- Fix validateInResponseTo null check [#596](https://github.com/node-saml/passport-saml/pull/596)

		#### 📚 Documentation:

		- Remove deprecated field `privateCert` from README, tests [#591](https://github.com/node-saml/passport-saml/pull/591)
		- Add support for more tags in the changelog [#592](https://github.com/node-saml/passport-saml/pull/592)
		- Update readme on using multiSamlStrategy [#531](https://github.com/node-saml/passport-saml/pull/531)
		- Create of Code of Conduct [#573](https://github.com/node-saml/passport-saml/pull/573)
		- Changelog [#587](https://github.com/node-saml/passport-saml/pull/587)
		- Rebuild changelog for 3.0.0 [#605](https://github.com/node-saml/passport-saml/pull/605)
		- Fix typo OnBefore -> NotBefore [#611](https://github.com/node-saml/passport-saml/pull/611)

		#### ⚙️ Technical Tasks:
		#### 🙈 Other:

		- remove old callback functions, tests use async/await [#545](https://github.com/node-saml/passport-saml/pull/545)
		- async/await for saml.ts [#496](https://github.com/node-saml/passport-saml/pull/496)
		- Format code and enforce code style on PR [#527](https://github.com/node-saml/passport-saml/pull/527)
		- Tests use typescript [#534](https://github.com/node-saml/passport-saml/pull/534)
		- async / await in cache interface [#532](https://github.com/node-saml/passport-saml/pull/532)
		- Fix lint npm script to match all files including in src/ [#555](https://github.com/node-saml/passport-saml/pull/555)
		- Update README with new Cache Provider interface [#608](https://github.com/node-saml/passport-saml/pull/608)

		#### 🙈 Other:
		---

		- Revert "Update xml-encryption to v1.2.3" [#564](https://github.com/node-saml/passport-saml/pull/564)
		## v3.0.0 (2021-05-17)

		#### 💣 Major Changes:

		- Enforce more secure XML encryption [#584](https://github.com/node-saml/passport-saml/pull/584)
		- Add Node 16 support; drop Node 10 [#589](https://github.com/node-saml/passport-saml/pull/589)
		- Update all dependencies to latest [#590](https://github.com/node-saml/passport-saml/pull/590)

		#### 🔗 Dependencies:

		- Update all packages to latest semver-minor [#588](https://github.com/node-saml/passport-saml/pull/588)

		#### 📚 Documentation:

		- Add support for more tags in the changelog [#592](https://github.com/node-saml/passport-saml/pull/592)
		- Remove deprecated field `privateCert` from README, tests [#591](https://github.com/node-saml/passport-saml/pull/591)
		- Changelog [#587](https://github.com/node-saml/passport-saml/pull/587)

		---
		@@ -61,2 +68,7 @@

		#### 💣 Major Changes:

		- Remove support for deprecated `privateCert` [#569](https://github.com/node-saml/passport-saml/pull/569)
		- Node saml separation [#574](https://github.com/node-saml/passport-saml/pull/574)

		#### 🚀 Minor Changes:
		@@ -69,3 +81,8 @@
		- Resolve XML-encoded carriage returns during signature validation (2.x) [#578](https://github.com/node-saml/passport-saml/pull/578)
		- Fix incorrect import of compiled files in tests [#572](https://github.com/node-saml/passport-saml/pull/572)

		#### 📚 Documentation:

		- Create of Code of Conduct [#573](https://github.com/node-saml/passport-saml/pull/573)

		---
		@@ -78,11 +95,13 @@
		- Update xml-crypto to v2.1.1 [#557](https://github.com/node-saml/passport-saml/pull/557)
		- Update xml-crypto to v2.1.1 [#558](https://github.com/node-saml/passport-saml/pull/558)

		#### 🔗 Dependencies:

		- Update xml-encryption to v1.2.3 [#560](https://github.com/node-saml/passport-saml/pull/560)
		- Update xml-encryption to v1.2.3 [#562](https://github.com/node-saml/passport-saml/pull/562)
		- Update xml-encryption to v1.2.3 [#567](https://github.com/node-saml/passport-saml/pull/567)

		#### 🙈 Other:
		#### ⚙️ Technical Tasks:

		- Revert "Update xml-encryption to v1.2.3" [#565](https://github.com/node-saml/passport-saml/pull/565)
		- Update xml-encryption to v1.2.3 (branch 2.x) [#566](https://github.com/node-saml/passport-saml/pull/566)
		- Fix lint npm script to match all files including in src/ [#555](https://github.com/node-saml/passport-saml/pull/555)

		@@ -93,6 +112,23 @@ ---

		#### 🚀 Minor Changes:

		- Allow for authnRequestBinding in SAML options [#529](https://github.com/node-saml/passport-saml/pull/529)

		#### 🔗 Dependencies:

		- bump xmldom to 0.5.x since all lower versions have security issue [#551](https://github.com/node-saml/passport-saml/pull/551)
		- bump xmldom to 0.5.x since all lower versions have security issue (#551) [#553](https://github.com/node-saml/passport-saml/pull/553)

		#### 📚 Documentation:

		- Update readme on using multiSamlStrategy [#531](https://github.com/node-saml/passport-saml/pull/531)

		#### ⚙️ Technical Tasks:

		- remove old callback functions, tests use async/await [#545](https://github.com/node-saml/passport-saml/pull/545)
		- async/await for saml.ts [#496](https://github.com/node-saml/passport-saml/pull/496)
		- Format code and enforce code style on PR [#527](https://github.com/node-saml/passport-saml/pull/527)
		- Tests use typescript [#534](https://github.com/node-saml/passport-saml/pull/534)
		- async / await in cache interface [#532](https://github.com/node-saml/passport-saml/pull/532)

		---
		@@ -116,20 +152,6 @@

		## v2.0.3 (2020-12-21)
		## v2.0.3 (2021-01-07)

		#### 🚀 Minor Changes:

		- dev: add @types/xml-encryption [#517](https://github.com/node-saml/passport-saml/pull/517)

		#### 🔗 Dependencies:

		- upgrade deps to latest versions [#514](https://github.com/node-saml/passport-saml/pull/514)
		- Bump ini from 1.3.5 to 1.3.8 [#513](https://github.com/node-saml/passport-saml/pull/513)

		#### 🐛 Bug Fixes:

		- support windows line breaks in keys [#500](https://github.com/node-saml/passport-saml/pull/500)
		- add ts-ignore to generated type definitions for multisaml strategy [#508](https://github.com/node-saml/passport-saml/pull/508)
		- fix: derive SamlConfig from SAMLOptions [#515](https://github.com/node-saml/passport-saml/pull/515)
		- Reexport SamlConfig type to solve a regression in consumer packages [#516](https://github.com/node-saml/passport-saml/pull/516)
		- fix(typing): multi saml stratey export [#503](https://github.com/node-saml/passport-saml/pull/503)
		- normalize signature line endings before loading signature block to xml-crypto [#512](https://github.com/node-saml/passport-saml/pull/512)
		@@ -142,7 +164,2 @@

		#### 🙈 Other:

		- fix(typing): Export Multi SAML types [#505](https://github.com/node-saml/passport-saml/pull/505)
		- Prettier + ESLint + onchange = Happiness [#493](https://github.com/node-saml/passport-saml/pull/493)

		---
		@@ -152,6 +169,4 @@

		#### 🐛 Bug Fixes:
		_No changelog for this release._

		- normalize line endings before signature validation [#498](https://github.com/node-saml/passport-saml/pull/498)

		---
		@@ -161,6 +176,4 @@

		#### 🙈 Other:
		_No changelog for this release._

		- Add deprecation notice for privateCert; fix bug [#492](https://github.com/node-saml/passport-saml/pull/492)

		---
		@@ -170,23 +183,7 @@

		#### 💣 Major Changes:
		_No changelog for this release._

		- Always throw error objects instead of strings [#412](https://github.com/node-saml/passport-saml/pull/412)

		#### 🚀 Minor Changes:

		- Allow for use of privateKey instead of privateCert [#488](https://github.com/node-saml/passport-saml/pull/488)
		- feat(authorize-request): idp scoping provider [#428](https://github.com/node-saml/passport-saml/pull/428)

		#### 🐛 Bug Fixes:

		- update version of xml2js to 0.4.23, fixes #479 [#486](https://github.com/node-saml/passport-saml/pull/486)

		#### 🙈 Other:

		- inlineSources option for better source maps [#487](https://github.com/node-saml/passport-saml/pull/487)
		- fix: disable esmoduleInterop setting [#483](https://github.com/node-saml/passport-saml/pull/483)

		---

		## v1.5.0 (2020-10-29)
		## v1.5.0 (2020-10-30)

		@@ -201,7 +198,2 @@ #### 🚀 Minor Changes:

		#### 🙈 Other:

		- validateSignature: Support XML docs that contain multiple signed node… [#481](https://github.com/node-saml/passport-saml/pull/481)
		- Revert "validateSignature: Support XML docs that contain multiple signed nodes" [#480](https://github.com/node-saml/passport-saml/pull/480)

		---
		@@ -219,6 +211,4 @@

		#### 🙈 Other:
		_No changelog for this release._

		- compatibility with @types/passport-saml, fixes #475 [#476](https://github.com/node-saml/passport-saml/pull/476)

		---
		@@ -228,6 +218,2 @@

		#### 🐛 Bug Fixes:

		- Only make an attribute an object if it has child elements [#464](https://github.com/node-saml/passport-saml/pull/464)

		#### ⚙️ Technical Tasks:
		@@ -237,14 +223,2 @@

		#### 🙈 Other:

		- try to use curl when wget is not available [#468](https://github.com/node-saml/passport-saml/pull/468)
		- Ts secondary files [#474](https://github.com/node-saml/passport-saml/pull/474)
		- bumped xml-crypto from 1.5.3 to 2.0.0 [#470](https://github.com/node-saml/passport-saml/pull/470)
		- Add PR template [#473](https://github.com/node-saml/passport-saml/pull/473)
		- Drop support for Node 8 [#462](https://github.com/node-saml/passport-saml/pull/462)
		- Fix typo [#434](https://github.com/node-saml/passport-saml/pull/434)
		- Upgrade xml-crypto dependancy [#465](https://github.com/node-saml/passport-saml/pull/465)
		- Add GitHub Actions as Continuos Integration provider [#463](https://github.com/node-saml/passport-saml/pull/463)
		- fix: add catch block to NameID decryption [#461](https://github.com/node-saml/passport-saml/pull/461)

		---
		@@ -254,12 +228,4 @@

		#### 🔗 Dependencies:
		_No changelog for this release._

		- Bump lodash from 4.17.15 to 4.17.20 [#449](https://github.com/node-saml/passport-saml/pull/449)
		- Bump acorn from 7.1.0 to 7.4.0 [#448](https://github.com/node-saml/passport-saml/pull/448)

		#### 🙈 Other:

		- Return object for XML-valued AttributeValues [#447](https://github.com/node-saml/passport-saml/pull/447)
		- Revert "doc: announce site move." [#446](https://github.com/node-saml/passport-saml/pull/446)

		---
		@@ -269,6 +235,4 @@

		#### 🙈 Other:
		_No changelog for this release._

		- Fix multi saml strategy race conditions [#426](https://github.com/node-saml/passport-saml/pull/426)

		---
		@@ -278,6 +242,4 @@

		#### 🙈 Other:
		_No changelog for this release._

		- Singleline private keys [#423](https://github.com/node-saml/passport-saml/pull/423)

		---
		@@ -287,6 +249,4 @@

		#### 🙈 Other:
		_No changelog for this release._

		- Revert "convert privateCert to PEM for signing" [#421](https://github.com/node-saml/passport-saml/pull/421)

		---
		@@ -296,9 +256,7 @@

		#### 🙈 Other:
		_No changelog for this release._

		- Upgrade xml-encryption to 1.0.0 [#420](https://github.com/node-saml/passport-saml/pull/420)

		---

		## v1.3.0 (2020-01-28)
		## v1.3.0 (2020-02-06)

		@@ -313,10 +271,2 @@ #### 🚀 Minor Changes:

		- Add tests to check for correct logout [#418](https://github.com/node-saml/passport-saml/pull/418)
		- added passReqToCallback to docs [#417](https://github.com/node-saml/passport-saml/pull/417)
		- Fix an issue readme formatting [#416](https://github.com/node-saml/passport-saml/pull/416)
		- attributeConsumingServiceIndex can be zero [#414](https://github.com/node-saml/passport-saml/pull/414)
		- fix #393 adding 'inResponseTo' in the profile [#404](https://github.com/node-saml/passport-saml/pull/404)
		- Fix #355 missing parts: tests. [#402](https://github.com/node-saml/passport-saml/pull/402)
		- Fix minimum version of Node.js in Travis [#399](https://github.com/node-saml/passport-saml/pull/399)
		- Add .editorconfig as suggested in #373 [#398](https://github.com/node-saml/passport-saml/pull/398)
		- Bring-up xml-crypto to 1.4.0 [#400](https://github.com/node-saml/passport-saml/pull/400)
		@@ -326,3 +276,3 @@

		## v1.2.0 (2019-07-26)
		## v1.2.0 (2019-09-12)

		@@ -345,13 +295,2 @@ #### 🙈 Other:

		- Fix broken tests [#367](https://github.com/node-saml/passport-saml/pull/367)
		- Update README.md [#363](https://github.com/node-saml/passport-saml/pull/363)
		- Set explicitChar: true to make XML parsing consistent. Fixes issue #283 and #187 [#361](https://github.com/node-saml/passport-saml/pull/361)
		- update xml crypto to 1.1.4 [#352](https://github.com/node-saml/passport-saml/pull/352)
		- Upgrade xml-crypto to 1.1.2 [#344](https://github.com/node-saml/passport-saml/pull/344)
		- Add SamlResponseXML method to profile object [#330](https://github.com/node-saml/passport-saml/pull/330)
		- Fix Node Buffer deprecation warning: update 'new Buffer' to 'Buffer.from()' [#342](https://github.com/node-saml/passport-saml/pull/342)
		- Fix #128 documentation for body-parser dependancy [#326](https://github.com/node-saml/passport-saml/pull/326)
		- Update Node version in package.json to >=6 [#340](https://github.com/node-saml/passport-saml/pull/340)
		- Fix for failing test [#347](https://github.com/node-saml/passport-saml/pull/347)
		- Support InResponseTo validations in MultiSaml [#350](https://github.com/node-saml/passport-saml/pull/350)
		- InResponseTo support for logout [#356](https://github.com/node-saml/passport-saml/pull/356)
		@@ -364,6 +303,2 @@ - Create a way to get provider metadata when using the MultiSamlStrategy [#323](https://github.com/node-saml/passport-saml/pull/323)

		#### 💣 Major Changes:

		- Adds signing key in the metadata service provider generation. [#306](https://github.com/node-saml/passport-saml/pull/306)

		#### 🚀 Minor Changes:
		@@ -374,13 +309,2 @@

		#### 🙈 Other:

		- Include support for run-time params to be included in the generated URLs [#136](https://github.com/node-saml/passport-saml/pull/136)
		- support multiple authnContext [#298](https://github.com/node-saml/passport-saml/pull/298)
		- Handle case of missing InResponseTo when validation is on [#302](https://github.com/node-saml/passport-saml/pull/302)
		- Extend and document the profile object [#301](https://github.com/node-saml/passport-saml/pull/301)
		- Update xml-crypto to 1.0.2 [#321](https://github.com/node-saml/passport-saml/pull/321)
		- Validate issuer on logout requests/responses if configured [#314](https://github.com/node-saml/passport-saml/pull/314)
		- feat(logout): handle null and undefined on nameQualifier [#311](https://github.com/node-saml/passport-saml/pull/311)
		- entryPoint is compulsory for signed requests [#299](https://github.com/node-saml/passport-saml/pull/299)

		---
		@@ -402,6 +326,4 @@

		#### 🙈 Other:
		_No changelog for this release._

		- New Feature: allow customizing the name of the strategy. [#262](https://github.com/node-saml/passport-saml/pull/262)

		---
		@@ -411,7 +333,4 @@

		#### 🙈 Other:
		_No changelog for this release._

		- Audience validation [#253](https://github.com/node-saml/passport-saml/pull/253)
		- README: fix typo `s/ADSF/ADFS/` [#251](https://github.com/node-saml/passport-saml/pull/251)

		---
		@@ -425,6 +344,2 @@

		#### 🙈 Other:

		- Upd: Mention ADFS 2016 with NameIDFormatError. [#242](https://github.com/node-saml/passport-saml/pull/242)

		---
		@@ -449,7 +364,4 @@

		#### 🙈 Other:
		_No changelog for this release._

		- handle bad privateCert [#231](https://github.com/node-saml/passport-saml/pull/231)
		- Add support for ProviderName attribute [#216](https://github.com/node-saml/passport-saml/pull/216)

		---
		@@ -459,10 +371,7 @@

		#### 🙈 Other:
		_No changelog for this release._

		- Add badges to readme [#202](https://github.com/node-saml/passport-saml/pull/202)
		- Update README to clarify that saml.cert requires a PEM-encoded x509 c… [#133](https://github.com/node-saml/passport-saml/pull/133)

		---

		## v0.16.2 (2017-10-05)
		## v0.16.2 (2017-10-07)

		@@ -479,11 +388,6 @@ _No changelog for this release._

		## v0.16.0 (2017-04-01)
		## v0.16.0 (2017-10-04)

		#### 🙈 Other:
		_No changelog for this release._

		- Remove unused ejs package from devDeps [#195](https://github.com/node-saml/passport-saml/pull/195)
		- Fixes #170: Clarify that the certificate are looking for is: [#171](https://github.com/node-saml/passport-saml/pull/171)
		- Add the ability to sign with SHA-512 [#173](https://github.com/node-saml/passport-saml/pull/173)
		- Support detached encrypted key [#166](https://github.com/node-saml/passport-saml/pull/166)

		---
		@@ -497,3 +401,3 @@

		## v0.14.0 (2015-11-02)
		## v0.14.0 (2015-11-01)

		@@ -510,3 +414,3 @@ _No changelog for this release._

		## v0.12.0 (2015-08-19)
		## v0.12.0 (2015-08-18)

		@@ -529,3 +433,3 @@ _No changelog for this release._

		## v0.10.0 (2015-06-08)
		## v0.10.0 (2015-06-07)

		@@ -536,3 +440,3 @@ _No changelog for this release._

		## v0.9.2 (2015-04-26)
		## v0.9.2 (2015-04-25)

		@@ -561,3 +465,3 @@ _No changelog for this release._

		## v0.7.0 (2015-01-13)
		## v0.7.0 (2015-01-12)

		@@ -568,3 +472,3 @@ _No changelog for this release._

		## v0.6.2 (2015-01-06)
		## v0.6.2 (2015-01-05)

		@@ -581,3 +485,3 @@ _No changelog for this release._

		## v0.6.0 (2014-11-14)
		## v0.6.0 (2014-11-13)

		@@ -624,3 +528,3 @@ _No changelog for this release._

		## v0.2.1 (2014-06-05)
		## v0.2.1 (2014-06-04)

		@@ -637,4 +541,4 @@ _No changelog for this release._

		## v0.1.0 (2014-05-31)
		## v0.1.0 (2014-05-30)

		_No changelog for this release._

lib/node-saml/saml-post-signing.js

		@@ -8,3 +8,3 @@ "use strict";
		function signSamlPost(samlMessage, xpath, options) {
		return xml_1.signXml(samlMessage, xpath, { reference: xpath + issuerXPath, action: "after" }, options);
		return (0, xml_1.signXml)(samlMessage, xpath, { reference: xpath + issuerXPath, action: "after" }, options);
		}
		@@ -11,0 +11,0 @@ exports.signSamlPost = signSamlPost;

lib/node-saml/saml.js

		@@ -5,3 +5,3 @@ "use strict";
		const debug_1 = require("debug");
		const debug = debug_1.default("node-saml");
		const debug = (0, debug_1.default)("node-saml");
		const zlib = require("zlib");
		@@ -111,3 +111,3 @@ const crypto = require("crypto");
		validateInResponseTo: (_r = ctorOptions.validateInResponseTo) !== null && _r !== void 0 ? _r : false,
		cert: utility_1.assertRequired(ctorOptions.cert, "cert is required"),
		cert: (0, utility_1.assertRequired)(ctorOptions.cert, "cert is required"),
		requestIdExpirationPeriodMs: (_s = ctorOptions.requestIdExpirationPeriodMs) !== null && _s !== void 0 ? _s : 28800000,
		@@ -161,3 +161,3 @@ cacheProvider: (_t = ctorOptions.cacheProvider) !== null && _t !== void 0 ? _t : new inmemory_cache_provider_1.CacheProvider({
		signRequest(samlMessage) {
		this.options.privateKey = utility_1.assertRequired(this.options.privateKey, "privateKey is required");
		this.options.privateKey = (0, utility_1.assertRequired)(this.options.privateKey, "privateKey is required");
		const samlMessageToSign = {};
		@@ -182,3 +182,3 @@ samlMessage.SigAlg = algorithms.getSigningAlgorithm(this.options.signatureAlgorithm);
		async generateAuthorizeRequestAsync(isPassive, isHttpPostBinding, host) {
		this.options.entryPoint = utility_1.assertRequired(this.options.entryPoint, "entryPoint is required");
		this.options.entryPoint = (0, utility_1.assertRequired)(this.options.entryPoint, "entryPoint is required");
		const id = "_" + this._generateUniqueID();
		@@ -277,6 +277,6 @@ const instant = this.generateInstant();
		}
		let stringRequest = xml_1.buildXmlBuilderObject(request, false);
		let stringRequest = (0, xml_1.buildXmlBuilderObject)(request, false);
		// TODO: maybe we should always sign here
		if (isHttpPostBinding && types_1.isValidSamlSigningOptions(this.options)) {
		stringRequest = saml_post_signing_1.signAuthnRequestPost(stringRequest, this.options);
		if (isHttpPostBinding && (0, types_1.isValidSamlSigningOptions)(this.options)) {
		stringRequest = (0, saml_post_signing_1.signAuthnRequestPost)(stringRequest, this.options);
		}
		@@ -319,3 +319,3 @@ return stringRequest;
		await this.cacheProvider.saveAsync(id, instant);
		return xml_1.buildXmlBuilderObject(request, false);
		return (0, xml_1.buildXmlBuilderObject)(request, false);
		}
		@@ -344,6 +344,6 @@ _generateLogoutResponse(logoutRequest) {
		};
		return xml_1.buildXmlBuilderObject(request, false);
		return (0, xml_1.buildXmlBuilderObject)(request, false);
		}
		async _requestToUrlAsync(request, response, operation, additionalParameters) {
		this.options.entryPoint = utility_1.assertRequired(this.options.entryPoint, "entryPoint is required");
		this.options.entryPoint = (0, utility_1.assertRequired)(this.options.entryPoint, "entryPoint is required");
		let buffer;
		@@ -420,3 +420,3 @@ if (this.options.skipRequestCompression) {
		async getAuthorizeFormAsync(RelayState, host) {
		this.options.entryPoint = utility_1.assertRequired(this.options.entryPoint, "entryPoint is required");
		this.options.entryPoint = (0, utility_1.assertRequired)(this.options.entryPoint, "entryPoint is required");
		// The quoteattr() function is used in a context, where the result will not be evaluated by javascript
		@@ -509,3 +509,3 @@ // but must be interpreted by an XML or HTML parser, and it must absolutely avoid breaking the syntax
		.then((certs) => {
		certs = utility_1.assertRequired(certs, "callback didn't return cert");
		certs = (0, utility_1.assertRequired)(certs, "callback didn't return cert");
		if (!Array.isArray(certs)) {
		@@ -524,3 +524,3 @@ certs = [certs];
		checkedCerts.forEach((cert) => {
		utility_1.assertRequired(cert, "unknown cert found");
		(0, utility_1.assertRequired)(cert, "unknown cert found");
		});
		@@ -563,3 +563,3 @@ return checkedCerts;
		return certs.some((certToCheck) => {
		return xml_1.validateXmlSignatureForCert(signature, this._certToPEM(certToCheck), fullXml, currentNode);
		return (0, xml_1.validateXmlSignatureForCert)(signature, this._certToPEM(certToCheck), fullXml, currentNode);
		});
		@@ -571,3 +571,3 @@ }
		xml = Buffer.from(container.SAMLResponse, "base64").toString("utf8");
		doc = xml_1.parseDomFromString(xml);
		doc = (0, xml_1.parseDomFromString)(xml);
		if (!Object.prototype.hasOwnProperty.call(doc, "documentElement"))
		@@ -601,6 +601,6 @@ throw new Error("SAMLResponse is not valid base64-encoded XML");
		if (encryptedAssertions.length == 1) {
		this.options.decryptionPvk = utility_1.assertRequired(this.options.decryptionPvk, "No decryption key for encrypted SAML response");
		this.options.decryptionPvk = (0, utility_1.assertRequired)(this.options.decryptionPvk, "No decryption key for encrypted SAML response");
		const encryptedAssertionXml = encryptedAssertions[0].toString();
		const decryptedXml = await xml_1.decryptXml(encryptedAssertionXml, this.options.decryptionPvk);
		const decryptedDoc = xml_1.parseDomFromString(decryptedXml);
		const decryptedXml = await (0, xml_1.decryptXml)(encryptedAssertionXml, this.options.decryptionPvk);
		const decryptedDoc = (0, xml_1.parseDomFromString)(decryptedXml);
		const decryptedAssertions = xml_1.xpath.selectElements(decryptedDoc, "/*[local-name()='Assertion']");
		@@ -617,3 +617,3 @@ if (decryptedAssertions.length != 1)
		// LogoutResponse code.
		const xmljsDoc = await xml_1.parseXml2JsFromString(xml);
		const xmljsDoc = await (0, xml_1.parseXml2JsFromString)(xml);
		const response = xmljsDoc.Response;
		@@ -650,3 +650,3 @@ if (response) {
		}
		const statusXml = xml_1.buildXml2JsObject("Status", status[0]);
		const statusXml = (0, xml_1.buildXml2JsObject)("Status", status[0]);
		throw new types_2.ErrorWithXmlStatus("SAML provider returned " + msgType + " error: " + msg, statusXml);
		@@ -700,4 +700,4 @@ }
		const inflated = await inflateRawAsync(data);
		const dom = xml_1.parseDomFromString(inflated.toString());
		const doc = await xml_1.parseXml2JsFromString(inflated);
		const dom = (0, xml_1.parseDomFromString)(inflated.toString());
		const doc = await (0, xml_1.parseXml2JsFromString)(inflated);
		samlMessageType === "SAMLResponse"
		@@ -791,3 +791,3 @@ ? await this.verifyLogoutResponse(doc)
		const profile = {};
		const doc = await xml_1.parseXml2JsFromString(xml);
		const doc = await (0, xml_1.parseXml2JsFromString)(xml);
		const parsedAssertion = doc;
		@@ -985,4 +985,4 @@ const assertion = doc.Assertion;
		const xml = Buffer.from(container.SAMLRequest, "base64").toString("utf8");
		const dom = xml_1.parseDomFromString(xml);
		const doc = await xml_1.parseXml2JsFromString(xml);
		const dom = (0, xml_1.parseDomFromString)(xml);
		const doc = await (0, xml_1.parseXml2JsFromString)(xml);
		const certs = await this.certsToCheck();
		@@ -1004,3 +1004,3 @@ if (!this.validateSignature(xml, dom.documentElement, certs)) {
		if (encryptedIds.length === 1) {
		self.options.decryptionPvk = utility_1.assertRequired(self.options.decryptionPvk, "No decryption key found getting name ID for encrypted SAML response");
		self.options.decryptionPvk = (0, utility_1.assertRequired)(self.options.decryptionPvk, "No decryption key found getting name ID for encrypted SAML response");
		const encryptedDatas = xml_1.xpath.selectElements(encryptedIds[0], "./*[local-name()='EncryptedData']");
		@@ -1011,4 +1011,4 @@ if (encryptedDatas.length !== 1) {
		const encryptedDataXml = encryptedDatas[0].toString();
		const decryptedXml = await xml_1.decryptXml(encryptedDataXml, self.options.decryptionPvk);
		const decryptedDoc = xml_1.parseDomFromString(decryptedXml);
		const decryptedXml = await (0, xml_1.decryptXml)(encryptedDataXml, self.options.decryptionPvk);
		const decryptedDoc = (0, xml_1.parseDomFromString)(decryptedXml);
		const decryptedIds = xml_1.xpath.selectElements(decryptedDoc, "/*[local-name()='NameID']");
		@@ -1102,6 +1102,6 @@ if (decryptedIds.length !== 1) {
		};
		return xml_1.buildXmlBuilderObject(metadata, true);
		return (0, xml_1.buildXmlBuilderObject)(metadata, true);
		}
		_keyToPEM(key) {
		key = utility_1.assertRequired(key, "key is required");
		key = (0, utility_1.assertRequired)(key, "key is required");
		if (typeof key !== "string")
		@@ -1108,0 +1108,0 @@ return key;

lib/node-saml/utility.js

		@@ -16,5 +16,5 @@ "use strict";
		const responseXpath = '//*[local-name(.)="Response" and namespace-uri(.)="urn:oasis:names:tc:SAML:2.0:protocol"]';
		return xml_1.signXml(samlMessage, responseXpath, { reference: responseXpath, action: "append" }, options);
		return (0, xml_1.signXml)(samlMessage, responseXpath, { reference: responseXpath, action: "append" }, options);
		}
		exports.signXmlResponse = signXmlResponse;
		//# sourceMappingURL=utility.js.map

lib/node-saml/xml.js

		@@ -50,3 +50,3 @@ "use strict";
		// `DOMParser` will take care of normalization tasks, like replacing XML-encoded carriage returns with actual carriage returns
		return exports.parseDomFromString(xml).toString();
		return (0, exports.parseDomFromString)(xml).toString();
		};
		@@ -99,3 +99,3 @@ /**
		throw new Error("options is required");
		if (!types_1.isValidSamlSigningOptions(options))
		if (!(0, types_1.isValidSamlSigningOptions)(options))
		throw new Error("options.privateKey is required");
		@@ -102,0 +102,0 @@ const transforms = (_a = options.xmlSignatureTransforms) !== null && _a !== void 0 ? _a : defaultTransforms;

package.json

		{
		"name": "passport-saml",
		"version": "3.1.2",
		"version": "3.2.0",
		"description": "SAML 2.0 authentication strategy for Passport",
		@@ -53,4 +53,4 @@ "keywords": [
		"dependencies": {
		"@xmldom/xmldom": "^0.7.2",
		"debug": "^4.3.1",
		"@xmldom/xmldom": "^0.7.5",
		"debug": "^4.3.2",
		"passport-strategy": "^1.0.0",
		@@ -63,19 +63,19 @@ "xml-crypto": "^2.1.3",
		"devDependencies": {
		"@types/debug": "^4.1.5",
		"@types/mocha": "^8.2.2",
		"@types/node": "^14.14.44",
		"@types/debug": "^4.1.7",
		"@types/mocha": "^8.2.3",
		"@types/node": "^14.17.17",
		"@types/passport-strategy": "^0.2.35",
		"@types/request": "^2.48.5",
		"@types/sinon": "^10.0.0",
		"@types/xml-crypto": "^1.4.1",
		"@types/xml-encryption": "^1.2.0",
		"@types/xml2js": "^0.4.8",
		"@typescript-eslint/eslint-plugin": "^4.23.0",
		"@typescript-eslint/parser": "^4.23.0",
		"@types/request": "^2.48.7",
		"@types/sinon": "^10.0.2",
		"@types/xml-crypto": "^1.4.2",
		"@types/xml-encryption": "^1.2.1",
		"@types/xml2js": "^0.4.9",
		"@typescript-eslint/eslint-plugin": "^4.31.1",
		"@typescript-eslint/parser": "^4.31.1",
		"body-parser": "^1.19.0",
		"choma": "^1.2.1",
		"concurrently": "^6.1.0",
		"eslint": "^7.26.0",
		"concurrently": "^6.2.1",
		"eslint": "^7.32.0",
		"eslint-config-prettier": "^8.3.0",
		"eslint-plugin-prettier": "^3.4.0",
		"eslint-plugin-prettier": "^3.4.1",
		"express": "^4.17.1",
		@@ -86,5 +86,5 @@ "github-release-notes": "^0.17.3",
		"passport": "^0.4.1",
		"prettier": "^2.3.0",
		"prettier-plugin-packagejson": "^2.2.11",
		"release-it": "^14.6.2",
		"prettier": "^2.4.1",
		"prettier-plugin-packagejson": "^2.2.12",
		"release-it": "^14.11.5",
		"request": "^2.83.0",
		@@ -94,3 +94,3 @@ "should": "^13.2.3",
		"ts-node": "^9.1.1",
		"typescript": "^4.2.4"
		"typescript": "^4.4.3"
		},
		@@ -97,0 +97,0 @@ "engines": {

lib/passport-saml/algorithms.d.ts

lib/passport-saml/algorithms.js

lib/passport-saml/algorithms.js.map

lib/passport-saml/inmemory-cache-provider.d.ts

lib/passport-saml/inmemory-cache-provider.js

lib/passport-saml/inmemory-cache-provider.js.map

lib/passport-saml/saml-post-signing.d.ts

lib/passport-saml/saml-post-signing.js

lib/passport-saml/saml-post-signing.js.map

lib/passport-saml/saml.d.ts

lib/passport-saml/saml.js

lib/passport-saml/saml.js.map

lib/passport-saml/utility.d.ts

lib/passport-saml/utility.js

lib/passport-saml/utility.js.map

lib/passport-saml/xml.d.ts

lib/passport-saml/xml.js

lib/passport-saml/xml.js.map

lib/src/passport-saml/algorithms.d.ts

lib/src/passport-saml/algorithms.js

lib/src/passport-saml/algorithms.js.map

lib/src/passport-saml/index.d.ts

lib/src/passport-saml/index.js

lib/src/passport-saml/index.js.map

lib/src/passport-saml/inmemory-cache-provider.d.ts

lib/src/passport-saml/inmemory-cache-provider.js

lib/src/passport-saml/inmemory-cache-provider.js.map

lib/src/passport-saml/multiSamlStrategy.d.ts

lib/src/passport-saml/multiSamlStrategy.js

lib/src/passport-saml/multiSamlStrategy.js.map

lib/src/passport-saml/saml-post-signing.d.ts

lib/src/passport-saml/saml-post-signing.js

lib/src/passport-saml/saml-post-signing.js.map

lib/src/passport-saml/saml.d.ts

lib/src/passport-saml/saml.js

lib/src/passport-saml/saml.js.map

lib/src/passport-saml/strategy.d.ts

lib/src/passport-saml/strategy.js

lib/src/passport-saml/strategy.js.map

lib/src/passport-saml/types.d.ts

lib/src/passport-saml/types.js

lib/src/passport-saml/types.js.map

lib/test.d.ts

lib/test.js

lib/test.js.map

lib/node-saml/saml-post-signing.js.map