Comparing version
// Generated by CoffeeScript 1.7.1 | ||
var IdentityProvider, ServiceProvider, async, certificate_to_keyinfo, check_saml_signature, check_status_success, create_authn_request, create_logout_request, create_metadata, crypto, decrypt_assertion, format_pem, get_name_id, get_session_index, parseString, parse_assertion_attributes, parse_authn_response, parse_response_header, pretty_assertion_attributes, sign_get_request, to_error, url, util, xmlbuilder, xmlcrypto, xmldom, xmlenc, zlib, _, | ||
var IdentityProvider, ServiceProvider, XMLNS, async, certificate_to_keyinfo, check_saml_signature, check_status_success, create_authn_request, create_logout_request, create_metadata, crypto, decrypt_assertion, format_pem, get_name_id, get_session_index, parseString, parse_assertion_attributes, parse_authn_response, parse_response_header, pretty_assertion_attributes, sign_get_request, to_error, url, util, xmlbuilder, xmlcrypto, xmldom, xmlenc, zlib, _, | ||
__slice = [].slice, | ||
@@ -28,2 +28,10 @@ __bind = function(fn, me){ return function(){ return fn.apply(me, arguments); }; }; | ||
XMLNS = { | ||
SAML: 'urn:oasis:names:tc:SAML:2.0:assertion', | ||
SAMLP: 'urn:oasis:names:tc:SAML:2.0:protocol', | ||
MD: 'urn:oasis:names:tc:SAML:2.0:metadata', | ||
DS: 'http://www.w3.org/2000/09/xmldsig#', | ||
XENC: 'http://www.w3.org/2001/04/xmlenc#' | ||
}; | ||
create_authn_request = function(issuer, assert_endpoint, destination) { | ||
@@ -34,4 +42,4 @@ var id, xml; | ||
AuthnRequest: { | ||
'@xmlns': 'urn:oasis:names:tc:SAML:2.0:protocol', | ||
'@xmlns:saml': 'urn:oasis:names:tc:SAML:2.0:assertion', | ||
'@xmlns': XMLNS.SAMLP, | ||
'@xmlns:saml': XMLNS.SAML, | ||
'@Version': '2.0', | ||
@@ -59,4 +67,4 @@ '@ID': id, | ||
'md:EntityDescriptor': { | ||
'@xmlns:md': 'urn:oasis:names:tc:SAML:2.0:metadata', | ||
'@xmlns:ds': 'http://www.w3.org/2000/09/xmldsig#', | ||
'@xmlns:md': XMLNS.MD, | ||
'@xmlns:ds': XMLNS.DS, | ||
'@entityID': issuer, | ||
@@ -85,4 +93,4 @@ 'md:SPSSODescriptor': [ | ||
'samlp:LogoutRequest': { | ||
'@xmlns:samlp': 'urn:oasis:names:tc:SAML:2.0:protocol', | ||
'@xmlns:saml': 'urn:oasis:names:tc:SAML:2.0:assertion', | ||
'@xmlns:samlp': XMLNS.SAMLP, | ||
'@xmlns:saml': XMLNS.SAML, | ||
'@ID': '_' + crypto.randomBytes(21).toString('hex'), | ||
@@ -128,3 +136,3 @@ '@Version': '2.0', | ||
'ds:KeyInfo': { | ||
'@xmlns:ds': 'http://www.w3.org/2000/09/xmldsig#', | ||
'@xmlns:ds': XMLNS.DS, | ||
'ds:X509Data': { | ||
@@ -159,3 +167,3 @@ 'ds:X509Certificate': cert_data.replace(/[\r\n|\n]/g, '') | ||
var attr, status, status_code, _i, _j, _len, _len1, _ref, _ref1; | ||
status = dom.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:protocol', 'Status'); | ||
status = dom.getElementsByTagNameNS(XMLNS.SAMLP, 'Status'); | ||
if (status.length !== 1) { | ||
@@ -200,7 +208,7 @@ return false; | ||
try { | ||
encrypted_assertion = dom.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:assertion', 'EncryptedAssertion'); | ||
encrypted_assertion = dom.getElementsByTagNameNS(XMLNS.SAML, 'EncryptedAssertion'); | ||
if (encrypted_assertion.length !== 1) { | ||
return cb(new Error("Expected 1 EncryptedAssertion; found " + encrypted_assertion.length + ".")); | ||
} | ||
encrypted_data = encrypted_assertion[0].getElementsByTagNameNS('http://www.w3.org/2001/04/xmlenc#', 'EncryptedData'); | ||
encrypted_data = encrypted_assertion[0].getElementsByTagNameNS(XMLNS.XENC, 'EncryptedData'); | ||
if (encrypted_data.length !== 1) { | ||
@@ -223,3 +231,3 @@ return cb(new Error("Expected 1 EncryptedData inside EncryptedAssertion; found " + encrypted_data.length + ".")); | ||
response_type = _ref[_i]; | ||
response = dom.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:protocol', response_type); | ||
response = dom.getElementsByTagNameNS(XMLNS.SAMLP, response_type); | ||
if (response.length > 0) { | ||
@@ -254,11 +262,11 @@ break; | ||
var assertion, nameid, subject, _ref; | ||
assertion = dom.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:assertion', 'Assertion'); | ||
assertion = dom.getElementsByTagNameNS(XMLNS.SAML, 'Assertion'); | ||
if (assertion.length !== 1) { | ||
throw new Error("Expected 1 Assertion; found " + assertion.length); | ||
} | ||
subject = assertion[0].getElementsByTagName('Subject'); | ||
subject = assertion[0].getElementsByTagNameNS(XMLNS.SAML, 'Subject'); | ||
if (subject.length !== 1) { | ||
throw new Error("Expected 1 Subject; found " + subject.length); | ||
} | ||
nameid = subject[0].getElementsByTagName('NameID'); | ||
nameid = subject[0].getElementsByTagNameNS(XMLNS.SAML, 'NameID'); | ||
if (nameid.length !== 1) { | ||
@@ -272,7 +280,7 @@ return null; | ||
var assertion, attr, authn_statement, _i, _len, _ref; | ||
assertion = dom.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:assertion', 'Assertion'); | ||
assertion = dom.getElementsByTagNameNS(XMLNS.SAML, 'Assertion'); | ||
if (assertion.length !== 1) { | ||
throw new Error("Expected 1 Assertion; found " + assertion.length); | ||
} | ||
authn_statement = assertion[0].getElementsByTagName('AuthnStatement'); | ||
authn_statement = assertion[0].getElementsByTagNameNS(XMLNS.SAML, 'AuthnStatement'); | ||
if (authn_statement.length !== 1) { | ||
@@ -293,7 +301,7 @@ throw new Error("Expected 1 AuthnStatement; found " + authn_statement.length); | ||
var assertion, assertion_attributes, attr, attribute, attribute_name, attribute_statement, _i, _j, _len, _len1, _ref, _ref1; | ||
assertion = dom.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:assertion', 'Assertion'); | ||
assertion = dom.getElementsByTagNameNS(XMLNS.SAML, 'Assertion'); | ||
if (assertion.length !== 1) { | ||
throw new Error("Expected 1 Assertion; found " + assertion.length); | ||
} | ||
attribute_statement = assertion[0].getElementsByTagName('AttributeStatement'); | ||
attribute_statement = assertion[0].getElementsByTagNameNS(XMLNS.SAML, 'AttributeStatement'); | ||
if (attribute_statement.length !== 1) { | ||
@@ -303,3 +311,3 @@ throw new Error("Expected 1 AttributeStatement inside Assertion; found " + attribute_statement.length); | ||
assertion_attributes = {}; | ||
_ref = attribute_statement[0].getElementsByTagName('Attribute'); | ||
_ref = attribute_statement[0].getElementsByTagNameNS(XMLNS.SAML, 'Attribute'); | ||
for (_i = 0, _len = _ref.length; _i < _len; _i++) { | ||
@@ -317,3 +325,3 @@ attribute = _ref[_i]; | ||
} | ||
assertion_attributes[attribute_name] = _(attribute.getElementsByTagName('AttributeValue')).map(function(attribute_value) { | ||
assertion_attributes[attribute_name] = _(attribute.getElementsByTagNameNS(XMLNS.SAML, 'AttributeValue')).map(function(attribute_value) { | ||
return attribute_value.childNodes[0].data; | ||
@@ -444,6 +452,6 @@ }); | ||
switch (false) { | ||
case saml_response.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:protocol', 'Response').length !== 1: | ||
case saml_response.getElementsByTagNameNS(XMLNS.SAMLP, 'Response').length !== 1: | ||
response.type = 'authn_response'; | ||
return parse_authn_response(saml_response, _this.private_key, identity_provider.certificate, cb_wf); | ||
case saml_response.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:protocol', 'LogoutResponse').length !== 1: | ||
case saml_response.getElementsByTagNameNS(XMLNS.SAMLP, 'LogoutResponse').length !== 1: | ||
response.type = 'logout_response'; | ||
@@ -450,0 +458,0 @@ return setImmediate(cb_wf, null, {}); |
{ | ||
"name": "saml2-js", | ||
"version": "0.2.1", | ||
"version": "0.2.2", | ||
"description": "SAML 2.0 node helpers", | ||
@@ -5,0 +5,0 @@ "author": "Clever", |
Sorry, the diff of this file is not supported yet
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
61320
5.91%21
5%466
1.53%