🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

saml2-js

Package Overview
Dependencies
Maintainers
1
Versions
62
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

saml2-js - npm Package Compare versions

Comparing version

0.2.1
to
0.2.2

test/data/good_assertion_explicit_namespaces.xml

54

lib-js/saml2.js
// Generated by CoffeeScript 1.7.1
var IdentityProvider, ServiceProvider, async, certificate_to_keyinfo, check_saml_signature, check_status_success, create_authn_request, create_logout_request, create_metadata, crypto, decrypt_assertion, format_pem, get_name_id, get_session_index, parseString, parse_assertion_attributes, parse_authn_response, parse_response_header, pretty_assertion_attributes, sign_get_request, to_error, url, util, xmlbuilder, xmlcrypto, xmldom, xmlenc, zlib, _,
var IdentityProvider, ServiceProvider, XMLNS, async, certificate_to_keyinfo, check_saml_signature, check_status_success, create_authn_request, create_logout_request, create_metadata, crypto, decrypt_assertion, format_pem, get_name_id, get_session_index, parseString, parse_assertion_attributes, parse_authn_response, parse_response_header, pretty_assertion_attributes, sign_get_request, to_error, url, util, xmlbuilder, xmlcrypto, xmldom, xmlenc, zlib, _,
__slice = [].slice,

@@ -28,2 +28,10 @@ __bind = function(fn, me){ return function(){ return fn.apply(me, arguments); }; };

XMLNS = {
SAML: 'urn:oasis:names:tc:SAML:2.0:assertion',
SAMLP: 'urn:oasis:names:tc:SAML:2.0:protocol',
MD: 'urn:oasis:names:tc:SAML:2.0:metadata',
DS: 'http://www.w3.org/2000/09/xmldsig#',
XENC: 'http://www.w3.org/2001/04/xmlenc#'
};
create_authn_request = function(issuer, assert_endpoint, destination) {

@@ -34,4 +42,4 @@ var id, xml;

AuthnRequest: {
'@xmlns': 'urn:oasis:names:tc:SAML:2.0:protocol',
'@xmlns:saml': 'urn:oasis:names:tc:SAML:2.0:assertion',
'@xmlns': XMLNS.SAMLP,
'@xmlns:saml': XMLNS.SAML,
'@Version': '2.0',

@@ -59,4 +67,4 @@ '@ID': id,

'md:EntityDescriptor': {
'@xmlns:md': 'urn:oasis:names:tc:SAML:2.0:metadata',
'@xmlns:ds': 'http://www.w3.org/2000/09/xmldsig#',
'@xmlns:md': XMLNS.MD,
'@xmlns:ds': XMLNS.DS,
'@entityID': issuer,

@@ -85,4 +93,4 @@ 'md:SPSSODescriptor': [

'samlp:LogoutRequest': {
'@xmlns:samlp': 'urn:oasis:names:tc:SAML:2.0:protocol',
'@xmlns:saml': 'urn:oasis:names:tc:SAML:2.0:assertion',
'@xmlns:samlp': XMLNS.SAMLP,
'@xmlns:saml': XMLNS.SAML,
'@ID': '_' + crypto.randomBytes(21).toString('hex'),

@@ -128,3 +136,3 @@ '@Version': '2.0',

'ds:KeyInfo': {
'@xmlns:ds': 'http://www.w3.org/2000/09/xmldsig#',
'@xmlns:ds': XMLNS.DS,
'ds:X509Data': {

@@ -159,3 +167,3 @@ 'ds:X509Certificate': cert_data.replace(/[\r\n|\n]/g, '')

var attr, status, status_code, _i, _j, _len, _len1, _ref, _ref1;
status = dom.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:protocol', 'Status');
status = dom.getElementsByTagNameNS(XMLNS.SAMLP, 'Status');
if (status.length !== 1) {

@@ -200,7 +208,7 @@ return false;

try {
encrypted_assertion = dom.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:assertion', 'EncryptedAssertion');
encrypted_assertion = dom.getElementsByTagNameNS(XMLNS.SAML, 'EncryptedAssertion');
if (encrypted_assertion.length !== 1) {
return cb(new Error("Expected 1 EncryptedAssertion; found " + encrypted_assertion.length + "."));
}
encrypted_data = encrypted_assertion[0].getElementsByTagNameNS('http://www.w3.org/2001/04/xmlenc#', 'EncryptedData');
encrypted_data = encrypted_assertion[0].getElementsByTagNameNS(XMLNS.XENC, 'EncryptedData');
if (encrypted_data.length !== 1) {

@@ -223,3 +231,3 @@ return cb(new Error("Expected 1 EncryptedData inside EncryptedAssertion; found " + encrypted_data.length + "."));

response_type = _ref[_i];
response = dom.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:protocol', response_type);
response = dom.getElementsByTagNameNS(XMLNS.SAMLP, response_type);
if (response.length > 0) {

@@ -254,11 +262,11 @@ break;

var assertion, nameid, subject, _ref;
assertion = dom.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:assertion', 'Assertion');
assertion = dom.getElementsByTagNameNS(XMLNS.SAML, 'Assertion');
if (assertion.length !== 1) {
throw new Error("Expected 1 Assertion; found " + assertion.length);
}
subject = assertion[0].getElementsByTagName('Subject');
subject = assertion[0].getElementsByTagNameNS(XMLNS.SAML, 'Subject');
if (subject.length !== 1) {
throw new Error("Expected 1 Subject; found " + subject.length);
}
nameid = subject[0].getElementsByTagName('NameID');
nameid = subject[0].getElementsByTagNameNS(XMLNS.SAML, 'NameID');
if (nameid.length !== 1) {

@@ -272,7 +280,7 @@ return null;

var assertion, attr, authn_statement, _i, _len, _ref;
assertion = dom.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:assertion', 'Assertion');
assertion = dom.getElementsByTagNameNS(XMLNS.SAML, 'Assertion');
if (assertion.length !== 1) {
throw new Error("Expected 1 Assertion; found " + assertion.length);
}
authn_statement = assertion[0].getElementsByTagName('AuthnStatement');
authn_statement = assertion[0].getElementsByTagNameNS(XMLNS.SAML, 'AuthnStatement');
if (authn_statement.length !== 1) {

@@ -293,7 +301,7 @@ throw new Error("Expected 1 AuthnStatement; found " + authn_statement.length);

var assertion, assertion_attributes, attr, attribute, attribute_name, attribute_statement, _i, _j, _len, _len1, _ref, _ref1;
assertion = dom.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:assertion', 'Assertion');
assertion = dom.getElementsByTagNameNS(XMLNS.SAML, 'Assertion');
if (assertion.length !== 1) {
throw new Error("Expected 1 Assertion; found " + assertion.length);
}
attribute_statement = assertion[0].getElementsByTagName('AttributeStatement');
attribute_statement = assertion[0].getElementsByTagNameNS(XMLNS.SAML, 'AttributeStatement');
if (attribute_statement.length !== 1) {

@@ -303,3 +311,3 @@ throw new Error("Expected 1 AttributeStatement inside Assertion; found " + attribute_statement.length);

assertion_attributes = {};
_ref = attribute_statement[0].getElementsByTagName('Attribute');
_ref = attribute_statement[0].getElementsByTagNameNS(XMLNS.SAML, 'Attribute');
for (_i = 0, _len = _ref.length; _i < _len; _i++) {

@@ -317,3 +325,3 @@ attribute = _ref[_i];

}
assertion_attributes[attribute_name] = _(attribute.getElementsByTagName('AttributeValue')).map(function(attribute_value) {
assertion_attributes[attribute_name] = _(attribute.getElementsByTagNameNS(XMLNS.SAML, 'AttributeValue')).map(function(attribute_value) {
return attribute_value.childNodes[0].data;

@@ -444,6 +452,6 @@ });

switch (false) {
case saml_response.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:protocol', 'Response').length !== 1:
case saml_response.getElementsByTagNameNS(XMLNS.SAMLP, 'Response').length !== 1:
response.type = 'authn_response';
return parse_authn_response(saml_response, _this.private_key, identity_provider.certificate, cb_wf);
case saml_response.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:protocol', 'LogoutResponse').length !== 1:
case saml_response.getElementsByTagNameNS(XMLNS.SAMLP, 'LogoutResponse').length !== 1:
response.type = 'logout_response';

@@ -450,0 +458,0 @@ return setImmediate(cb_wf, null, {});

2

package.json
{
"name": "saml2-js",
"version": "0.2.1",
"version": "0.2.2",
"description": "SAML 2.0 node helpers",

@@ -5,0 +5,0 @@ "author": "Clever",

test/saml2.coffee

Sorry, the diff of this file is not supported yet