Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
saml2-js - npm Package Compare versions
Comparing version 0.2.2 to 0.2.3
@@ -145,3 +145,3 @@ // Generated by CoffeeScript 1.7.1 | ||
| if (signature.length !== 1) { | ||
| return cb(new Error("Expected 1 Signature; found " + signature.length)); | ||
| return false; | ||
| } | ||
@@ -155,6 +155,3 @@ sig = new xmlcrypto.SignedXml(); | ||
| sig.loadSignature(signature[0].toString()); | ||
| if (sig.checkSignature(xml)) { | ||
| return cb(null); | ||
| } | ||
| return cb(new Error("SAML Assertion signature check failed!")); | ||
| return sig.checkSignature(xml); | ||
| }; | ||
@@ -355,3 +352,3 @@ | ||
| parse_authn_response = function(saml_response, sp_private_key, idp_certificate, cb) { | ||
| parse_authn_response = function(saml_response, sp_private_key, idp_certificates, cb) { | ||
| var decrypted_assertion, user; | ||
@@ -365,3 +362,8 @@ user = {}; | ||
| decrypted_assertion = (new xmldom.DOMParser()).parseFromString(result); | ||
| return check_saml_signature(result, idp_certificate, cb_wf); | ||
| if (!_.some(idp_certificates, function(cert) { | ||
| return check_saml_signature(result, cert); | ||
| })) { | ||
| return cb_wf(new Error("SAML Assertion signature check failed! (checked " + idp_certificates.length + " certificate(s))")); | ||
| } | ||
| return cb_wf(null); | ||
| }, function(cb_wf) { | ||
@@ -445,3 +447,3 @@ return async.lift(get_name_id)(decrypted_assertion, cb_wf); | ||
| response.type = 'authn_response'; | ||
| return parse_authn_response(saml_response, _this.private_key, identity_provider.certificate, cb_wf); | ||
| return parse_authn_response(saml_response, _this.private_key, identity_provider.certificates, cb_wf); | ||
| case saml_response.getElementsByTagNameNS(XMLNS.SAMLP, 'LogoutResponse').length !== 1: | ||
@@ -484,6 +486,9 @@ response.type = 'logout_response'; | ||
| module.exports.IdentityProvider = IdentityProvider = (function() { | ||
| function IdentityProvider(sso_login_url, sso_logout_url, certificate) { | ||
| function IdentityProvider(sso_login_url, sso_logout_url, certificates) { | ||
| this.sso_login_url = sso_login_url; | ||
| this.sso_logout_url = sso_logout_url; | ||
| this.certificate = certificate; | ||
| this.certificates = certificates; | ||
| if (!_.isArray(this.certificates)) { | ||
| this.certificates = [this.certificates]; | ||
| } | ||
| } | ||
@@ -490,0 +495,0 @@ |
| { | ||
| "name": "saml2-js", | ||
| "version": "0.2.2", | ||
| "version": "0.2.3", | ||
| "description": "SAML 2.0 node helpers", | ||
@@ -5,0 +5,0 @@ "author": "Clever", |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Lines of code
- increased by1.07%
471
Worsened metrics
- Total package byte prevSize
- decreased by-0.05%
61288
No dependency changes