Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
saml2-js - npm Package Compare versions
Comparing version 0.4.0 to 0.5.0
| // Generated by CoffeeScript 1.7.1 | ||
| var IdentityProvider, ServiceProvider, XMLNS, async, certificate_to_keyinfo, check_saml_signature, check_status_success, create_authn_request, create_logout_request, create_metadata, crypto, debug, decrypt_assertion, format_pem, get_name_id, get_session_index, parseString, parse_assertion_attributes, parse_authn_response, parse_response_header, pretty_assertion_attributes, sign_get_request, to_error, url, util, xmlbuilder, xmlcrypto, xmldom, xmlenc, zlib, _, | ||
| var IdentityProvider, ServiceProvider, XMLNS, async, certificate_to_keyinfo, check_saml_signature, check_status_success, create_authn_request, create_logout_request, create_logout_response, create_metadata, crypto, debug, decrypt_assertion, format_pem, get_name_id, get_session_index, parseString, parse_assertion_attributes, parse_authn_response, parse_logout_request, parse_response_header, pretty_assertion_attributes, sign_get_request, to_error, url, util, xmlbuilder, xmlcrypto, xmldom, xmlenc, zlib, _, | ||
| __slice = [].slice, | ||
@@ -121,2 +121,27 @@ __bind = function(fn, me){ return function(){ return fn.apply(me, arguments); }; }; | ||
| create_logout_response = function(issuer, in_response_to, destination, status) { | ||
| if (status == null) { | ||
| status = 'urn:oasis:names:tc:SAML:2.0:status:Success'; | ||
| } | ||
| return xmlbuilder.create({ | ||
| 'samlp:LogoutResponse': { | ||
| '@Destination': destination, | ||
| '@ID': '_' + crypto.randomBytes(21).toString('hex'), | ||
| '@InResponseTo': in_response_to, | ||
| '@IssueInstant': (new Date()).toISOString(), | ||
| '@Version': '2.0', | ||
| '@xmlns:samlp': XMLNS.SAMLP, | ||
| '@xmlns:saml': XMLNS.SAML, | ||
| 'saml:Issuer': issuer, | ||
| 'samlp:Status': { | ||
| 'samlp:StatusCode': { | ||
| '@Value': status | ||
| } | ||
| } | ||
| } | ||
| }, { | ||
| headless: true | ||
| }).end(); | ||
| }; | ||
| format_pem = function(key, type) { | ||
@@ -129,9 +154,29 @@ if ((/-----BEGIN [0-9A-Z ]+-----[^-]*-----END [0-9A-Z ]+-----/g.exec(key)) != null) { | ||
| sign_get_request = function(saml_request, private_key) { | ||
| var data, sign; | ||
| data = "SAMLRequest=" + encodeURIComponent(saml_request) + "&SigAlg=" + encodeURIComponent('http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'); | ||
| sign_get_request = function(saml_request, private_key, relay_state, response) { | ||
| var action, data, relay_state_data, saml_request_data, saml_request_out, saml_response_out, sigalg_data, sign; | ||
| if (response == null) { | ||
| response = false; | ||
| } | ||
| action = response ? "SAMLResponse" : "SAMLRequest"; | ||
| data = ("" + action + "=") + encodeURIComponent(saml_request); | ||
| if (relay_state) { | ||
| data += "&RelayState=" + encodeURIComponent(relay_state); | ||
| } | ||
| data += "&SigAlg=" + encodeURIComponent('http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'); | ||
| saml_request_data = ("" + action + "=") + encodeURIComponent(saml_request); | ||
| relay_state_data = relay_state != null ? "&RelayState=" + encodeURIComponent(relay_state) : ""; | ||
| sigalg_data = "&SigAlg=" + encodeURIComponent('http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'); | ||
| sign = crypto.createSign('RSA-SHA256'); | ||
| sign.update(data); | ||
| sign.update(saml_request_data + relay_state_data + sigalg_data); | ||
| if (response) { | ||
| saml_response_out = saml_request; | ||
| } else { | ||
| if (!response) { | ||
| saml_request_out = saml_request; | ||
| } | ||
| } | ||
| return { | ||
| SAMLRequest: saml_request, | ||
| SAMLResponse: saml_response_out, | ||
| SAMLRequest: saml_request_out, | ||
| RelayState: relay_state, | ||
| SigAlg: 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256', | ||
@@ -238,3 +283,3 @@ Signature: sign.sign(format_pem(private_key, 'PRIVATE KEY'), 'base64') | ||
| var attr, response, response_header, response_type, _i, _j, _len, _len1, _ref, _ref1; | ||
| _ref = ['Response', 'LogoutResponse']; | ||
| _ref = ['Response', 'LogoutResponse', 'LogoutRequest']; | ||
| for (_i = 0, _len = _ref.length; _i < _len; _i++) { | ||
@@ -265,2 +310,5 @@ response_type = _ref[_i]; | ||
| response_header.in_response_to = attr.value; | ||
| break; | ||
| case "ID": | ||
| response_header.id = attr.value; | ||
| } | ||
@@ -411,2 +459,24 @@ } | ||
| parse_logout_request = function(dom) { | ||
| var issuer, name_id, request, session_index, _ref, _ref1, _ref2; | ||
| request = dom.getElementsByTagNameNS(XMLNS.SAMLP, "LogoutRequest"); | ||
| if (request.length !== 1) { | ||
| throw new Error("Expected 1 LogoutRequest; found " + request.length); | ||
| } | ||
| request = {}; | ||
| issuer = dom.getElementsByTagNameNS(XMLNS.SAML, 'Issuer'); | ||
| if (issuer.length === 1) { | ||
| request.issuer = (_ref = issuer[0].firstChild) != null ? _ref.data : void 0; | ||
| } | ||
| name_id = dom.getElementsByTagNameNS(XMLNS.SAML, 'NameID'); | ||
| if (name_id.length === 1) { | ||
| request.name_id = (_ref1 = name_id[0].firstChild) != null ? _ref1.data : void 0; | ||
| } | ||
| session_index = dom.getElementsByTagNameNS(XMLNS.SAMLP, 'SessionIndex'); | ||
| if (session_index.length === 1) { | ||
| request.session_index = (_ref2 = session_index[0].firstChild) != null ? _ref2.data : void 0; | ||
| } | ||
| return request; | ||
| }; | ||
| module.exports.ServiceProvider = ServiceProvider = (function() { | ||
@@ -448,4 +518,4 @@ function ServiceProvider(issuer, private_key, certificate) { | ||
| get_request = get_request[0]; | ||
| if ((request_body != null ? request_body.SAMLResponse : void 0) == null) { | ||
| return setImmediate(cb, new Error("Request body does not contain SAMLResponse.")); | ||
| if (!(((request_body != null ? request_body.SAMLResponse : void 0) != null) || ((request_body != null ? request_body.SAMLRequest : void 0) != null))) { | ||
| return setImmediate(cb, new Error("Request body does not contain SAMLResponse or SAMLRequest.")); | ||
| } | ||
@@ -458,3 +528,3 @@ saml_response = null; | ||
| var raw; | ||
| raw = new Buffer(request_body.SAMLResponse, 'base64'); | ||
| raw = new Buffer(request_body.SAMLResponse || request_body.SAMLRequest, 'base64'); | ||
| if (get_request) { | ||
@@ -473,12 +543,18 @@ return zlib.inflateRaw(raw, cb_wf); | ||
| }; | ||
| if (!check_status_success(saml_response)) { | ||
| cb_wf(new Error("SAML Response was not success!")); | ||
| } | ||
| switch (false) { | ||
| case saml_response.getElementsByTagNameNS(XMLNS.SAMLP, 'Response').length !== 1: | ||
| if (!check_status_success(saml_response)) { | ||
| cb_wf(new Error("SAML Response was not success!")); | ||
| } | ||
| response.type = 'authn_response'; | ||
| return parse_authn_response(saml_response, _this.private_key, identity_provider.certificates, cb_wf); | ||
| case saml_response.getElementsByTagNameNS(XMLNS.SAMLP, 'LogoutResponse').length !== 1: | ||
| if (!check_status_success(saml_response)) { | ||
| cb_wf(new Error("SAML Response was not success!")); | ||
| } | ||
| response.type = 'logout_response'; | ||
| return setImmediate(cb_wf, null, {}); | ||
| case saml_response.getElementsByTagNameNS(XMLNS.SAMLP, 'LogoutRequest').length !== 1: | ||
| response.type = 'logout_request'; | ||
| return setImmediate(cb_wf, null, parse_logout_request(saml_response)); | ||
| } | ||
@@ -493,4 +569,6 @@ }; | ||
| ServiceProvider.prototype.create_logout_url = function(identity_provider, name_id, session_index, cb) { | ||
| var xml; | ||
| ServiceProvider.prototype.create_logout_url = function() { | ||
| var cb, identity_provider, name_id, relay_state, session_index, xml, _i; | ||
| identity_provider = arguments[0], name_id = arguments[1], session_index = arguments[2], relay_state = 5 <= arguments.length ? __slice.call(arguments, 3, _i = arguments.length - 1) : (_i = 3, []), cb = arguments[_i++]; | ||
| relay_state = relay_state[0]; | ||
| xml = create_logout_request(this.issuer, name_id, session_index, identity_provider.sso_logout_url); | ||
@@ -504,3 +582,3 @@ return zlib.deflateRaw(xml, (function(_this) { | ||
| uri = url.parse(identity_provider.sso_logout_url); | ||
| uri.query = sign_get_request(deflated.toString('base64'), _this.private_key); | ||
| uri.query = sign_get_request(deflated.toString('base64'), _this.private_key, relay_state); | ||
| return cb(null, url.format(uri)); | ||
@@ -511,2 +589,18 @@ }; | ||
| ServiceProvider.prototype.create_logout_response_url = function(in_response_to, logout_url, cb) { | ||
| var xml; | ||
| xml = create_logout_response(this.issuer, in_response_to, logout_url); | ||
| return zlib.deflateRaw(xml, (function(_this) { | ||
| return function(err, deflated) { | ||
| var uri; | ||
| if (err != null) { | ||
| return cb(err); | ||
| } | ||
| uri = url.parse(logout_url); | ||
| uri.query = sign_get_request(deflated.toString('base64'), _this.private_key, void 0, true); | ||
| return cb(null, url.format(uri)); | ||
| }; | ||
| })(this)); | ||
| }; | ||
| ServiceProvider.prototype.create_metadata = function(assert_endpoint) { | ||
@@ -543,2 +637,3 @@ return create_metadata(this.issuer, assert_endpoint, this.certificate, this.certificate); | ||
| module.exports.parse_response_header = parse_response_header; | ||
| module.exports.parse_logout_request = parse_logout_request; | ||
| module.exports.parse_assertion_attributes = parse_assertion_attributes; | ||
@@ -545,0 +640,0 @@ module.exports.get_name_id = get_name_id; |
| { | ||
| "name": "saml2-js", | ||
| "version": "0.4.0", | ||
| "version": "0.5.0", | ||
| "description": "SAML 2.0 node helpers", | ||
@@ -5,0 +5,0 @@ "author": "Clever", |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by7.21%
81889
- Number of package files
- increased by4.35%
24
- Lines of code
- increased by18.44%
591
No dependency changes