saml2-js - npm Package Compare versions

Comparing version 1.10.0 to 1.11.0

lib-js/saml2.js

 // Generated by CoffeeScript 1.7.1
-var IdentityProvider, SAMLError, ServiceProvider, SignedXml, XMLNS, add_namespaces_to_child_assertions, async, certificate_to_keyinfo, check_saml_signature, check_status_success, create_authn_request, create_logout_request, create_logout_response, create_metadata, crypto, debug, decrypt_assertion, extract_certificate_data, format_pem, get_name_id, get_session_index, get_signed_data, get_status, parseString, parse_assertion_attributes, parse_authn_response, parse_logout_request, parse_response_header, pretty_assertion_attributes, set_option_defaults, sign_authn_request, sign_request, to_error, url, util, xmlbuilder, xmlcrypto, xmldom, xmlenc, zlib, _,
+var IdentityProvider, SAMLError, ServiceProvider, SignedXml, XMLNS, add_namespaces_to_child_assertions, async, certificate_to_keyinfo, check_saml_signature, check_status_success, create_authn_request, create_logout_request, create_logout_response, create_metadata, crypto, debug, decrypt_assertion, extract_certificate_data, format_pem, get_attribute_value, get_name_id, get_session_info, get_signed_data, get_status, parseString, parse_assertion_attributes, parse_authn_response, parse_logout_request, parse_response_header, pretty_assertion_attributes, set_option_defaults, sign_authn_request, sign_request, to_error, url, util, xmlbuilder, xmlcrypto, xmldom, xmlenc, zlib, _,
   __hasProp = {}.hasOwnProperty,
@@ -310,3 +310,3 @@ __extends = function(child, parent) { for (var key in parent) { if (__hasProp.call(parent, key)) child[key] = parent[key]; } function ctor() { this.constructor = child; } ctor.prototype = parent.prototype; child.prototype = new ctor(); child.__super__ = parent.prototype; return child; },
 check_status_success = function(dom) {
-  var attr, status, status_code, _i, _j, _len, _len1, _ref, _ref1;
+  var status, status_code, _i, _len, _ref;
   status = dom.getElementsByTagNameNS(XMLNS.SAMLP, 'Status');
@@ -320,9 +320,4 @@ if (status.length !== 1) {
     if (status_code.attributes != null) {
-      _ref1 = status_code.attributes || [];
-      for (_j = 0, _len1 = _ref1.length; _j < _len1; _j++) {
-        attr = _ref1[_j];
-        if ((attr != null ? attr.name : void 0) === 'Value' && (attr != null ? attr.value : void 0) === 'urn:oasis:names:tc:SAML:2.0:status:Success') {
-          return true;
-        }
-      }
+      status = get_attribute_value(status_code, 'Value');
+      return status === 'urn:oasis:names:tc:SAML:2.0:status:Success';
     }
@@ -334,3 +329,3 @@ }
 get_status = function(dom) {
-  var attr, status, status_code, status_list, sub_status_code, top_status, _i, _j, _k, _l, _len, _len1, _len2, _len3, _ref, _ref1, _ref2, _ref3;
+  var status, status_code, status_list, sub_status_code, top_status, _i, _j, _len, _len1, _ref, _ref1;
   status_list = {};
@@ -345,24 +340,13 @@ status = dom.getElementsByTagNameNS(XMLNS.SAMLP, 'Status');
     if (status_code.attributes != null) {
-      _ref1 = (status_code != null ? status_code.attributes : void 0) || [];
-      for (_j = 0, _len1 = _ref1.length; _j < _len1; _j++) {
-        attr = _ref1[_j];
-        if ((attr != null ? attr.name : void 0) === 'Value') {
-          top_status = attr.value;
-          if (status_list[top_status] == null) {
-            status_list[top_status] = [];
-          }
-        }
+      top_status = get_attribute_value(status_code, 'Value');
+      if (status_list[top_status] == null) {
+        status_list[top_status] = [];
       }
     }
-    _ref2 = status_code.childNodes || [];
-    for (_k = 0, _len2 = _ref2.length; _k < _len2; _k++) {
-      sub_status_code = _ref2[_k];
+    _ref1 = status_code.childNodes || [];
+    for (_j = 0, _len1 = _ref1.length; _j < _len1; _j++) {
+      sub_status_code = _ref1[_j];
       if ((sub_status_code != null ? sub_status_code.attributes : void 0) != null) {
-        _ref3 = sub_status_code.attributes || [];
-        for (_l = 0, _len3 = _ref3.length; _l < _len3; _l++) {
-          attr = _ref3[_l];
-          if ((attr != null ? attr.name : void 0) === 'Value') {
-            status_list[top_status].push(attr != null ? attr.value : void 0);
-          }
-        }
+        status = get_attribute_value(sub_status_code, 'Value');
+        status_list[top_status].push(status);
       }
@@ -427,3 +411,3 @@ }
 parse_response_header = function(dom) {
-  var attr, response, response_header, response_type, _i, _j, _len, _len1, _ref, _ref1;
+  var response, response_header, response_type, version, _i, _len, _ref;
   _ref = ['Response', 'LogoutResponse', 'LogoutRequest'];
@@ -440,21 +424,11 @@ for (_i = 0, _len = _ref.length; _i < _len; _i++) {
   }
-  response_header = {};
-  _ref1 = response[0].attributes || [];
-  for (_j = 0, _len1 = _ref1.length; _j < _len1; _j++) {
-    attr = _ref1[_j];
-    switch (attr != null ? attr.name : void 0) {
-      case "Version":
-        if (attr.value !== "2.0") {
-          throw new Error("Invalid SAML Version " + attr.value);
-        }
-        break;
-      case "Destination":
-        response_header.destination = attr.value;
-        break;
-      case "InResponseTo":
-        response_header.in_response_to = attr.value;
-        break;
-      case "ID":
-        response_header.id = attr.value;
-    }
+  response_header = {
+    version: get_attribute_value(response[0], 'Version'),
+    destination: get_attribute_value(response[0], 'Destination'),
+    in_response_to: get_attribute_value(response[0], 'InResponseTo'),
+    id: get_attribute_value(response[0], 'ID')
+  };
+  version = response_header.version || '2.0';
+  if (version !== "2.0") {
+    throw new Error("Invalid SAML Version " + version);
   }
@@ -481,4 +455,13 @@ return response_header;
 
-get_session_index = function(dom, index_required) {
-  var assertion, attr, authn_statement, _i, _len, _ref;
+get_attribute_value = function(node, attributeName) {
+  var attribute, attributes, _ref;
+  attributes = node.attributes || [];
+  attribute = _.filter(attributes, function(attr) {
+    return attr.name === attributeName;
+  });
+  return (_ref = attribute[0]) != null ? _ref.value : void 0;
+};
+
+get_session_info = function(dom, index_required) {
+  var assertion, authn_statement, info;
   if (index_required == null) {
@@ -495,18 +478,14 @@ index_required = true;
   }
-  _ref = authn_statement[0].attributes || [];
-  for (_i = 0, _len = _ref.length; _i < _len; _i++) {
-    attr = _ref[_i];
-    if ((attr != null ? attr.name : void 0) === 'SessionIndex') {
-      return attr.value;
-    }
-  }
-  if (index_required) {
+  info = {
+    index: get_attribute_value(authn_statement[0], 'SessionIndex'),
+    not_on_or_after: get_attribute_value(authn_statement[0], 'SessionNotOnOrAfter')
+  };
+  if (index_required && (info.index == null)) {
     throw new Error("SessionIndex not an attribute of AuthnStatement.");
-  } else {
-    return null;
   }
+  return info;
 };
 
 parse_assertion_attributes = function(dom) {
-  var assertion, assertion_attributes, attr, attribute, attribute_name, attribute_statement, attribute_values, _i, _j, _len, _len1, _ref, _ref1;
+  var assertion, assertion_attributes, attribute, attribute_name, attribute_statement, attribute_values, _i, _len, _ref;
   assertion = dom.getElementsByTagNameNS(XMLNS.SAML, 'Assertion');
@@ -527,9 +506,3 @@ if (assertion.length !== 1) {
     attribute = _ref[_i];
-    _ref1 = (attribute != null ? attribute.attributes : void 0) || [];
-    for (_j = 0, _len1 = _ref1.length; _j < _len1; _j++) {
-      attr = _ref1[_j];
-      if ((attr != null ? attr.name : void 0) === 'Name') {
-        attribute_name = attr != null ? attr.value : void 0;
-      }
-    }
+    attribute_name = get_attribute_value(attribute, 'Name');
     if (attribute_name == null) {
@@ -540,4 +513,4 @@ throw new Error("Invalid attribute without name");
     assertion_attributes[attribute_name] = _(attribute_values).map(function(attribute_value) {
-      var _ref2;
-      return ((_ref2 = attribute_value.childNodes[0]) != null ? _ref2.data : void 0) || '';
+      var _ref1;
+      return ((_ref1 = attribute_value.childNodes[0]) != null ? _ref1.data : void 0) || '';
     });
@@ -672,6 +645,10 @@ }
     }, function(decrypted_assertion, cb_wf) {
-      var assertion_attributes, err;
+      var assertion_attributes, err, session_info;
       try {
+        session_info = get_session_info(decrypted_assertion, require_session_index);
         user.name_id = get_name_id(decrypted_assertion);
-        user.session_index = get_session_index(decrypted_assertion, require_session_index);
+        user.session_index = session_info.index;
+        if (session_info.not_on_or_after != null) {
+          user.session_not_on_or_after = session_info.not_on_or_after;
+        }
         assertion_attributes = parse_assertion_attributes(decrypted_assertion);
@@ -943,3 +920,3 @@ user = _.extend(user, pretty_assertion_attributes(assertion_attributes));
   module.exports.get_name_id = get_name_id;
-  module.exports.get_session_index = get_session_index;
+  module.exports.get_session_info = get_session_info;
   module.exports.parse_assertion_attributes = parse_assertion_attributes;
@@ -946,0 +923,0 @@ module.exports.add_namespaces_to_child_assertions = add_namespaces_to_child_assertions;

package.json

 {
   "name": "saml2-js",
-  "version": "1.10.0",
+  "version": "1.11.0",
   "description": "SAML 2.0 node helpers",
@@ -5,0 +5,0 @@ "author": "Clever",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Worsened metrics

Total package byte prevSize

159457

decreased by-0.38%

Lines of code

860

decreased by-2.71%

No dependency changes