Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

saml2-js

Package Overview
Dependencies
Maintainers
5
Versions
60
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

saml2-js - npm Package Compare versions

Comparing version 1.12.3 to 1.12.4

test/data/good_assertion_signed_data.xml

100

lib-js/saml2.js

@@ -260,51 +260,2 @@ // Generated by CoffeeScript 1.12.7

check_saml_signature = function(xml, certificate) {
var doc, sig, signature, valid;
doc = (new xmldom.DOMParser()).parseFromString(xml);
signature = xmlcrypto.xpath(doc, "./*[local-name(.)='Signature' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']");
if (signature.length !== 1) {
return null;
}
sig = new xmlcrypto.SignedXml();
sig.keyInfoProvider = {
getKey: function() {
return format_pem(certificate, 'CERTIFICATE');
}
};
sig.loadSignature(signature[0].toString());
valid = sig.checkSignature(xml);
if (valid) {
return get_signed_data(doc, sig.references);
} else {
return null;
}
};
get_signed_data = function(doc, references) {
return _.map(references, function(ref) {
var elem, idAttribute, j, len, ref1, uri;
uri = ref.uri;
if (uri[0] === '#') {
uri = uri.substring(1);
}
elem = [];
if (uri === "") {
elem = xmlcrypto.xpath(doc, "//*");
} else {
ref1 = ["Id", "ID"];
for (j = 0, len = ref1.length; j < len; j++) {
idAttribute = ref1[j];
elem = xmlcrypto.xpath(doc, "//*[@*[local-name(.)='" + idAttribute + "']='" + uri + "']");
if (elem.length > 0) {
break;
}
}
}
if (!(elem.length > 0)) {
throw new Error("Invalid signature; must be a reference to '" + ref.uri + "'");
}
return elem[0].toString();
});
};
check_status_success = function(dom) {

@@ -407,2 +358,53 @@ var j, len, ref1, status, status_code;

check_saml_signature = function(xml, certificate) {
var doc, sig, signature, valid;
doc = (new xmldom.DOMParser()).parseFromString(xml);
signature = xmlcrypto.xpath(doc, "./*[local-name(.)='Signature' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']");
if (signature.length !== 1) {
return null;
}
sig = new xmlcrypto.SignedXml();
sig.keyInfoProvider = {
getKey: function() {
return format_pem(certificate, 'CERTIFICATE');
}
};
sig.loadSignature(signature[0].toString());
valid = sig.checkSignature(xml);
if (valid) {
return get_signed_data(doc, sig);
} else {
return null;
}
};
get_signed_data = function(doc, sig) {
return _.map(sig.references, function(ref) {
var elem, idAttribute, j, len, ref1, uri;
uri = ref.uri;
if (uri[0] === '#') {
uri = uri.substring(1);
}
elem = [];
if (uri === "") {
elem = xmlcrypto.xpath(doc, "//*");
} else {
ref1 = ["Id", "ID"];
for (j = 0, len = ref1.length; j < len; j++) {
idAttribute = ref1[j];
elem = xmlcrypto.xpath(doc, "//*[@*[local-name(.)='" + idAttribute + "']='" + uri + "']");
if (elem.length > 0) {
break;
}
}
}
if (!(elem.length > 0)) {
throw new Error("Invalid signature; must be a reference to '" + ref.uri + "'");
}
return sig.getCanonXml(ref.transforms, elem[0], {
inclusiveNamespacesPrefixList: ref.inclusiveNamespacesPrefixList
});
});
};
parse_response_header = function(dom) {

@@ -409,0 +411,0 @@ var j, len, ref1, response, response_header, response_type, version;

2

package.json
{
"name": "saml2-js",
"version": "1.12.3",
"version": "1.12.4",
"description": "SAML 2.0 node helpers",

@@ -5,0 +5,0 @@ "author": "Clever",

circle.yml

Sorry, the diff of this file is not supported yet

test/saml2.coffee

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc