samlify - npm Package Compare versions

Comparing version 2.8.9 to 2.8.10

build/src/libsaml.js

@@ -509,12 +509,13 @@ "use strict";
                 var assertions = (0, xpath_1.select)("//*[local-name(.)='Assertion']", doc);
-                if (!Array.isArray(assertions)) {
+                if (!Array.isArray(assertions) || assertions.length === 0) {
                     throw new Error('ERR_NO_ASSERTION');
                 }
-                if (assertions.length !== 1) {
+                if (assertions.length > 1) {
                     throw new Error('ERR_MULTIPLE_ASSERTION');
                 }
+                var rawAssertionNode = assertions[0];
                 // Perform encryption depends on the setting, default is false
                 if (sourceEntitySetting.isAssertionEncrypted) {
                     var publicKeyPem = utility_1.default.getPublicKeyPemFromCertificate(targetEntityMetadata.getX509Certificate(certUse.encrypt));
-                    xmlenc.encrypt(assertions[0].toString(), {
+                    xmlenc.encrypt(rawAssertionNode.toString(), {
                         // use xml-encryption module
@@ -534,4 +535,4 @@ rsa_pub: Buffer.from(publicKeyPem),
                         var encAssertionPrefix = sourceEntitySetting.tagPrefix.encryptedAssertion;
-                        var encryptAssertionNode = new dom().parseFromString("<".concat(encAssertionPrefix, ":EncryptedAssertion xmlns:").concat(encAssertionPrefix, "=\"").concat(urn_1.namespace.names.assertion, "\">").concat(res, "</").concat(encAssertionPrefix, ":EncryptedAssertion>"));
-                        doc.replaceChild(encryptAssertionNode, assertions[0]);
+                        var encryptAssertionDoc = new dom().parseFromString("<".concat(encAssertionPrefix, ":EncryptedAssertion xmlns:").concat(encAssertionPrefix, "=\"").concat(urn_1.namespace.names.assertion, "\">").concat(res, "</").concat(encAssertionPrefix, ":EncryptedAssertion>"));
+                        doc.documentElement.replaceChild(encryptAssertionDoc.documentElement, rawAssertionNode);
                         return resolve(utility_1.default.base64Encode(doc.toString()));
@@ -561,11 +562,12 @@ });
                 var hereSetting = here.entitySetting;
-                var xml = new dom().parseFromString(entireXML);
-                var encryptedAssertions = (0, xpath_1.select)("/*[contains(local-name(), 'Response')]/*[local-name(.)='EncryptedAssertion']", xml);
-                if (!Array.isArray(encryptedAssertions)) {
+                var doc = new dom().parseFromString(entireXML);
+                var encryptedAssertions = (0, xpath_1.select)("/*[contains(local-name(), 'Response')]/*[local-name(.)='EncryptedAssertion']", doc);
+                if (!Array.isArray(encryptedAssertions) || encryptedAssertions.length === 0) {
                     throw new Error('ERR_UNDEFINED_ENCRYPTED_ASSERTION');
                 }
-                if (encryptedAssertions.length !== 1) {
+                if (encryptedAssertions.length > 1) {
                     throw new Error('ERR_MULTIPLE_ASSERTION');
                 }
-                return xmlenc.decrypt(encryptedAssertions[0].toString(), {
+                var encAssertionNode = encryptedAssertions[0];
+                return xmlenc.decrypt(encAssertionNode.toString(), {
                     key: utility_1.default.readPrivateKey(hereSetting.encPrivateKey, hereSetting.encPrivateKeyPass),
@@ -580,5 +582,5 @@ }, function (err, res) {
                     }
-                    var assertionNode = new dom().parseFromString(res);
-                    xml.replaceChild(assertionNode, encryptedAssertions[0]);
-                    return resolve([xml.toString(), res]);
+                    var rawAssertionDoc = new dom().parseFromString(res);
+                    doc.documentElement.replaceChild(rawAssertionDoc.documentElement, encAssertionNode);
+                    return resolve([doc.toString(), res]);
                 });
@@ -585,0 +587,0 @@ });

package.json

 {
   "name": "samlify",
-  "version": "2.8.9",
+  "version": "2.8.10",
   "description": "High-level API for Single Sign On (SAML 2.0)",
@@ -5,0 +5,0 @@ "main": "build/index.js",

src/libsaml.ts

@@ -609,8 +609,9 @@ /**
         const assertions = select("//*[local-name(.)='Assertion']", doc) as Node[];
-        if (!Array.isArray(assertions)) {
+        if (!Array.isArray(assertions) || assertions.length === 0) {
           throw new Error('ERR_NO_ASSERTION');
         }
-        if (assertions.length !== 1) {
+        if (assertions.length > 1) {
           throw new Error('ERR_MULTIPLE_ASSERTION');
         }
+        const rawAssertionNode = assertions[0];
 
@@ -622,3 +623,3 @@ // Perform encryption depends on the setting, default is false
 
-          xmlenc.encrypt(assertions[0].toString(), {
+          xmlenc.encrypt(rawAssertionNode.toString(), {
             // use xml-encryption module
@@ -638,4 +639,4 @@ rsa_pub: Buffer.from(publicKeyPem), // public key from certificate
             const { encryptedAssertion: encAssertionPrefix } = sourceEntitySetting.tagPrefix;
-            const encryptAssertionNode = new dom().parseFromString(`<${encAssertionPrefix}:EncryptedAssertion xmlns:${encAssertionPrefix}="${namespace.names.assertion}">${res}</${encAssertionPrefix}:EncryptedAssertion>`);
-            doc.replaceChild(encryptAssertionNode, assertions[0]);
+            const encryptAssertionDoc = new dom().parseFromString(`<${encAssertionPrefix}:EncryptedAssertion xmlns:${encAssertionPrefix}="${namespace.names.assertion}">${res}</${encAssertionPrefix}:EncryptedAssertion>`);
+            doc.documentElement.replaceChild(encryptAssertionDoc.documentElement, rawAssertionNode);
             return resolve(utility.base64Encode(doc.toString()));
@@ -664,11 +665,13 @@ });
         const hereSetting = here.entitySetting;
-        const xml = new dom().parseFromString(entireXML);
-        const encryptedAssertions = select("/*[contains(local-name(), 'Response')]/*[local-name(.)='EncryptedAssertion']", xml) as Node[];
-        if (!Array.isArray(encryptedAssertions)) {
+        const doc = new dom().parseFromString(entireXML);
+        const encryptedAssertions = select("/*[contains(local-name(), 'Response')]/*[local-name(.)='EncryptedAssertion']", doc) as Node[];
+        if (!Array.isArray(encryptedAssertions) || encryptedAssertions.length === 0) {
           throw new Error('ERR_UNDEFINED_ENCRYPTED_ASSERTION');
         }
-        if (encryptedAssertions.length !== 1) {
+        if (encryptedAssertions.length > 1) {
           throw new Error('ERR_MULTIPLE_ASSERTION');
         }
-        return xmlenc.decrypt(encryptedAssertions[0].toString(), {
+        const encAssertionNode = encryptedAssertions[0];
+
+        return xmlenc.decrypt(encAssertionNode.toString(), {
           key: utility.readPrivateKey(hereSetting.encPrivateKey, hereSetting.encPrivateKeyPass),
@@ -683,5 +686,5 @@ }, (err, res) => {
           }
-          const assertionNode = new dom().parseFromString(res);
-          xml.replaceChild(assertionNode, encryptedAssertions[0]);
-          return resolve([xml.toString(), res]);
+          const rawAssertionDoc = new dom().parseFromString(res);
+          doc.documentElement.replaceChild(rawAssertionDoc.documentElement, encAssertionNode);
+          return resolve([doc.toString(), res]);
         });
@@ -688,0 +691,0 @@ });

No alert changes

Improved metrics

Total package byte prevSize

493950

increased by0.12%

Lines of code

9087

increased by0.04%

No dependency changes