Merge pull request #7 from auth0/fixUncaught

Fix uncaught exceptions

Author: dschenkelman

lib/saml11.js

@@ -49,7 +49,13 @@ exports.create = function(options, callback) {
     }
   };
 
-  var doc = new Parser().parseFromString(saml11.toString());
+  var doc;
+  try {
+    doc = new Parser().parseFromString(saml11.toString());
+  } catch(err){
+    return utils.reportError(err, callback);
+  }
+
   doc.documentElement.setAttribute('AssertionID', '_' + (options.uid || utils.uid(32)));
   if (options.issuer)
     doc.documentElement.setAttribute('Issuer', options.issuer);
@@ -156,8 +162,15 @@ function addSubjectConfirmation(options, doc, randomBytes, callback) {
   xmlenc.encryptKeyInfo(randomBytes, encryptOptions, function(err, keyinfo) { 
     if (err) return cb(err);
     var subjectConfirmationNodes = doc.documentElement.getElementsByTagNameNS(NAMESPACE, 'SubjectConfirmation');
+
     for (var i=0; i<subjectConfirmationNodes.length; i++) {
-      var keyinfoDom = new Parser().parseFromString(keyinfo);
+      var keyinfoDom;
+      try {
+        keyinfoDom = new Parser().parseFromString(keyinfo);
+      } catch(error){
+        return utils.reportError(error, callback);
+      }
+
       var method = subjectConfirmationNodes[i].getElementsByTagNameNS(NAMESPACE, 'ConfirmationMethod')[0];
       method.textContent = 'urn:oasis:names:tc:SAML:1.0:cm:holder-of-key';
       subjectConfirmationNodes[i].appendChild(keyinfoDom.documentElement);
@@ -169,11 +182,16 @@ function addSubjectConfirmation(options, doc, randomBytes, callback) {
 
 function sign(options, sig, doc, callback) {
   var token = utils.removeWhitespace(doc.toString());
-  sig.computeSignature(token, options.xpathToNodeBeforeSignature);
-  var signed = sig.getSignedXml();
+  var signed;
+  try {
+    sig.computeSignature(token, options.xpathToNodeBeforeSignature);
+    signed = sig.getSignedXml();
+  } catch(err){
+    return utils.reportError(err, callback);
+  }
 
   if (!callback) return signed;
-  
+
   return callback(null, signed);
 }
 

lib/saml20.js

@@ -7,7 +7,7 @@ var utils = require('./utils'),
 
 var fs = require('fs');
 var path = require('path');
-var saml11 = fs.readFileSync(path.join(__dirname, 'saml20.template')).toString();
+var saml20 = fs.readFileSync(path.join(__dirname, 'saml20.template')).toString();
 
 var NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:assertion';
 
@@ -47,7 +47,13 @@ exports.create = function(options, callback) {
     }
   };
 
-  var doc = new Parser().parseFromString(saml11.toString());
+  var doc;
+  try {
+    doc = new Parser().parseFromString(saml20.toString());
+  } catch(err){
+    return utils.reportError(err, callback);
+  }
+
   doc.documentElement.setAttribute('ID', '_' + (options.uid || utils.uid(32)));
   if (options.issuer) {
     var issuer = doc.documentElement.getElementsByTagName('saml:Issuer');
@@ -130,8 +136,13 @@ exports.create = function(options, callback) {
   }
 
   var token = utils.removeWhitespace(doc.toString());
-  sig.computeSignature(token, options.xpathToNodeBeforeSignature || "//*[local-name(.)='Issuer']");
-  var signed = sig.getSignedXml();
+  var signed;
+  try {
+    sig.computeSignature(token, options.xpathToNodeBeforeSignature || "//*[local-name(.)='Issuer']");
+    signed = sig.getSignedXml();
+  } catch(err){
+    return utils.reportError(err, callback);
+  }
 
   if (!options.encryptionCert) {
     if (callback) 

lib/utils.js

@@ -7,6 +7,14 @@ exports.pemToCert = function(pem) {
   return null;
 };
 
+exports.reportError = function(err, callback){
+  if (callback){
+    setImmediate(function(){
+      callback(err);
+    });
+  }
+};
+
 /**
  * Return a unique identifier with the given `len`.
  *