Skip to content

Commit 7e82718

Browse files
ziluvatarziluvatar
authored
Merge pull request #17 from mcastany/xml-crypto-upgrade
Upgrade xml-crypto library
2 parents 1b57287 + 51382d4 commit 7e82718

File tree

6 files changed

+49
-25
lines changed

6 files changed

+49
-25
lines changed

.travis.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,4 @@
11
language: node_js
22
node_js:
3-
- 0.8
3+
- 0.12
4+
- 4.4.3

lib/saml11.js

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -183,8 +183,16 @@ function addSubjectConfirmation(options, doc, randomBytes, callback) {
183183
function sign(options, sig, doc, callback) {
184184
var token = utils.removeWhitespace(doc.toString());
185185
var signed;
186+
186187
try {
187-
sig.computeSignature(token, options.xpathToNodeBeforeSignature);
188+
var opts = options.xpathToNodeBeforeSignature ? {
189+
location: {
190+
reference: options.xpathToNodeBeforeSignature,
191+
action: 'after'
192+
}
193+
} : {};
194+
195+
sig.computeSignature(token, opts);
188196
signed = sig.getSignedXml();
189197
} catch(err){
190198
return utils.reportError(err, callback);

lib/saml20.js

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -138,7 +138,14 @@ exports.create = function(options, callback) {
138138
var token = utils.removeWhitespace(doc.toString());
139139
var signed;
140140
try {
141-
sig.computeSignature(token, options.xpathToNodeBeforeSignature || "//*[local-name(.)='Issuer']");
141+
var opts = {
142+
location: {
143+
reference: options.xpathToNodeBeforeSignature || "//*[local-name(.)='Issuer']",
144+
action: 'after'
145+
}
146+
};
147+
148+
sig.computeSignature(token, opts);
142149
signed = sig.getSignedXml();
143150
} catch(err){
144151
return utils.reportError(err, callback);

package.json

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -14,12 +14,12 @@
1414
"author": "Matias Woloski (Auth0)",
1515
"license": "MIT",
1616
"dependencies": {
17-
"xml-crypto": "~0.0.20",
18-
"xmldom": "=0.1.15",
17+
"async": "~0.2.9",
1918
"moment": "~2.14.1",
19+
"xml-crypto": "0.8.4",
2020
"xml-encryption": "~0.7.4",
21-
"xpath": "0.0.5",
22-
"async": "~0.2.9"
21+
"xmldom": "=0.1.15",
22+
"xpath": "0.0.5"
2323
},
2424
"scripts": {
2525
"test": "mocha"

test/saml11.tests.js

Lines changed: 1 addition & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -230,22 +230,7 @@ describe('saml 1.1', function () {
230230
assert.equal('urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified', format);
231231
});
232232

233-
234-
it('should override AttirubteStatement NameFormat', function () {
235-
var options = {
236-
cert: fs.readFileSync(__dirname + '/test-auth0.pem'),
237-
key: fs.readFileSync(__dirname + '/test-auth0.key'),
238-
nameIdentifier: 'foo',
239-
nameIdentifierFormat: 'http://foo'
240-
};
241-
var signedAssertion = saml11.create(options);
242-
var format = utils.getNameIdentifier(signedAssertion)
243-
.getAttribute('Format');
244-
assert.equal('http://foo', format);
245-
});
246-
247-
248-
it('should override AttirubteStatement NameFormat', function () {
233+
it('should override AttirubteStatement NameFormat', function () {
249234
var options = {
250235
cert: fs.readFileSync(__dirname + '/test-auth0.pem'),
251236
key: fs.readFileSync(__dirname + '/test-auth0.key'),
@@ -274,8 +259,6 @@ it('should override AttirubteStatement NameFormat', function () {
274259
assert.equal('saml:Conditions', signature[0].previousSibling.nodeName);
275260
});
276261

277-
278-
279262
it('should test the whole thing', function () {
280263
var options = {
281264
cert: fs.readFileSync(__dirname + '/test-auth0.pem'),

test/saml20.tests.js

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -132,6 +132,31 @@ describe('saml 2.0', function () {
132132
assert.equal('specific', authnContextClassRef.textContent);
133133
});
134134

135+
it('should place signature where specified', function () {
136+
var options = {
137+
cert: fs.readFileSync(__dirname + '/test-auth0.pem'),
138+
key: fs.readFileSync(__dirname + '/test-auth0.key'),
139+
xpathToNodeBeforeSignature: "//*[local-name(.)='Conditions']",
140+
attributes: {
141+
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress': '[email protected]',
142+
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name': 'Foo Bar',
143+
'http://example.org/claims/testemptyarray': [], // should dont include empty arrays
144+
'http://example.org/claims/testaccent': 'fóo', // should supports accents
145+
'http://undefinedattribute/ws/com.com': undefined
146+
}
147+
};
148+
149+
var signedAssertion = saml.create(options);
150+
151+
var isValid = utils.isValidSignature(signedAssertion, options.cert);
152+
assert.equal(true, isValid);
153+
154+
var doc = new xmldom.DOMParser().parseFromString(signedAssertion);
155+
var signature = doc.documentElement.getElementsByTagName('Signature');
156+
157+
assert.equal('saml:Conditions', signature[0].previousSibling.nodeName);
158+
});
159+
135160
describe('encryption', function () {
136161

137162
it('should create a saml 2.0 signed and encrypted assertion', function (done) {

0 commit comments

Comments
 (0)