Added prefix option and fixed moment warning

Marcos Castany · Marcos Castany · commit b6ffac8dee7e · 2016-11-16T12:29:38.000+01:00
diff --git a/lib/saml11.js b/lib/saml11.js
@@ -66,7 +66,7 @@ exports.create = function(options, callback) {
 
   if (options.lifetimeInSeconds) {
     conditions[0].setAttribute('NotBefore', now.format('YYYY-MM-DDTHH:mm:ss.SSS[Z]'));
-    conditions[0].setAttribute('NotOnOrAfter', now.add('seconds', options.lifetimeInSeconds).format('YYYY-MM-DDTHH:mm:ss.SSS[Z]'));
+    conditions[0].setAttribute('NotOnOrAfter', now.add(options.lifetimeInSeconds, 'seconds').format('YYYY-MM-DDTHH:mm:ss.SSS[Z]'));
   }
   
   if (options.audiences) {
diff --git a/lib/saml20.js b/lib/saml20.js
@@ -67,7 +67,7 @@ exports.create = function(options, callback) {
 
   options.includeAttributeNameFormat = (typeof options.includeAttributeNameFormat !== 'undefined') ? options.includeAttributeNameFormat : true;
   options.typedAttributes = (typeof options.typedAttributes !== 'undefined') ? options.typedAttributes : true;
-
+  options.prefix = options.prefix && (typeof options.prefix === 'string') ? options.prefix : '' ; 
 
   var cert = utils.pemToCert(options.cert);
 
@@ -79,8 +79,9 @@ exports.create = function(options, callback) {
   sig.signingKey = options.key;
   
   sig.keyInfoProvider = {
-    getKeyInfo: function () {
-      return "<X509Data><X509Certificate>" + cert + "</X509Certificate></X509Data>";
+    getKeyInfo: function (key, prefix) {
+      prefix = prefix ? prefix + ':' : prefix;
+      return "<" + prefix + "X509Data><" + prefix + "X509Certificate>" + cert + "</" + prefix + "X509Certificate></" + prefix + "X509Data>";
     }
   };
 
@@ -104,9 +105,9 @@ exports.create = function(options, callback) {
 
   if (options.lifetimeInSeconds) {
     conditions[0].setAttribute('NotBefore', now.format('YYYY-MM-DDTHH:mm:ss.SSS[Z]'));
-    conditions[0].setAttribute('NotOnOrAfter', now.clone().add('seconds', options.lifetimeInSeconds).format('YYYY-MM-DDTHH:mm:ss.SSS[Z]'));
+    conditions[0].setAttribute('NotOnOrAfter', now.clone().add(options.lifetimeInSeconds, 'seconds').format('YYYY-MM-DDTHH:mm:ss.SSS[Z]'));
   
-    confirmationData[0].setAttribute('NotOnOrAfter', now.clone().add('seconds', options.lifetimeInSeconds).format('YYYY-MM-DDTHH:mm:ss.SSS[Z]'));  
+    confirmationData[0].setAttribute('NotOnOrAfter', now.clone().add(options.lifetimeInSeconds, 'seconds').format('YYYY-MM-DDTHH:mm:ss.SSS[Z]'));  
   }
   
   if (options.audiences) {
@@ -188,7 +189,8 @@ exports.create = function(options, callback) {
       location: { 
         reference: options.xpathToNodeBeforeSignature || "//*[local-name(.)='Issuer']", 
         action: 'after'
-      }
+      },
+      prefix: options.prefix
     };
     
     sig.computeSignature(token, opts);
diff --git a/test/saml20.tests.js b/test/saml20.tests.js
@@ -364,6 +364,56 @@ describe('saml 2.0', function () {
     assert.equal('saml:Conditions', signature[0].previousSibling.nodeName);
   });
 
+  it('should place signature with prefix where specified', function () {
+     var options = {
+      cert: fs.readFileSync(__dirname + '/test-auth0.pem'),
+      key: fs.readFileSync(__dirname + '/test-auth0.key'),
+      xpathToNodeBeforeSignature: "//*[local-name(.)='Conditions']",
+      prefix: 'anyprefix',
+      attributes: {
+        'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress': 'foo@bar.com',
+        'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name': 'Foo Bar',
+        'http://example.org/claims/testemptyarray': [], // should dont include empty arrays
+        'http://example.org/claims/testaccent': 'fóo', // should supports accents
+        'http://undefinedattribute/ws/com.com': undefined
+      }
+    };
+
+    var signedAssertion = saml.create(options);
+    
+    var isValid = utils.isValidSignature(signedAssertion, options.cert);
+    assert.equal(true, isValid);
+    
+    var doc = new xmldom.DOMParser().parseFromString(signedAssertion);
+    var signature = doc.documentElement.getElementsByTagName(options.prefix + ':Signature');
+    assert.equal('saml:Conditions', signature[0].previousSibling.nodeName);
+  });
+
+   it('should ignore prefix if not a string', function () {
+     var options = {
+      cert: fs.readFileSync(__dirname + '/test-auth0.pem'),
+      key: fs.readFileSync(__dirname + '/test-auth0.key'),
+      xpathToNodeBeforeSignature: "//*[local-name(.)='Conditions']",
+      prefix: 123,
+      attributes: {
+        'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress': 'foo@bar.com',
+        'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name': 'Foo Bar',
+        'http://example.org/claims/testemptyarray': [], // should dont include empty arrays
+        'http://example.org/claims/testaccent': 'fóo', // should supports accents
+        'http://undefinedattribute/ws/com.com': undefined
+      }
+    };
+
+    var signedAssertion = saml.create(options);
+    
+    var isValid = utils.isValidSignature(signedAssertion, options.cert);
+    assert.equal(true, isValid);
+    
+    var doc = new xmldom.DOMParser().parseFromString(signedAssertion);
+    var signature = doc.documentElement.getElementsByTagName('Signature');
+    assert.equal('saml:Conditions', signature[0].previousSibling.nodeName);
+  });
+
   describe('encryption', function () {
 
     it('should create a saml 2.0 signed and encrypted assertion', function (done) {

Original file line number	Diff line number	Diff line change
`@@ -66,7 +66,7 @@ exports.create = function(options, callback) {`
`66`	`66`
`67`	`67`	`if (options.lifetimeInSeconds) {`
`68`	`68`	`conditions[0].setAttribute('NotBefore', now.format('YYYY-MM-DDTHH:mm:ss.SSS[Z]'));`
`69`		`- conditions[0].setAttribute('NotOnOrAfter', now.add('seconds', options.lifetimeInSeconds).format('YYYY-MM-DDTHH:mm:ss.SSS[Z]'));`
	`69`	`+ conditions[0].setAttribute('NotOnOrAfter', now.add(options.lifetimeInSeconds, 'seconds').format('YYYY-MM-DDTHH:mm:ss.SSS[Z]'));`
`70`	`70`	`}`
`71`	`71`
`72`	`72`	`if (options.audiences) {`