Skip to content

Commit 2c68a98

Browse files
yeshamavaniyeshamavani
authored
fix(deps): using local folder instead of git url for passport apple (#134)
passport apple depends on vulnerable verion of jsonwebtoken using a local folder to fix it GH-127
1 parent decb68a commit 2c68a98

File tree

22 files changed

+1128
-807
lines changed

22 files changed

+1128
-807
lines changed

.eslintignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,3 +10,4 @@ index.*
1010
commitlint.config.js
1111

1212
.eslintrc.js
13+
vendor/

package-lock.json

Lines changed: 535 additions & 406 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -56,15 +56,17 @@
5656
"@loopback/core": "^4.0.7",
5757
"ajv": "^8.11.0",
5858
"https-proxy-agent": "^5.0.0",
59+
"jsonwebtoken": "^9.0.0",
5960
"passport": "^0.6.0",
60-
"passport-apple": "git+https://github.com/yeshamavani/passport-apple.git",
61+
"passport-apple": "file:vendor/passport-apple",
6162
"passport-azure-ad": "^4.3.4",
6263
"passport-cognito-oauth2": "^0.1.1",
6364
"passport-facebook": "^3.0.0",
6465
"passport-google-oauth20": "^2.0.0",
6566
"passport-http-bearer": "^1.0.1",
6667
"passport-instagram": "^1.0.0",
6768
"passport-local": "^1.0.0",
69+
"passport-oauth2": "^1.6.1",
6870
"passport-oauth2-client-password": "^0.1.2",
6971
"tslib": "^2.0.0"
7072
},
@@ -83,6 +85,7 @@
8385
"@semantic-release/npm": "^9.0.1",
8486
"@semantic-release/release-notes-generator": "^10.0.3",
8587
"@types/express": "^4.17.13",
88+
"@types/jsonwebtoken": "^9.0.1",
8689
"@types/lodash": "^4.14.181",
8790
"@types/node": "^14.18.36",
8891
"@types/passport": "^1.0.7",

src/__tests__/fixtures/providers/saml.provider.ts

Lines changed: 0 additions & 29 deletions
This file was deleted.

src/__tests__/integration/action-sequence/saml/saml.integration.ts

Lines changed: 0 additions & 71 deletions
This file was deleted.

src/__tests__/integration/middleware-sequence/saml/saml.integration.ts

Lines changed: 0 additions & 71 deletions
This file was deleted.

src/__tests__/unit/saml-strategy.unit.ts/saml-strategy.unit.ts

Lines changed: 0 additions & 66 deletions
This file was deleted.

src/component.ts

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -37,8 +37,6 @@ import {
3737
ResourceOwnerVerifyProvider,
3838
PassportOtpStrategyFactoryProvider,
3939
OtpVerifyProvider,
40-
SamlStrategyFactoryProvider,
41-
SamlVerifyProvider,
4240
} from './strategies';
4341
import {Strategies} from './strategies/keys';
4442
import {
@@ -86,7 +84,6 @@ export class AuthenticationComponent implements Component {
8684
KeycloakStrategyFactoryProvider,
8785
[Strategies.Passport.COGNITO_OAUTH2_STRATEGY_FACTORY.key]:
8886
CognitoStrategyFactoryProvider,
89-
[Strategies.SAML_STRATEGY_FACTORY.key]: SamlStrategyFactoryProvider,
9087

9188
// Verifier functions
9289
[Strategies.Passport.OAUTH2_CLIENT_PASSWORD_VERIFIER.key]:
@@ -109,7 +106,6 @@ export class AuthenticationComponent implements Component {
109106
[Strategies.Passport.APPLE_OAUTH2_VERIFIER.key]: AppleAuthVerifyProvider,
110107
[Strategies.Passport.AZURE_AD_VERIFIER.key]: AzureADAuthVerifyProvider,
111108
[Strategies.Passport.KEYCLOAK_VERIFIER.key]: KeycloakVerifyProvider,
112-
[Strategies.SAML_VERIFIER.key]: SamlVerifyProvider,
113109
};
114110
this.bindings = [];
115111
if (this.config?.useClientAuthenticationMiddleware) {

src/strategies/SAML/index.ts

Lines changed: 0 additions & 2 deletions
This file was deleted.

src/strategies/SAML/saml-strategy-factory-provider.ts

Lines changed: 0 additions & 96 deletions
This file was deleted.

0 commit comments

Comments
 (0)