From f7b18e98572fc508147b2ec23ae341a954013b44 Mon Sep 17 00:00:00 2001 From: Jose Luis Diaz Date: Thu, 9 Jan 2020 16:44:53 -0300 Subject: [PATCH] Bump XML Crypto version (#139) * use last xml-crypto --- lib/passport-wsfed-saml2/samlp.js | 41 ++++++++++++++++++----- lib/passport-wsfed-saml2/utils.js | 17 ++++++---- package.json | 8 ++--- test/interop.tests.js | 55 +++++++++++++++++++++---------- test/samlp.tests.js | 2 +- 5 files changed, 86 insertions(+), 37 deletions(-) diff --git a/lib/passport-wsfed-saml2/samlp.js b/lib/passport-wsfed-saml2/samlp.js index 5b61741..a46aa09 100644 --- a/lib/passport-wsfed-saml2/samlp.js +++ b/lib/passport-wsfed-saml2/samlp.js @@ -106,6 +106,25 @@ var algorithms = { } }; +function collectAncestorNamespaces(node, nameSpaces = [], maxDeep = 5){ + if (!(node && node.parentNode) || maxDeep <= 0) { + return nameSpaces; + } + + const parent = node.parentNode; + + if(parent.attributes && parent.attributes.length > 0){ + for(let i=0;i !assertion.getAttribute(attr.key)) + .forEach((attr) => assertion.setAttribute(attr.key, attr.value)); callback(null, assertion); - }; + } var foundAssertions = xpath.select("//*[local-name(.)='Assertion']", samlpResponse); if (foundAssertions.length > 1) { diff --git a/lib/passport-wsfed-saml2/utils.js b/lib/passport-wsfed-saml2/utils.js index 3173d21..6c6b39f 100644 --- a/lib/passport-wsfed-saml2/utils.js +++ b/lib/passport-wsfed-saml2/utils.js @@ -10,6 +10,11 @@ const CERT_END = "\n-----END CERTIFICATE-----\n"; exports.certToPEM = (cert) => CERT_START + cert.match(/.{1,64}/g).join('\n') + CERT_END; +// convert from \r\n -> \n this should be done by the xml parser, but is ignoring this. +function crlf2lf(string) { + return string.replace(/\r\n?/g, '\n'); +} + exports.getSamlAssertionVersion = function(samlAssertion){ if (samlAssertion.getAttribute('MajorVersion') === '1') { return '1.1'; @@ -20,12 +25,12 @@ exports.getSamlAssertionVersion = function(samlAssertion){ return undefined; } -} +}; exports.parseSamlAssertion = function(xml) { if (typeof xml === 'string') { try { - return new xmldom.DOMParser().parseFromString(xml); + return new xmldom.DOMParser().parseFromString(crlf2lf(xml)); } catch (e) { throw new SamlAssertionParserError('SAML Assertion should be a valid xml', e); } @@ -37,7 +42,7 @@ exports.parseSamlAssertion = function(xml) { exports.parseSamlResponse = function(xml) { if (typeof xml === 'string') { try { - return new xmldom.DOMParser().parseFromString(xml); + return new xmldom.DOMParser().parseFromString(crlf2lf(xml)); } catch (e) { throw new SamlResponseParserError('SAMLResponse should be a valid xml', e); } @@ -49,7 +54,7 @@ exports.parseSamlResponse = function(xml) { exports.parseWsFedResponse = function(xml) { if (typeof xml === 'string') { try { - return new xmldom.DOMParser().parseFromString(xml); + return new xmldom.DOMParser().parseFromString(crlf2lf(xml)); } catch (e) { throw new WSFederationResultParserError('wresult should be a valid xml', e); } @@ -69,7 +74,7 @@ exports.generateUniqueID = function() { exports.getEncoding = function(xml){ try{ - const response = new xmldom.DOMParser().parseFromString(xml); + const response = new xmldom.DOMParser().parseFromString(crlf2lf(xml)); // -> read encoding if (response.firstChild && response.firstChild.tagName == 'xml'){ const regex = /(?:encoding=\")([^\"]*)(?:\")/g; @@ -84,7 +89,7 @@ exports.getEncoding = function(xml){ } catch(e){ return; } -} +}; /** * Safely compare two string. Type validation and length comparison are inspired in the diff --git a/package.json b/package.json index a10bf8e..f12c35e 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "passport-wsfed-saml2", - "version": "4.0.0", + "version": "4.1.0", "description": "SAML2 Protocol and WS-Fed library", "scripts": { "test": "mocha --reporter spec --recursive" @@ -25,10 +25,10 @@ "uid2": "0.0.x", "valid-url": "^1.0.9", "x509": "^0.3.4", - "xml-crypto": "auth0/xml-crypto#fix-digest", + "xml-crypto": "auth0/xml-crypto#v1.4.1-auth0.2", "xml-encryption": "auth0/node-xml-encryption#v0.12.0", "xml2js": "0.1.x", - "xmldom": "auth0/xmldom#v0.1.19-auth0_1", + "xmldom": "auth0/xmldom#v0.1.19-auth0.2", "xpath": "0.0.5", "xtend": "~2.0.3" }, @@ -46,7 +46,7 @@ "wsfed": "~0.3.5" }, "engines": { - "node": ">= 0.6.0" + "node": ">= 4" }, "licenses": [ { diff --git a/test/interop.tests.js b/test/interop.tests.js index d053bdf..a7e0887 100644 --- a/test/interop.tests.js +++ b/test/interop.tests.js @@ -1,18 +1,12 @@ -var assert = require('assert'), - fs = require('fs'), - helpers = require('./helpers'), - should = require('should'), - saml11 = require('saml').Saml11, - SamlPassport = require('../lib/passport-wsfed-saml2/saml').SAML, - samlp = require('../lib/passport-wsfed-saml2/samlp'); - wsfed = require('../lib/passport-wsfed-saml2').Strategy; - -var request = require('request'); -var server = require('./fixture/samlp-server'); -var expect = require('chai').expect; - -var Parser = require('xmldom').DOMParser, - SignedXml = require('xml-crypto').SignedXml; +const assert = require('assert'); +const fs = require('fs'); +const SamlPassport = require('../lib/passport-wsfed-saml2/saml').SAML; +const samlp = require('../lib/passport-wsfed-saml2/samlp'); +const wsfed = require('../lib/passport-wsfed-saml2').Strategy; + +const request = require('request'); +const server = require('./fixture/samlp-server'); +const expect = require('chai').expect; describe('interop', function () { @@ -212,8 +206,8 @@ describe('interop', function () { }); - it('should validate an assertion with umlats xmldom', function (done) { - var signedAssertion = new Parser().parseFromString('https://aai-logon.ethz.ch/idp/shibbolethjVMwKZ5O3hXfOf6tkVan2hnPW2w=nq5nJangoli5J6uBF/sEeYyKL7+xepbsDmjT6mpggLmba6yR+lQaZmAGnti8nhZUPyXwZfZS3d9oH4upbRg56jdVVcPaZUhYOPW2T2etm7lxxaDlHDJo/E40KnBtGMn6Oxz23hXUrc6p6K4FFLCQwmsE3ZZlP/u8DcqKNl5X/D5udcCV75mjxnVKWuXu34Xw4uQEQBb+6UfGjDN1/91M6U3ZZ0iOSRsBC7+SYLVMbDZqGveioKjZMPBuHmoBwQxsCixu1var3LNyCFVRo0LV9qA5DhA5lyH209+kFsN9vqzHKkiOF+Wua+Ngh2oR/48CWfTOjDuvRpje1bICIwwCQg==MIIFjzCCBHegAwIBAgIUZ+QtvaEucMtOcruHlzQrEDH92FMwDQYJKoZIhvcNAQEFBQAwazELMAkG\nA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHzAdBgNVBAsTFnd3dy5xdW92YWRp\nc2dsb2JhbC5jb20xIDAeBgNVBAMTF1F1b1ZhZGlzIEdsb2JhbCBTU0wgSUNBMB4XDTEzMDQxNzA4\nMDYwNFoXDTE1MDQxNzA4MDYwNFowYzELMAkGA1UEBhMCQ0gxEDAOBgNVBAgTB1p1ZXJpY2gxEDAO\nBgNVBAcTB1p1ZXJpY2gxFDASBgNVBAoTC0VUSCBadWVyaWNoMRowGAYDVQQDExFhYWktbG9nb24u\nZXRoei5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOJWLI4vWx5HnqUvkBDm5Egp\nUg8yOlL3HbS0Y62/k77R2W9wxNczcR79wUBl2cNDCF/LxzdY1ml2u2skbZy4tqtmcvHVrwM5RVDb\n3jpjUhzBlD5rkpxgut2zFmNsahXzceD9dzsTvq7MUq6YgW6iRY3wNbes7ZgRtdkCz+vbiB52iTES\nZ2lo6fBn69eiqywUhQ5t/K4jGqpSUf1DITz//lMWRveagVyUq342JONxo93nt6x6ewGg+Qo8yCuC\nj4VehpncHYV0oNI2sSncKPm23Z4TNxPDalSaq8R5nKhueG+FHX7Ks8hWYSf42m2rrZLTumv2Ry8H\nFrPFkI7kuSFwVRECAwEAAaOCAjEwggItMHQGCCsGAQUFBwEBBGgwZjAqBggrBgEFBQcwAYYeaHR0\ncDovL29jc3AucXVvdmFkaXNnbG9iYWwuY29tMDgGCCsGAQUFBzAChixodHRwOi8vdHJ1c3QucXVv\ndmFkaXNnbG9iYWwuY29tL3F2c3NsaWNhLmNydDCBtQYDVR0RBIGtMIGqghFhYWktbG9nb24uZXRo\nei5jaIIPdmNpcGhlci5ldGh6LmNogg92Y2Flc2FyLmV0aHouY2iCD3ZjdXJ0ZXIuZXRoei5jaIIP\ndmNvcHBlci5ldGh6LmNogg92Y2Vuc29yLmV0aHouY2iCEmxkYXBzLWluZm8uZXRoei5jaIIPbGlu\ndGVzdC5ldGh6LmNogRt2bGFkaXNsYXYubmVzcG9yQGlkLmV0aHouY2gwUQYDVR0gBEowSDBGBgwr\nBgEEAb5YAAJkAQEwNjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5xdW92YWRpc2dsb2JhbC5jb20v\ncmVwb3NpdG9yeTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC\nMB8GA1UdIwQYMBaAFDJNoU/q8K6Ztu6bByyECBFQi+J+MDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6\nLy9jcmwucXVvdmFkaXNnbG9iYWwuY29tL3F2c3NsaWNhLmNybDAdBgNVHQ4EFgQUUrfY5AJdnN5W\n9TTyrVObbQEoH/cwDQYJKoZIhvcNAQEFBQADggEBAJHQIjLbalw9LF9wIjhhOsEsaf/Bd8dSKcb2\nICLC16TyetuTTJfqHqHr3QiAcrSNKOxqoFBX51t7oNyd3n1BGxJeYmpoyKHKmViUF9mJWBKxSvfW\njmYA7M/LptNX+aUz0fPntCokjH5pPAk3n5YYf2gTFOmRbZDdvNxQ0+o5EkRKkxLDAYM7HlJshWfK\nyY8ZKiPSx28ebXORGzW/VC5VunURFPmhvy5hUFo2qFhGhkQZD1Tg5uN+vd7KywgXLiQKWFDweOxY\nkFuTatM9peWNaapAuaYL8D6q/pn6q76cDKiMjTLp1siQsVVzFAZNjywOve5tdqB/Qo7zwX7TggF1\nmrQ=_e132eb870c4a912c56e1bafeb5257b35urn:auth0:fmi-testurn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransportmemberstaffstudentGnüggeRobertethz.ch187624@ethz.chuniversity37J7PjSu8hkThPDMZOfZLtca0Ag=robert.gnuegge@bsse.ethz.ch'); + it('should validate an assertion with an umlaut character entity in the xml', function (done) { + var signedAssertion = 'https://aai-logon.ethz.ch/idp/shibbolethjVMwKZ5O3hXfOf6tkVan2hnPW2w=nq5nJangoli5J6uBF/sEeYyKL7+xepbsDmjT6mpggLmba6yR+lQaZmAGnti8nhZUPyXwZfZS3d9oH4upbRg56jdVVcPaZUhYOPW2T2etm7lxxaDlHDJo/E40KnBtGMn6Oxz23hXUrc6p6K4FFLCQwmsE3ZZlP/u8DcqKNl5X/D5udcCV75mjxnVKWuXu34Xw4uQEQBb+6UfGjDN1/91M6U3ZZ0iOSRsBC7+SYLVMbDZqGveioKjZMPBuHmoBwQxsCixu1var3LNyCFVRo0LV9qA5DhA5lyH209+kFsN9vqzHKkiOF+Wua+Ngh2oR/48CWfTOjDuvRpje1bICIwwCQg==MIIFjzCCBHegAwIBAgIUZ+QtvaEucMtOcruHlzQrEDH92FMwDQYJKoZIhvcNAQEFBQAwazELMAkG\nA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHzAdBgNVBAsTFnd3dy5xdW92YWRp\nc2dsb2JhbC5jb20xIDAeBgNVBAMTF1F1b1ZhZGlzIEdsb2JhbCBTU0wgSUNBMB4XDTEzMDQxNzA4\nMDYwNFoXDTE1MDQxNzA4MDYwNFowYzELMAkGA1UEBhMCQ0gxEDAOBgNVBAgTB1p1ZXJpY2gxEDAO\nBgNVBAcTB1p1ZXJpY2gxFDASBgNVBAoTC0VUSCBadWVyaWNoMRowGAYDVQQDExFhYWktbG9nb24u\nZXRoei5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOJWLI4vWx5HnqUvkBDm5Egp\nUg8yOlL3HbS0Y62/k77R2W9wxNczcR79wUBl2cNDCF/LxzdY1ml2u2skbZy4tqtmcvHVrwM5RVDb\n3jpjUhzBlD5rkpxgut2zFmNsahXzceD9dzsTvq7MUq6YgW6iRY3wNbes7ZgRtdkCz+vbiB52iTES\nZ2lo6fBn69eiqywUhQ5t/K4jGqpSUf1DITz//lMWRveagVyUq342JONxo93nt6x6ewGg+Qo8yCuC\nj4VehpncHYV0oNI2sSncKPm23Z4TNxPDalSaq8R5nKhueG+FHX7Ks8hWYSf42m2rrZLTumv2Ry8H\nFrPFkI7kuSFwVRECAwEAAaOCAjEwggItMHQGCCsGAQUFBwEBBGgwZjAqBggrBgEFBQcwAYYeaHR0\ncDovL29jc3AucXVvdmFkaXNnbG9iYWwuY29tMDgGCCsGAQUFBzAChixodHRwOi8vdHJ1c3QucXVv\ndmFkaXNnbG9iYWwuY29tL3F2c3NsaWNhLmNydDCBtQYDVR0RBIGtMIGqghFhYWktbG9nb24uZXRo\nei5jaIIPdmNpcGhlci5ldGh6LmNogg92Y2Flc2FyLmV0aHouY2iCD3ZjdXJ0ZXIuZXRoei5jaIIP\ndmNvcHBlci5ldGh6LmNogg92Y2Vuc29yLmV0aHouY2iCEmxkYXBzLWluZm8uZXRoei5jaIIPbGlu\ndGVzdC5ldGh6LmNogRt2bGFkaXNsYXYubmVzcG9yQGlkLmV0aHouY2gwUQYDVR0gBEowSDBGBgwr\nBgEEAb5YAAJkAQEwNjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5xdW92YWRpc2dsb2JhbC5jb20v\ncmVwb3NpdG9yeTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC\nMB8GA1UdIwQYMBaAFDJNoU/q8K6Ztu6bByyECBFQi+J+MDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6\nLy9jcmwucXVvdmFkaXNnbG9iYWwuY29tL3F2c3NsaWNhLmNybDAdBgNVHQ4EFgQUUrfY5AJdnN5W\n9TTyrVObbQEoH/cwDQYJKoZIhvcNAQEFBQADggEBAJHQIjLbalw9LF9wIjhhOsEsaf/Bd8dSKcb2\nICLC16TyetuTTJfqHqHr3QiAcrSNKOxqoFBX51t7oNyd3n1BGxJeYmpoyKHKmViUF9mJWBKxSvfW\njmYA7M/LptNX+aUz0fPntCokjH5pPAk3n5YYf2gTFOmRbZDdvNxQ0+o5EkRKkxLDAYM7HlJshWfK\nyY8ZKiPSx28ebXORGzW/VC5VunURFPmhvy5hUFo2qFhGhkQZD1Tg5uN+vd7KywgXLiQKWFDweOxY\nkFuTatM9peWNaapAuaYL8D6q/pn6q76cDKiMjTLp1siQsVVzFAZNjywOve5tdqB/Qo7zwX7TggF1\nmrQ=_e132eb870c4a912c56e1bafeb5257b35urn:auth0:fmi-testurn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransportmemberstaffstudentGnüggeRobertethz.ch187624@ethz.chuniversity37J7PjSu8hkThPDMZOfZLtca0Ag=robert.gnuegge@bsse.ethz.ch'; var saml_passport = new SamlPassport({thumbprints: ['42FA24A83E107F6842E05D2A2CA0A0A0CA8A2031'], realm: 'urn:auth0:fmi-test', @@ -227,6 +221,33 @@ describe('interop', function () { }); + it('should validate a response whose assertion contains unicode character entities in the xml', function (done) { + var signedResponse = 'https://app.onelogin.com/saml/metadata/751422FJbpoVhnf25bH9AM060fFF5xVV8=M1D/IRkUxGyVGqmsYqhtQacQUy5NdjQVqzWcAQOQvrCEH+enonwSPpModMoQrp6vVCdfUOl7Zm/4piOh+LJ6gy26qZsZuUABLhFXkXjSB43es+RnjJjyU2eIJbsU4vtO0UHDKA9qUZkP4DWXIEa050ejDVgBVFlcjT0b/WNpQYYYD0wszC7PlqZmPqMBrjZk7KLM2BNDq/3j+DK7IXhEy0B9OkOkHf6nbFTMU2lXXGzwFqvg9ofoygTyJ1UgZIAeFi3DAkeJTQJkyetS7C3nwi7bxnkxGakYThngF7urkGSJiJPVW3ZlUAKvwEpYdQ0fkj/lpfbnwlmZJirkXvYPBw==MIIEGjCCAwKgAwIBAgIULmFf91+0qo061PisJLfrqhebGTowDQYJKoZIhvcNAQEFBQAwWTELMAkGA1UEBhMCVVMxEjAQBgNVBAoMCU15Q29tcGFueTEVMBMGA1UECwwMT25lTG9naW4gSWRQMR8wHQYDVQQDDBZPbmVMb2dpbiBBY2NvdW50IDg1NDA2MB4XDTE2MDUzMDIyMTkzN1oXDTIxMDUzMTIyMTkzN1owWTELMAkGA1UEBhMCVVMxEjAQBgNVBAoMCU15Q29tcGFueTEVMBMGA1UECwwMT25lTG9naW4gSWRQMR8wHQYDVQQDDBZPbmVMb2dpbiBBY2NvdW50IDg1NDA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZyU1dVPmckuDUWLkIGt8HDH8gu6LjKhoOPIwm7qiZVxtm1QhGkOwgUY71lMJLOhWXsjZKqxstdK0Ni7VrgnU5fL7AfGsd5Jf2RIaiUgiRwIN2MFkF3+Gw1mXiPA30Xs2LqBT5PAa+wHooQR0uWDHRlh2pj/qfM6TrsaXDk73KyQAQXYoY29RtB+a0mwwdGKQF6R5MyrMcsssMdkwlyKptHPzEo6JYUObDxBEbu2jEtyhj8FVz9leqB28MYO2C0TDWEDDzcRG+2LPp4JZMEF3d00trQy8F02VnU9rVCs4/VBswBo5+ayUHPOU6u2uPB26p0PubU0Kz+Tfi2AmpAmbQIDAQABo4HZMIHWMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFL7WwnT9l950ZweaTpUjS3Tcp2eCMIGWBgNVHSMEgY4wgYuAFL7WwnT9l950ZweaTpUjS3Tcp2eCoV2kWzBZMQswCQYDVQQGEwJVUzESMBAGA1UECgwJTXlDb21wYW55MRUwEwYDVQQLDAxPbmVMb2dpbiBJZFAxHzAdBgNVBAMMFk9uZUxvZ2luIEFjY291bnQgODU0MDaCFC5hX/dftKqNOtT4rCS366oXmxk6MA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQUFAAOCAQEAoPTsWDFG6U+QgzBEBllQnkHYNTIG98938stmu9StEd7A75OcsfygXP1cXqS+0zbtVooYSd+wBUgGvPOw+YUJLFn/MOVoqpACJo1Q8BRN93nNR/YG9nysNr2PYKlO3MPVh6eEkc5g5gXUdZ764tbBG22VvUiZyeS1HbNQGl5OD6ULHw6k5cq/8IO3K65/QtAubZ4I1rlYjfRwM46NlSoiU+9XPukMeMyb3Ddxfud6rttIBTSNs+HbqbMm9Y7ZBU1FQhPEhhctgrRIVoyP9StVUR8IGXqEBIKTOyjAG52HnoTyQmL/6dkoQk1GMP8yG7Pmwf5Dej9lgP6ffpCx1pIV8g==https://app.onelogin.com/saml/metadata/751422kchen七味@shichimitogarashi.orgurn:auth0:dse-investigations:OneLoginurn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransportNon-ASCIIkchen七味@shichimitogarashi.orgCharacters'; + + var samlOptions = { + thumbprints: ['B7FB3723CF22C0315644AB242EBABFFD2A95CBD4'], + realm: 'urn:auth0:dse-investigations:OneLogin', + recipientUrl: 'https://dse-investigations.auth0.com/login/callback?connection=OneLogin', + checkExpiration: false // dont check expiration since we are harcoding the token + }; + + var samlpOptions = { + thumbprints: samlOptions.thumbprints, + protocolBinding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST', + destinationUrl: samlOptions.recipientUrl + }; + + var saml_passport = new SamlPassport(samlOptions); + var sp = new samlp(samlpOptions, saml_passport); + + sp.validateSamlResponse(signedResponse, function(err, profile) { + if (err) return done(err); + assert.ok(profile); + expect(profile).to.have.property('http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier', 'kchen七味@shichimitogarashi.org'); + done(); + }); + }); + it('should validate an assertion with \\r\\n', function (done) { var response = 'PFJlc3BvbnNlIHhtbG5zPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIERl\r\nc3RpbmF0aW9uPSJodHRwczovL3B3Y3Rlc3QuYXV0aDAuY29tL2xvZ2luL2NhbGxiYWNrP2Nvbm5l\r\nY3Rpb249U2l0ZW1pbmRlckRldiIgSUQ9Il9iOTRmZjU0ZmM5OWQzNDMwMDQyMWZiZGMzMjFjNjMz\r\nNmVjNWQiIEluUmVzcG9uc2VUbz0iXzRhZjhhZGQwZTc2YTIwNzI2Njg0IiBJc3N1ZUluc3RhbnQ9\r\nIjIwMTQtMDgtMTJUMDM6MTg6NTFaIiBWZXJzaW9uPSIyLjAiPg0KICAgIDxuczE6SXNzdWVyIHht\r\nbG5zOm5zMT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgRm9ybWF0PSJ1\r\ncm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6bmFtZWlkLWZvcm1hdDplbnRpdHkiPmh0dHBzOi8v\r\ncGFydG5lcnNoaXAtZGV2LnB3Y2ludGVybmFsLmNvbTwvbnMxOklzc3Vlcj4NCiAgICA8U3RhdHVz\r\nPg0KICAgICAgICA8U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4w\r\nOnN0YXR1czpTdWNjZXNzIi8+DQogICAgPC9TdGF0dXM+DQogICAgPG5zMjpBc3NlcnRpb24geG1s\r\nbnM6bnMyPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIiBJRD0iXzEyODkx\r\nNGVhM2FiYmJlM2IxNzgzYzY4OWNiZWI3NzViNTQ4MiIgSXNzdWVJbnN0YW50PSIyMDE0LTA4LTEy\r\nVDAzOjE4OjUxWiIgVmVyc2lvbj0iMi4wIj4NCiAgICAgICAgPG5zMjpJc3N1ZXIgRm9ybWF0PSJ1\r\ncm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6bmFtZWlkLWZvcm1hdDplbnRpdHkiPmh0dHBzOi8v\r\ncGFydG5lcnNoaXAtZGV2LnB3Y2ludGVybmFsLmNvbTwvbnMyOklzc3Vlcj48ZHM6U2lnbmF0dXJl\r\nIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj4NCjxkczpTaWdu\r\nZWRJbmZvPg0KPGRzOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3\r\nLnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz4NCjxkczpTaWduYXR1cmVNZXRob2QgQWxn\r\nb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiLz4NCjxk\r\nczpSZWZlcmVuY2UgVVJJPSIjXzEyODkxNGVhM2FiYmJlM2IxNzgzYzY4OWNiZWI3NzViNTQ4MiI+\r\nDQo8ZHM6VHJhbnNmb3Jtcz4NCjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3Lncz\r\nLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPg0KPGRzOlRyYW5zZm9y\r\nbSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPg0K\r\nPC9kczpUcmFuc2Zvcm1zPg0KPGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cu\r\ndzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+DQo8ZHM6RGlnZXN0VmFsdWU+cFV1aHZjMk1D\r\nVXBjQUZMbVM1a1FWR0tCbzhFPTwvZHM6RGlnZXN0VmFsdWU+DQo8L2RzOlJlZmVyZW5jZT4NCjwv\r\nZHM6U2lnbmVkSW5mbz4NCjxkczpTaWduYXR1cmVWYWx1ZT4NCml0UHp5em4xd0IrM3IwQzRieXhV\r\nQzRBL082ZVpDOW1tUnM4c0UwTU5SbVlJVEw1NC9DTEhKMlRlbVhFb2JDMjFvVXZRRGxiSTVJRXYN\r\nCkZvSmFGVXVBVW5rcVFPalVQT1MzbERNM0dITkFkc2ZTWElmMGpGQ1B6Qno3UDlYRzBCZGU0QW9W\r\ndUgvU1J1V29qNksrV1AxSHdYOEgNClpDZVFMc1FBZGNpWTV6SlFnUEJFK24vdzRzem1veDY2Vyt6\r\nNjlRMUVrczdoNkYwQ3RBemlKOW9uR2VTUU5UKzJWelJYUEhDMndDSnUNCklQcDQ1MDJnTFlnNExk\r\ncEN0eHZNd3BiR2RLbjdZZDY1SHFrUjhZKzFMT01ibVlPYk04bWtYN2s5Uy9Cb1NBSDlybjMxUU5v\r\nSVcwbGcNCjZiQzhiRzBXcVlIblFFazN4QnY3SUt2SUFVWFNFL3VUR285dnZBPT0NCjwvZHM6U2ln\r\nbmF0dXJlVmFsdWU+DQo8ZHM6S2V5SW5mbz4NCjxkczpYNTA5RGF0YT4NCjxkczpYNTA5Q2VydGlm\r\naWNhdGU+DQpNSUlHQURDQ0JPaWdBd0lCQWdJS0hvVmR2Z0FEQUJLL2xEQU5CZ2txaGtpRzl3MEJB\r\nUVVGQURCVU1STXdFUVlLQ1pJbWlaUHlMR1FCDQpHUllEWTI5dE1STXdFUVlLQ1pJbWlaUHlMR1FC\r\nR1JZRGNIZGpNU2d3SmdZRFZRUURFeDlRY21salpYZGhkR1Z5YUc5MWMyVkRiMjl3DQpaWEp6SUVs\r\nemMzVnBibWN4TUI0WERURXpNRFV3TXpFNU16UXdORm9YRFRFMU1URXdNekU1TkRRd05Gb3dnYlF4\r\nQ3pBSkJnTlZCQVlUDQpBbFZUTVJBd0RnWURWUVFJRXdkR2JHOXlhV1JoTVE0d0RBWURWUVFIRXdW\r\nVVlXMXdZVEVqTUNFR0ExVUVDaE1hVUhKcFkyVjNZWFJsDQpjbWh2ZFhObFEyOXZjR1Z5Y3lCTVRG\r\nQXhEREFLQmdOVkJBc1RBMGRVVXpFb01DWUdBMVVFQXhNZmNHRnlkRzVsY25Ob2FYQXRaR1YyDQpM\r\nbkIzWTJsdWRHVnlibUZzTG1OdmJURW1NQ1FHQ1NxR1NJYjNEUUVKQVJZWGJtRjJhVzR1WW1oaGRH\r\nbGhRSFZ6TG5CM1l5NWpiMjB3DQpnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtB\r\nb0lCQVFDN3JDZmdDT2dzMDI5NnJ1bENROWQrQ1BNcmZEdWhuZjRNDQpnQjN2YTB5RUw3OXEvVnVO\r\nTmc4YXptWkVkQTJiME5BWEpMbzB5K1hHY2xrZVpvTTdXaEE0aWMwOUlONiszTVVFenYveXlndTdv\r\nRGhmDQpnanRwbFBoQUtXT0JxWmtPSlFadzdkekZwbHJLOGtuY21WR1EvMS9JaGtpdllLbG5tdW5F\r\nSmh5Y2Y1UTdRZWdqbno3RFZIU3V5TGdiDQp3TWczOWY2d3BvbENacnNrdThwVVB2MVZvclcxb1JH\r\nVlBibkF3VUdNemtkK1pIRHhUa0JWM1NCUnVySWtsL2tUNjdoUmZVb1V0TjFwDQpVTTJmSTJrZkJJ\r\nMzU1L0JzSXRjMVl6cWZEZk8zaHNsS1ZCOWNTL0RYeXFTdEQ5MW5xOHZBUW96QmoxaVNIN0pGOXVQ\r\nYUVZWXFIaDEvDQpWcDgvQWdNQkFBR2pnZ0p4TUlJQ2JUQWRCZ05WSFE0RUZnUVV1Z3R3NzBqRHVs\r\nY2xsMy9Wa2ZhVkFxV1NDVjh3SHdZRFZSMGpCQmd3DQpGb0FVUXFhMTM1dTZ3Y2hubmwrbmV0aStH\r\nblUvZE8wd2dnRUxCZ05WSFI4RWdnRUNNSUgvTUlIOG9JSDVvSUgyaGxCb2RIUndPaTh2DQpZMlZ5\r\nZEdSaGRHRXhMbkIzWTJsdWRHVnlibUZzTG1OdmJTOURaWEowUkdGMFlURXZVSEpwWTJWM1lYUmxj\r\nbWh2ZFhObFEyOXZjR1Z5DQpjeVV5TUVsemMzVnBibWN4TG1OeWJJWlFhSFIwY0RvdkwyTmxjblJr\r\nWVhSaE1pNXdkMk5wYm5SbGNtNWhiQzVqYjIwdlEyVnlkRVJoDQpkR0V5TDFCeWFXTmxkMkYwWlhK\r\nb2IzVnpaVU52YjNCbGNuTWxNakJKYzNOMWFXNW5NUzVqY215R1VHaDBkSEE2THk5alpYSjBaR0Yw\r\nDQpZVE11Y0hkamFXNTBaWEp1WVd3dVkyOXRMME5sY25SRVlYUmhNeTlRY21salpYZGhkR1Z5YUc5\r\nMWMyVkRiMjl3WlhKekpUSXdTWE56DQpkV2x1WnpFdVkzSnNNSUlCR2dZSUt3WUJCUVVIQVFFRWdn\r\nRU1NSUlCQ0RDQmdRWUlLd1lCQlFVSE1BS0dkV2gwZEhBNkx5OWpaWEowDQpaR0YwWVRFdWNIZGph\r\nVzUwWlhKdVlXd3VZMjl0TDBObGNuUkVZWFJoTVM5MWMzUndZVE5uZEhOallUQXpMbTVoYlM1d2Qy\r\nTnBiblJsDQpjbTVoYkM1amIyMWZVSEpwWTJWM1lYUmxjbWh2ZFhObFEyOXZjR1Z5Y3lVeU1FbHpj\r\nM1ZwYm1jeEtETXBMbU55ZERDQmdRWUlLd1lCDQpCUVVITUFLR2RXaDBkSEE2THk5alpYSjBaR0Yw\r\nWVRJdWNIZGphVzUwWlhKdVlXd3VZMjl0TDBObGNuUkVZWFJoTWk5MWMzUndZVE5uDQpkSE5qWVRB\r\nekxtNWhiUzV3ZDJOcGJuUmxjbTVoYkM1amIyMWZVSEpwWTJWM1lYUmxjbWh2ZFhObFEyOXZjR1Z5\r\nY3lVeU1FbHpjM1ZwDQpibWN4S0RNcExtTnlkREFOQmdrcWhraUc5dzBCQVFVRkFBT0NBUUVBcWZo\r\nd2RjN0ZKb2NkTmw5SXpNOFdtTndIZDhGS1F2ZjVKczRZDQpER21jMDh2ZDRLYjRzWW9NL01Uc1Nw\r\nbEFMczRIK3dySWZMbVFIdXBmWlRFMmVDNXRSa0F3dVpWR0I0R0o5a0cwK1E5djNZMzZvNTd3DQo2\r\naGt6QlVGSitKaWJzc2tUNUpNTXZaVnh6SG10K3Z5dmtablBWa2tKWkp1RHA3TW8rZ0daTXY4aTRV\r\nVitHWnlZQWdrS1BDUXR3dVFKDQp5aE90MG1BUDhDb1dsVys1Q2dZVjJzWDRCbUVuZW9LY1JtZXlS\r\nNDlTQ2FEOFFRWmVlcitIQ2NEenJsOWdQOGlkN1NnRTRxL3pNbUd4DQpCRW1HTUQyV0kydzJ6Nnp1\r\nd3QyUktFWnl4QUJka2V2VDk4WG5tQTI0Z0RMVXZsYzNXd2lFd2xkYW0vaVR4VW5rV0hDR2x6WnhG\r\nWXUyDQpTQT09DQo8L2RzOlg1MDlDZXJ0aWZpY2F0ZT4NCjwvZHM6WDUwOURhdGE+DQo8L2RzOktl\r\neUluZm8+DQo8L2RzOlNpZ25hdHVyZT4NCiAgICAgICAgPG5zMjpTdWJqZWN0Pg0KICAgICAgICAg\r\nICAgPG5zMjpOYW1lSUQgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlk\r\nLWZvcm1hdDp1bnNwZWNpZmllZCI+MTAwMDE2OTA5MTwvbnMyOk5hbWVJRD4NCiAgICAgICAgICAg\r\nIDxuczI6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1M\r\nOjIuMDpjbTpiZWFyZXIiPg0KICAgICAgICAgICAgICAgIDxuczI6U3ViamVjdENvbmZpcm1hdGlv\r\nbkRhdGEgSW5SZXNwb25zZVRvPSJfNGFmOGFkZDBlNzZhMjA3MjY2ODQiIE5vdE9uT3JBZnRlcj0i\r\nMjAxNC0wOC0xMlQwMzoyMDo1MVoiIFJlY2lwaWVudD0iaHR0cHM6Ly9wd2N0ZXN0LmF1dGgwLmNv\r\nbS9sb2dpbi9jYWxsYmFjaz9jb25uZWN0aW9uPVNpdGVtaW5kZXJEZXYiLz4NCiAgICAgICAgICAg\r\nIDwvbnMyOlN1YmplY3RDb25maXJtYXRpb24+DQogICAgICAgIDwvbnMyOlN1YmplY3Q+DQogICAg\r\nICAgIDxuczI6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTQtMDgtMTJUMDM6MTc6NTFaIiBOb3RP\r\nbk9yQWZ0ZXI9IjIwMTQtMDgtMTJUMDM6MjA6NTFaIj4NCiAgICAgICAgICAgIDxuczI6QXVkaWVu\r\nY2VSZXN0cmljdGlvbj4NCiAgICAgICAgICAgICAgICA8bnMyOkF1ZGllbmNlPnVybjphdXRoMDpw\r\nd2N0ZXN0OlNpdGVtaW5kZXJEZXY8L25zMjpBdWRpZW5jZT4NCiAgICAgICAgICAgIDwvbnMyOkF1\r\nZGllbmNlUmVzdHJpY3Rpb24+DQogICAgICAgIDwvbnMyOkNvbmRpdGlvbnM+DQogICAgICAgIDxu\r\nczI6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDE0LTA4LTExVDIzOjI4OjI1WiIgU2Vz\r\nc2lvbkluZGV4PSJtKzVRKzNYbFVzUUFROURZMldocHFoRWFMNWM9YXd5OGZRPT0iIFNlc3Npb25O\r\nb3RPbk9yQWZ0ZXI9IjIwMTQtMDgtMTJUMDM6MjA6NTFaIj4NCiAgICAgICAgICAgIDxuczI6QXV0\r\naG5Db250ZXh0Pg0KICAgICAgICAgICAgICAgIDxuczI6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJu\r\nOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L25zMjpBdXRobkNv\r\nbnRleHRDbGFzc1JlZj4NCiAgICAgICAgICAgIDwvbnMyOkF1dGhuQ29udGV4dD4NCiAgICAgICAg\r\nPC9uczI6QXV0aG5TdGF0ZW1lbnQ+DQogICAgICAgIDxuczI6QXR0cmlidXRlU3RhdGVtZW50Pg0K\r\nICAgICAgICAgICAgPG5zMjpBdHRyaWJ1dGUgTmFtZT0iZm5hbWUiIE5hbWVGb3JtYXQ9InVybjpv\r\nYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6dW5zcGVjaWZpZWQiPg0KICAg\r\nICAgICAgICAgICAgIDxuczI6QXR0cmlidXRlVmFsdWU+UHVzaHA8L25zMjpBdHRyaWJ1dGVWYWx1\r\nZT4NCiAgICAgICAgICAgIDwvbnMyOkF0dHJpYnV0ZT4NCiAgICAgICAgICAgIDxuczI6QXR0cmli\r\ndXRlIE5hbWU9ImxuYW1lIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6\r\nYXR0cm5hbWUtZm9ybWF0OnVuc3BlY2lmaWVkIj4NCiAgICAgICAgICAgICAgICA8bnMyOkF0dHJp\r\nYnV0ZVZhbHVlPkFicm9sPC9uczI6QXR0cmlidXRlVmFsdWU+DQogICAgICAgICAgICA8L25zMjpB\r\ndHRyaWJ1dGU+DQogICAgICAgICAgICA8bnMyOkF0dHJpYnV0ZSBOYW1lPSJlbWFpbCIgTmFtZUZv\r\ncm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDp1bnNwZWNp\r\nZmllZCI+DQogICAgICAgICAgICAgICAgPG5zMjpBdHRyaWJ1dGVWYWx1ZT5wdXNocC5hYnJvbEB1\r\ncy5wd2MuY29tPC9uczI6QXR0cmlidXRlVmFsdWU+DQogICAgICAgICAgICA8L25zMjpBdHRyaWJ1\r\ndGU+DQogICAgICAgICAgICA8bnMyOkF0dHJpYnV0ZSBOYW1lPSJwd2NndWlkIiBOYW1lRm9ybWF0\r\nPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OnVuc3BlY2lmaWVk\r\nIj4NCiAgICAgICAgICAgICAgICA8bnMyOkF0dHJpYnV0ZVZhbHVlPnBhYnJvbDAwMTwvbnMyOkF0\r\ndHJpYnV0ZVZhbHVlPg0KICAgICAgICAgICAgPC9uczI6QXR0cmlidXRlPg0KICAgICAgICA8L25z\r\nMjpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogICAgPC9uczI6QXNzZXJ0aW9uPg0KPC9SZXNwb25zZT4=' var samlOptions = { diff --git a/test/samlp.tests.js b/test/samlp.tests.js index f9a6392..b44bc84 100644 --- a/test/samlp.tests.js +++ b/test/samlp.tests.js @@ -583,7 +583,7 @@ describe('samlp (unit tests)', function () { }; this.samlp.getSamlRequestParams(options, function(err, result) { expect(err).to.be.an.Error; - expect(err.message).to.equal('end tag name: samlp:AuthnRequest is not match the current start tagName:undefined'); + expect(err.message).to.equal('fail to compute signature'); expect(result).to.not.exist; done(); });