NB-Public/meteor-accounts-saml
14
0
Fork 0
mirror of https://github.com/netzbegruenung/meteor-accounts-saml.git synced 2024-04-30 19:04:53 +02:00
Code Issues Projects Releases Wiki Activity

- changes needed for encrypted assertions

Browse source
This commit is contained in:
Daniel Gerber 2018-04-02 16:51:52 +02:00
parent 28965b536c
commit 7504f4b27a
1 changed files with 18 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
saml_utils.js
View file

@ -374,6 +374,17 @@ SAML.prototype.validateResponse = function(samlResponse, relayState, callback) {
}
const assertion = response.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:assertion', 'Assertion')[0];
const encAssertion = response.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:assertion', 'EncryptedAssertion')[0];
var xmlenc = require('xml-encryption');
var options = { key: this.options.privateKey, };
if (typeof encAssertion !== 'undefined') {
xmlenc.decrypt(encAssertion.getElementsByTagNameNS('*', 'EncryptedData')[0], options, function(err, result) {
assertion = new xmldom.DOMParser().parseFromString(result, 'text/xml');
});
}
if (!assertion) {
return callback(new Error('Missing SAML assertion'), null, false);
}
@ -390,6 +401,13 @@ SAML.prototype.validateResponse = function(samlResponse, relayState, callback) {
}
const subject = assertion.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:assertion', 'Subject')[0];
const encSubject = assertion.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:assertion', 'EncryptedID')[0];
if (typeof encSubject !== 'undefined') {
xmlenc.decrypt(encSubject.getElementsByTagNameNS('*', 'EncryptedData')[0], options, function(err, result) {
subject = new xmldom.DOMParser().parseFromString(result, 'text/xml');
});
}
if (subject) {
const nameID = subject.getElementsByTagNameNS('urn:oasis:names:tc:SAML:2.0:assertion', 'NameID')[0];