Move XML functions to utility module (#571)

* Move all xpath select to xml module It adds better typings and already allowed to catch an incorrect type. It will also make the code safer since the returned type is checked at runtime. * Move xml-crypto and xmlenc operations to xml module * Move xmldom parsing to xml module * Move xml2js to xml module * Move xmlbuilder to xml module * Improve signature tests to better detect regressions * Move signXML function to xml module * Factorize parseDomFromString in xml module
node-saml · Apr 6, 2021 · 9ad5662 · 9ad5662
1 parent 4a83196
commit 9ad5662
Show file tree

Hide file tree

Showing 7 changed files with 522 additions and 225 deletions.
diff --git a/src/node-saml/saml-post-signing.ts b/src/node-saml/saml-post-signing.ts
@@ -1,42 +1,19 @@
-import { SignedXml } from "xml-crypto";
-import * as algorithms from "./algorithms";
 import { SamlSigningOptions } from "./types";
+import { signXml } from "./xml";
 
 const authnRequestXPath =
   '/*[local-name(.)="AuthnRequest" and namespace-uri(.)="urn:oasis:names:tc:SAML:2.0:protocol"]';
 const issuerXPath =
   '/*[local-name(.)="Issuer" and namespace-uri(.)="urn:oasis:names:tc:SAML:2.0:assertion"]';
-const defaultTransforms = [
-  "http://www.w3.org/2000/09/xmldsig#enveloped-signature",
-  "http://www.w3.org/2001/10/xml-exc-c14n#",
-];
 
 export function signSamlPost(
   samlMessage: string,
   xpath: string,
   options: SamlSigningOptions
 ): string {
-  if (!samlMessage) throw new Error("samlMessage is required");
-  if (!xpath) throw new Error("xpath is required");
-  if (!options) {
-    options = {} as SamlSigningOptions;
-  }
-
-  if (options.privateKey == null) throw new Error("options.privateKey is required");
-
-  const transforms = options.xmlSignatureTransforms || defaultTransforms;
-  const sig = new SignedXml();
-  if (options.signatureAlgorithm) {
-    sig.signatureAlgorithm = algorithms.getSigningAlgorithm(options.signatureAlgorithm);
-  }
-  sig.addReference(xpath, transforms, algorithms.getDigestAlgorithm(options.digestAlgorithm));
-  sig.signingKey = options.privateKey;
-  sig.computeSignature(samlMessage, {
-    location: { reference: xpath + issuerXPath, action: "after" },
-  });
-  return sig.getSignedXml();
+  return signXml(samlMessage, xpath, { reference: xpath + issuerXPath, action: "after" }, options);
 }
 
-export function signAuthnRequestPost(authnRequest: string, options: SamlSigningOptions) {
+export function signAuthnRequestPost(authnRequest: string, options: SamlSigningOptions): string {
   return signSamlPost(authnRequest, authnRequestXPath, options);
 }