-
-
Notifications
You must be signed in to change notification settings - Fork 214
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Expose InResponseTo in parseLoginResponse extract (#190)
* Fix missing dependency error Like travis has here https://travis-ci.org/tngan/samlify/jobs/401602020 I have encountered an error arround the xml-encryption library. For some reason it seems to have been missing. Adding the prefix `@passify/' seems to fix it. This is not related to the current PR and you might want extract this commit if the rest of the PR fails for some reason. * Return InResponseTo field from parseLoginResponse This seems to be returning the right field and should allow the users to check that the id matches the nonce that was send during sp initiated logins. I've updated the exsiting tests rather than creating a new one because this is not really a new use case.
- Loading branch information
Showing
3 changed files
with
27 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -271,6 +271,8 @@ test('send response with signed assertion and parse it', async t => { | |
// test phrase 2: useful information is included in extract object | ||
t.is(extract.nameid, '[email protected]'); | ||
t.is(typeof extract.signature, 'string'); | ||
// Ensure that inresponseto was added to the response | ||
t.is(extract.response.inresponseto, 'request_id'); | ||
}); | ||
|
||
test('send response with [custom template] signed assertion and parse it', async t => { | ||
|
@@ -297,6 +299,8 @@ test('send response with [custom template] signed assertion and parse it', async | |
// test phrase 3: check if attribute is parsed properly | ||
t.is(extract.attribute.name, 'mynameinsp'); | ||
t.is(extract.attribute.mail, '[email protected]'); | ||
// Ensure that inresponseto was added to the response | ||
t.is(extract.response.inresponseto, '_4606cc1f427fa981e6ffd653ee8d6972fc5ce398c4'); | ||
}); | ||
|
||
test('send response with signed message and parse it', async t => { | ||
|
@@ -312,6 +316,8 @@ test('send response with signed message and parse it', async t => { | |
// test phrase 2: useful information is included in extract object | ||
t.is(extract.nameid, '[email protected]'); | ||
t.is(typeof extract.signature, 'string'); | ||
// Ensure that inresponseto was added to the response | ||
t.is(extract.response.inresponseto, 'request_id'); | ||
}); | ||
|
||
test('send response with [custom template] and signed message and parse it', async t => { | ||
|
@@ -336,6 +342,8 @@ test('send response with [custom template] and signed message and parse it', asy | |
// test phrase 3: check if attribute is parsed properly | ||
t.is(extract.attribute.name, 'mynameinsp'); | ||
t.is(extract.attribute.mail, '[email protected]'); | ||
// Ensure that inresponseto was added to the response | ||
t.is(extract.response.inresponseto, '_4606cc1f427fa981e6ffd653ee8d6972fc5ce398c4'); | ||
}); | ||
|
||
test('send login response with signed assertion + signed message and parse it', async t => { | ||
|
@@ -354,6 +362,8 @@ test('send login response with signed assertion + signed message and parse it', | |
// test phrase 2: useful information is included in extract object | ||
t.is(extract.nameid, '[email protected]'); | ||
t.is(typeof extract.signature, 'object'); | ||
// Ensure that inresponseto was added to the response | ||
t.is(extract.response.inresponseto, 'request_id'); | ||
}); | ||
|
||
test('send login response with [custom template] and signed assertion + signed message and parse it', async t => { | ||
|
@@ -381,6 +391,8 @@ test('send login response with [custom template] and signed assertion + signed m | |
// test phrase 3: check if attribute is parsed properly | ||
t.is(extract.attribute.name, 'mynameinsp'); | ||
t.is(extract.attribute.mail, '[email protected]'); | ||
// Ensure that inresponseto was added to the response | ||
t.is(extract.response.inresponseto, '_4606cc1f427fa981e6ffd653ee8d6972fc5ce398c4'); | ||
}); | ||
|
||
test('send login response with encrypted non-signed assertion and parse it', async t => { | ||
|
@@ -395,6 +407,8 @@ test('send login response with encrypted non-signed assertion and parse it', asy | |
// test phrase 2: useful information is included in extract object | ||
t.is(extract.nameid, '[email protected]'); | ||
t.is(typeof extract.signature, 'string'); | ||
// Ensure that inresponseto was added to the response | ||
t.is(extract.response.inresponseto, 'request_id'); | ||
}); | ||
|
||
test('send login response with encrypted signed assertion and parse it', async t => { | ||
|
@@ -409,6 +423,8 @@ test('send login response with encrypted signed assertion and parse it', async t | |
// test phrase 2: useful information is included in extract object | ||
t.is(extract.nameid, '[email protected]'); | ||
t.is(typeof extract.signature, 'string'); | ||
// Ensure that inresponseto was added to the response | ||
t.is(extract.response.inresponseto, 'request_id'); | ||
}); | ||
|
||
test('send login response with [custom template] and encrypted signed assertion and parse it', async t => { | ||
|
@@ -432,6 +448,8 @@ test('send login response with [custom template] and encrypted signed assertion | |
// test phrase 3: check if attribute is parsed properly | ||
t.is(extract.attribute.name, 'mynameinsp'); | ||
t.is(extract.attribute.mail, '[email protected]'); | ||
// Ensure that inresponseto was added to the response | ||
t.is(extract.response.inresponseto, '_4606cc1f427fa981e6ffd653ee8d6972fc5ce398c4'); | ||
}); | ||
|
||
test('send login response with encrypted signed assertion + signed message and parse it', async t => { | ||
|
@@ -450,6 +468,8 @@ test('send login response with encrypted signed assertion + signed message and p | |
// test phrase 2: useful information is included in extract object | ||
t.is(extract.nameid, '[email protected]'); | ||
t.is(typeof extract.signature, 'object'); | ||
// Ensure that inresponseto was added to the response | ||
t.is(extract.response.inresponseto, 'request_id'); | ||
}); | ||
|
||
test('send login response with [custom template] encrypted signed assertion + signed message and parse it', async t => { | ||
|
@@ -477,6 +497,8 @@ test('send login response with [custom template] encrypted signed assertion + si | |
// test phrase 3: check if attribute is parsed properly | ||
t.is(extract.attribute.name, 'mynameinsp'); | ||
t.is(extract.attribute.mail, '[email protected]'); | ||
// Ensure that inresponseto was added to the response | ||
t.is(extract.response.inresponseto, '_4606cc1f427fa981e6ffd653ee8d6972fc5ce398c4'); | ||
}); | ||
|
||
// simulate idp-init slo | ||
|