From 1f1549eda748930c25d44f24e260220774e1c85c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 3 Jan 2024 16:17:03 +0000 Subject: [PATCH] Bump chai from 4.3.10 to 5.0.0 (#481) * Bump chai from 4.3.10 to 5.0.0 Bumps [chai](https://github.com/chaijs/chai) from 4.3.10 to 5.0.0. - [Release notes](https://github.com/chaijs/chai/releases) - [Changelog](https://github.com/chaijs/chai/blob/main/History.md) - [Commits](https://github.com/chaijs/chai/compare/v4.3.10...v5.0.0) --- updated-dependencies: - dependency-name: chai dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] * WIP: replace chai.expect with assert * replaced chai.expect with assert --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Deepak Prabhakara --- package-lock.json | 154 ------------------ package.json | 1 - test/lib/cert.spec.ts | 8 +- test/lib/decrypt.response.spec.ts | 30 ++-- test/lib/decrypt.spec.ts | 8 +- test/lib/getVersion.spec.ts | 4 +- test/lib/metadata.spec.ts | 102 +++++++----- test/lib/post.spec.ts | 13 +- test/lib/request.spec.ts | 6 +- test/lib/response.spec.ts | 79 ++++----- test/lib/saml20.attacks.spec.ts | 6 +- test/lib/saml20.attacks.wrapping.spec.ts | 16 +- test/lib/saml20.response.spec.ts | 26 +-- test/lib/saml20.responseSignedMessage.spec.ts | 24 +-- test/lib/saml20.spec.ts | 62 +++---- test/lib/validateSignature.spec.ts | 20 +-- 16 files changed, 216 insertions(+), 343 deletions(-) diff --git a/package-lock.json b/package-lock.json index 655a0ed9..99c9adb3 100644 --- a/package-lock.json +++ b/package-lock.json @@ -24,7 +24,6 @@ "@types/xml2js": "0.4.14", "@typescript-eslint/eslint-plugin": "6.16.0", "@typescript-eslint/parser": "6.16.0", - "chai": "4.3.10", "eslint": "8.56.0", "eslint-config-prettier": "9.1.0", "mocha": "10.2.0", @@ -1644,15 +1643,6 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/assertion-error": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/assertion-error/-/assertion-error-1.1.0.tgz", - "integrity": "sha512-jgsaNduz+ndvGyFt3uSuWqvy4lCnIJiovtouQN5JZHOKCS2QuhEdbcQHFhVksz2N2U9hXJo8odG7ETyWlEeuDw==", - "dev": true, - "engines": { - "node": "*" - } - }, "node_modules/ast-types": { "version": "0.13.4", "resolved": "https://registry.npmjs.org/ast-types/-/ast-types-0.13.4.tgz", @@ -2093,24 +2083,6 @@ } ] }, - "node_modules/chai": { - "version": "4.3.10", - "resolved": "https://registry.npmjs.org/chai/-/chai-4.3.10.tgz", - "integrity": "sha512-0UXG04VuVbruMUYbJ6JctvH0YnC/4q3/AkT18q4NaITo91CUm0liMS9VqzT9vZhVQ/1eqPanMWjBM+Juhfb/9g==", - "dev": true, - "dependencies": { - "assertion-error": "^1.1.0", - "check-error": "^1.0.3", - "deep-eql": "^4.1.3", - "get-func-name": "^2.0.2", - "loupe": "^2.3.6", - "pathval": "^1.1.1", - "type-detect": "^4.0.8" - }, - "engines": { - "node": ">=4" - } - }, "node_modules/chalk": { "version": "4.1.2", "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", @@ -2145,18 +2117,6 @@ "integrity": "sha512-mT8iDcrh03qDGRRmoA2hmBJnxpllMR+0/0qlzjqZES6NdiWDcZkCNAk4rPFZ9Q85r27unkiNNg8ZOiwZXBHwcA==", "dev": true }, - "node_modules/check-error": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/check-error/-/check-error-1.0.3.tgz", - "integrity": "sha512-iKEoDYaRmd1mxM90a2OEfWhjsjPpYPuQ+lMYsoxB126+t8fw7ySEO48nmDg5COTjxDI65/Y2OWpeEHk3ZOe8zg==", - "dev": true, - "dependencies": { - "get-func-name": "^2.0.2" - }, - "engines": { - "node": "*" - } - }, "node_modules/chokidar": { "version": "3.5.3", "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-3.5.3.tgz", @@ -2497,18 +2457,6 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/deep-eql": { - "version": "4.1.3", - "resolved": "https://registry.npmjs.org/deep-eql/-/deep-eql-4.1.3.tgz", - "integrity": "sha512-WaEtAOpRA1MQ0eohqZjpGD8zdI0Ovsm8mmFhaDN8dvDZzyoUMcYDnf5Y6iu7HTXxf8JDS23qWa4a+hKCDyOPzw==", - "dev": true, - "dependencies": { - "type-detect": "^4.0.0" - }, - "engines": { - "node": ">=6" - } - }, "node_modules/deep-extend": { "version": "0.6.0", "resolved": "https://registry.npmjs.org/deep-extend/-/deep-extend-0.6.0.tgz", @@ -3496,15 +3444,6 @@ "node": "6.* || 8.* || >= 10.*" } }, - "node_modules/get-func-name": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/get-func-name/-/get-func-name-2.0.2.tgz", - "integrity": "sha512-8vXOvuE167CtIc3OyItco7N/dpRtBbYOsPsXCz7X/PMnlGjYjSGuZJgM1Y7mmew7BKf9BqvLX2tnOVy1BBUsxQ==", - "dev": true, - "engines": { - "node": "*" - } - }, "node_modules/get-intrinsic": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.1.tgz", @@ -5078,15 +5017,6 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/loupe": { - "version": "2.3.6", - "resolved": "https://registry.npmjs.org/loupe/-/loupe-2.3.6.tgz", - "integrity": "sha512-RaPMZKiMy8/JruncMU5Bt6na1eftNoo++R4Y+N2FrxkDVTrGvcyzFTsaGif4QTeKESheMGegbhw6iUAq+5A8zA==", - "dev": true, - "dependencies": { - "get-func-name": "^2.0.0" - } - }, "node_modules/lowercase-keys": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-3.0.0.tgz", @@ -6189,15 +6119,6 @@ "node": ">=8" } }, - "node_modules/pathval": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/pathval/-/pathval-1.1.1.tgz", - "integrity": "sha512-Dp6zGqpTdETdR63lehJYPeIOqpiNBNtc7BpWSLrOje7UaIsE5aY92r/AunQA7rsXvet3lrJ3JnZX29UPTKXyKQ==", - "dev": true, - "engines": { - "node": "*" - } - }, "node_modules/picocolors": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", @@ -7652,15 +7573,6 @@ "node": ">= 0.8.0" } }, - "node_modules/type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true, - "engines": { - "node": ">=4" - } - }, "node_modules/type-fest": { "version": "0.20.2", "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz", @@ -9550,12 +9462,6 @@ "is-shared-array-buffer": "^1.0.2" } }, - "assertion-error": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/assertion-error/-/assertion-error-1.1.0.tgz", - "integrity": "sha512-jgsaNduz+ndvGyFt3uSuWqvy4lCnIJiovtouQN5JZHOKCS2QuhEdbcQHFhVksz2N2U9hXJo8odG7ETyWlEeuDw==", - "dev": true - }, "ast-types": { "version": "0.13.4", "resolved": "https://registry.npmjs.org/ast-types/-/ast-types-0.13.4.tgz", @@ -9839,21 +9745,6 @@ "integrity": "sha512-10T30NYOEQtN6C11YGg411yebhvpnC6Z102+B95eAsN0oB6KUs01ivE8u+G6FMIRtIrVlYXhL+LUwQ3/hXwDWw==", "dev": true }, - "chai": { - "version": "4.3.10", - "resolved": "https://registry.npmjs.org/chai/-/chai-4.3.10.tgz", - "integrity": "sha512-0UXG04VuVbruMUYbJ6JctvH0YnC/4q3/AkT18q4NaITo91CUm0liMS9VqzT9vZhVQ/1eqPanMWjBM+Juhfb/9g==", - "dev": true, - "requires": { - "assertion-error": "^1.1.0", - "check-error": "^1.0.3", - "deep-eql": "^4.1.3", - "get-func-name": "^2.0.2", - "loupe": "^2.3.6", - "pathval": "^1.1.1", - "type-detect": "^4.0.8" - } - }, "chalk": { "version": "4.1.2", "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", @@ -9881,15 +9772,6 @@ "integrity": "sha512-mT8iDcrh03qDGRRmoA2hmBJnxpllMR+0/0qlzjqZES6NdiWDcZkCNAk4rPFZ9Q85r27unkiNNg8ZOiwZXBHwcA==", "dev": true }, - "check-error": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/check-error/-/check-error-1.0.3.tgz", - "integrity": "sha512-iKEoDYaRmd1mxM90a2OEfWhjsjPpYPuQ+lMYsoxB126+t8fw7ySEO48nmDg5COTjxDI65/Y2OWpeEHk3ZOe8zg==", - "dev": true, - "requires": { - "get-func-name": "^2.0.2" - } - }, "chokidar": { "version": "3.5.3", "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-3.5.3.tgz", @@ -10129,15 +10011,6 @@ } } }, - "deep-eql": { - "version": "4.1.3", - "resolved": "https://registry.npmjs.org/deep-eql/-/deep-eql-4.1.3.tgz", - "integrity": "sha512-WaEtAOpRA1MQ0eohqZjpGD8zdI0Ovsm8mmFhaDN8dvDZzyoUMcYDnf5Y6iu7HTXxf8JDS23qWa4a+hKCDyOPzw==", - "dev": true, - "requires": { - "type-detect": "^4.0.0" - } - }, "deep-extend": { "version": "0.6.0", "resolved": "https://registry.npmjs.org/deep-extend/-/deep-extend-0.6.0.tgz", @@ -10850,12 +10723,6 @@ "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", "dev": true }, - "get-func-name": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/get-func-name/-/get-func-name-2.0.2.tgz", - "integrity": "sha512-8vXOvuE167CtIc3OyItco7N/dpRtBbYOsPsXCz7X/PMnlGjYjSGuZJgM1Y7mmew7BKf9BqvLX2tnOVy1BBUsxQ==", - "dev": true - }, "get-intrinsic": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.1.tgz", @@ -11981,15 +11848,6 @@ "is-unicode-supported": "^0.1.0" } }, - "loupe": { - "version": "2.3.6", - "resolved": "https://registry.npmjs.org/loupe/-/loupe-2.3.6.tgz", - "integrity": "sha512-RaPMZKiMy8/JruncMU5Bt6na1eftNoo++R4Y+N2FrxkDVTrGvcyzFTsaGif4QTeKESheMGegbhw6iUAq+5A8zA==", - "dev": true, - "requires": { - "get-func-name": "^2.0.0" - } - }, "lowercase-keys": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-3.0.0.tgz", @@ -12770,12 +12628,6 @@ "integrity": "sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==", "dev": true }, - "pathval": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/pathval/-/pathval-1.1.1.tgz", - "integrity": "sha512-Dp6zGqpTdETdR63lehJYPeIOqpiNBNtc7BpWSLrOje7UaIsE5aY92r/AunQA7rsXvet3lrJ3JnZX29UPTKXyKQ==", - "dev": true - }, "picocolors": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", @@ -13784,12 +13636,6 @@ "prelude-ls": "^1.2.1" } }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, "type-fest": { "version": "0.20.2", "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz", diff --git a/package.json b/package.json index 6fad9d0b..9f5859be 100644 --- a/package.json +++ b/package.json @@ -52,7 +52,6 @@ "@types/xml2js": "0.4.14", "@typescript-eslint/eslint-plugin": "6.16.0", "@typescript-eslint/parser": "6.16.0", - "chai": "4.3.10", "eslint": "8.56.0", "eslint-config-prettier": "9.1.0", "mocha": "10.2.0", diff --git a/test/lib/cert.spec.ts b/test/lib/cert.spec.ts index 4c05c982..c4f48c28 100644 --- a/test/lib/cert.spec.ts +++ b/test/lib/cert.spec.ts @@ -1,21 +1,21 @@ +import assert from 'assert'; import { stripCertHeaderAndFooter, PubKeyInfo } from '../../lib/cert'; -import { expect } from 'chai'; const certificate = 'MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg=='; describe('cert.ts', function () { it('stripCertHeaderAndFooter ok', function () { - expect(stripCertHeaderAndFooter(certificate)).to.be.ok; + assert(stripCertHeaderAndFooter(certificate)); }); it('stripCertHeaderAndFooter not ok', function () { - expect(stripCertHeaderAndFooter('')).to.be.not.ok; + assert.strictEqual(stripCertHeaderAndFooter(''), ''); }); it('PubKeyInfo ok', function () { let value = PubKeyInfo(certificate)({ prefix: '' }); value = value.replace('', ''); value = value.replace('', ''); - expect(certificate).to.equal(value); + assert.strictEqual(value, certificate); }); }); diff --git a/test/lib/decrypt.response.spec.ts b/test/lib/decrypt.response.spec.ts index 7e914cd3..80c74080 100644 --- a/test/lib/decrypt.response.spec.ts +++ b/test/lib/decrypt.response.spec.ts @@ -1,5 +1,5 @@ +import assert from 'assert'; import { validate } from '../../lib/response'; -import { expect } from 'chai'; import fs from 'fs'; const oneLoginSamlResponseEncrypted = fs @@ -31,9 +31,10 @@ describe('decrypt.response.spec', function () { inResponseTo: oneLoginInResponseTo, }); - expect(oneLoginIssuerName).to.equal(response.issuer); - expect(oneLoginProfileClaims).to.equal( - response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'] + assert.strictEqual(response.issuer, oneLoginIssuerName); + assert.strictEqual( + response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'], + oneLoginProfileClaims ); }); @@ -44,9 +45,10 @@ describe('decrypt.response.spec', function () { bypassExpiration: true, inResponseTo: oneLoginInResponseTo, }); - expect(oneLoginIssuerName).to.equal(response.issuer); - expect(oneLoginProfileClaims).to.equal( - response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'] + assert.strictEqual(response.issuer, oneLoginIssuerName); + assert.strictEqual( + response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'], + oneLoginProfileClaims ); }); @@ -57,9 +59,10 @@ describe('decrypt.response.spec', function () { bypassExpiration: true, inResponseTo: oktaInResponseTo, }); - expect(oktaIssuerName).to.equal(response.issuer); - expect(oktaProfileClaims).to.equal( - response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'] + assert.strictEqual(response.issuer, oktaIssuerName); + assert.strictEqual( + response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'], + oktaProfileClaims ); }); @@ -70,9 +73,10 @@ describe('decrypt.response.spec', function () { bypassExpiration: true, inResponseTo: oktaInResponseTo, }); - expect(oktaIssuerName).to.equal(response.issuer); - expect(oktaProfileClaims).to.equal( - response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'] + assert.strictEqual(response.issuer, oktaIssuerName); + assert.strictEqual( + response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'], + oktaProfileClaims ); }); }); diff --git a/test/lib/decrypt.spec.ts b/test/lib/decrypt.spec.ts index dab01f94..9e36c047 100644 --- a/test/lib/decrypt.spec.ts +++ b/test/lib/decrypt.spec.ts @@ -1,5 +1,5 @@ +import assert from 'assert'; import { decryptXml } from '../../lib/decrypt'; -import { expect } from 'chai'; import fs from 'fs'; /** @@ -23,7 +23,7 @@ describe('decrypt.ts', function () { it('valid xml', function (done) { try { const { assertion } = decryptXml(samlResponseEncrypted, options); - expect(assertion).to.be.not.null; + assert(assertion); done(); } catch (error) { done(error); @@ -34,7 +34,7 @@ describe('decrypt.ts', function () { try { decryptXml('', options); } catch (error) { - expect((error as Error).message).to.equal('Undefined Assertion.'); + assert.strictEqual((error as Error).message, 'Undefined Assertion.'); } }); it('empty privateKey ', function () { @@ -43,7 +43,7 @@ describe('decrypt.ts', function () { encPrivateKey: '', }); } catch (error) { - expect((error as Error).message).to.equal('Exception of Assertion Decryption.'); + assert.strictEqual((error as Error).message, 'Exception of Assertion Decryption.'); } }); }); diff --git a/test/lib/getVersion.spec.ts b/test/lib/getVersion.spec.ts index 3cca6170..90c115a5 100644 --- a/test/lib/getVersion.spec.ts +++ b/test/lib/getVersion.spec.ts @@ -1,8 +1,8 @@ +import assert from 'assert'; import * as version from '../../lib/getVersion'; -import { expect } from 'chai'; describe('getVersion.ts', function () { it('getVersion not ok', function () { - expect(version.getVersion(undefined)).to.be.not.ok; + assert.strictEqual(version.getVersion(undefined), null); }); }); diff --git a/test/lib/metadata.spec.ts b/test/lib/metadata.spec.ts index db199a09..a7e3c8b6 100644 --- a/test/lib/metadata.spec.ts +++ b/test/lib/metadata.spec.ts @@ -1,5 +1,5 @@ +import assert from 'assert'; import { parseMetadata } from '../../lib/metadata'; -import { expect } from 'chai'; import fs from 'fs'; const samlMetadata = fs.readFileSync('./test/assets/mock-saml-metadata.xml').toString(); @@ -14,51 +14,55 @@ const samlMetadata7 = fs.readFileSync('./test/assets/mock-saml-metadata7.xml').t describe('metadata.ts', function () { it('saml MetaData ok without BEGIN & END notations', async function () { const value = await parseMetadata(samlMetadata, {}); - expect(value.entityID).to.equal('https://saml.example.com/entityid'); - expect(value.thumbprint).to.equal('8996bcc1afff3ff8e41f8025ff034b516050a434'); - expect(value.loginType).to.equal('idp'); - expect(value.sso.postUrl).to.equal('http://localhost:4000/api/saml/sso'); - expect(value.sso.redirectUrl).to.equal('http://localhost:4000/api/saml/sso'); - expect(value.validTo).to.equal('Aug 12 10:27:20 3021 GMT'); + assert.strictEqual(value.entityID, 'https://saml.example.com/entityid'); + assert.strictEqual(value.thumbprint, '8996bcc1afff3ff8e41f8025ff034b516050a434'); + + assert.strictEqual(value.loginType, 'idp'); + assert.strictEqual(value.sso.postUrl, 'http://localhost:4000/api/saml/sso'); + assert.strictEqual(value.sso.redirectUrl, 'http://localhost:4000/api/saml/sso'); + assert.strictEqual(value.validTo, 'Aug 12 10:27:20 3021 GMT'); }); it('saml MetaData ok with cert having BEGIN & END notations', async function () { const value = await parseMetadata(samlMetadata1, {}); - expect(value.entityID).to.equal('https://saml.example.com/entityid'); - expect(value.thumbprint).to.equal('f9e424fe5fb3422db37859fe29b7f92f11af60a7'); - expect(value.loginType).to.equal('idp'); - expect(value.sso.postUrl).to.equal('http://localhost:4000/api/saml/sso'); - expect(value.sso.redirectUrl).to.equal('http://localhost:4000/api/saml/sso'); - expect(value.validTo).to.equal('Aug 12 10:27:20 3021 GMT'); + assert.strictEqual(value.entityID, 'https://saml.example.com/entityid'); + assert.strictEqual(value.thumbprint, 'f9e424fe5fb3422db37859fe29b7f92f11af60a7'); + assert.strictEqual(value.loginType, 'idp'); + assert.strictEqual(value.sso.postUrl, 'http://localhost:4000/api/saml/sso'); + assert.strictEqual(value.sso.redirectUrl, 'http://localhost:4000/api/saml/sso'); + assert.strictEqual(value.validTo, 'Aug 12 10:27:20 3021 GMT'); }); it('saml MetaData ok with cert having just END notations', async function () { const value = await parseMetadata(samlMetadata2, {}); - expect(value.entityID).to.equal('https://saml.example.com/entityid'); - expect(value.thumbprint).to.equal('8996bcc1afff3ff8e41f8025ff034b516050a434'); - expect(value.loginType).to.equal('idp'); - expect(value.sso.postUrl).to.equal('http://localhost:4000/api/saml/sso'); - expect(value.sso.redirectUrl).to.equal('http://localhost:4000/api/saml/sso'); - expect(value.validTo).to.equal('Aug 12 10:27:20 3021 GMT'); + assert.strictEqual(value.entityID, 'https://saml.example.com/entityid'); + assert.strictEqual(value.thumbprint, '8996bcc1afff3ff8e41f8025ff034b516050a434'); + assert.strictEqual(value.loginType, 'idp'); + assert.strictEqual(value.sso.postUrl, 'http://localhost:4000/api/saml/sso'); + assert.strictEqual(value.sso.redirectUrl, 'http://localhost:4000/api/saml/sso'); + assert.strictEqual(value.validTo, 'Aug 12 10:27:20 3021 GMT'); }); it('saml MetaData ok with cert having just BEGIN notations', async function () { const value = await parseMetadata(samlMetadata3, {}); - expect(value.entityID).to.equal('https://saml.example.com/entityid'); - expect(value.thumbprint).to.equal('f9e424fe5fb3422db37859fe29b7f92f11af60a7'); - expect(value.loginType).to.equal('idp'); - expect(value.sso.postUrl).to.equal('http://localhost:4000/api/saml/sso'); - expect(value.sso.redirectUrl).to.equal('http://localhost:4000/api/saml/sso'); - expect(value.validTo).to.equal('Aug 12 10:27:20 3021 GMT'); + assert.strictEqual(value.entityID, 'https://saml.example.com/entityid'); + assert.strictEqual(value.thumbprint, 'f9e424fe5fb3422db37859fe29b7f92f11af60a7'); + assert.strictEqual(value.loginType, 'idp'); + assert.strictEqual(value.sso.postUrl, 'http://localhost:4000/api/saml/sso'); + assert.strictEqual(value.sso.redirectUrl, 'http://localhost:4000/api/saml/sso'); + assert.strictEqual(value.validTo, 'Aug 12 10:27:20 3021 GMT'); }); it('saml MetaData ok with multiple signing certs', async function () { const value = await parseMetadata(samlMetadata4, {}); - expect(value.entityID).to.equal('https://saml.example.com/entityid'); - expect(value.thumbprint).to.equal( - '8996bcc1afff3ff8e41f8025ff034b516050a434,f9e424fe5fb3422db37859fe29b7f92f11af60a7' + assert.strictEqual(value.entityID, 'https://saml.example.com/entityid'); + assert.strictEqual( + '8996bcc1afff3ff8e41f8025ff034b516050a434,f9e424fe5fb3422db37859fe29b7f92f11af60a7', + value.thumbprint ); - expect(value.publicKey).to.equal(`MIICmDCCAYACCQC6LM978TM/gjANBgkqhkiG9w0BAQsFADANMQswCQYDVQQGEwJJ + assert.strictEqual( + value.publicKey, + `MIICmDCCAYACCQC6LM978TM/gjANBgkqhkiG9w0BAQsFADANMQswCQYDVQQGEwJJ \t\t\t\t\t\tbjAgFw0yMjA0MTExMDI3MjBaGA8zMDIxMDgxMjEwMjcyMFowDTELMAkGA1UEBhMC \t\t\t\t\t\tSW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgPMN71V4y5VzLw6Ev \t\t\t\t\t\taQA+oMLzmIpoV/p4Y3AM00FUYbVhVtngvRPCmsKOvIxkTM9kZ6VjVfPmzQet+dDS @@ -85,19 +89,20 @@ describe('metadata.ts', function () { \t\t\t\t\t\tGAe8T1u0Cu+Tyo8ZFf9VrPg5kZ7x2G+nojFfs8zeuEKdNrUZz4bkgkC7sTWHFsOA \t\t\t\t\t\toZjUqLyT2tfLnXfYGiXd0qGg9X1bs1x+anAhViltjZ97Eeq8wPtRqhm1hiQyawKT \t\t\t\t\t\t5qs4oKw0AaKsW4pBQux4h+ZmfvqD+1chBd5Ve/bq9FsEnWNkGyawzmsMSTB9UwDA -\t\t\t\t\t\t+bqiHmfaTXWlQnualNaY3g5v7EDVB4COz6rXXQY/y5Y90BFoho5MqIjGW0I=`); - expect(value.loginType).to.equal('idp'); - expect(value.sso.postUrl).to.equal('http://localhost:4000/api/saml/sso'); - expect(value.sso.redirectUrl).to.equal('http://localhost:4000/api/saml/sso'); - expect(value.validTo).to.equal('Aug 12 10:27:20 3021 GMT,Aug 12 10:27:20 3021 GMT'); +\t\t\t\t\t\t+bqiHmfaTXWlQnualNaY3g5v7EDVB4COz6rXXQY/y5Y90BFoho5MqIjGW0I=` + ); + assert.strictEqual(value.loginType, 'idp'); + assert.strictEqual(value.sso.postUrl, 'http://localhost:4000/api/saml/sso'); + assert.strictEqual(value.sso.redirectUrl, 'http://localhost:4000/api/saml/sso'); + assert.strictEqual(value.validTo, 'Aug 12 10:27:20 3021 GMT,Aug 12 10:27:20 3021 GMT'); }); it('saml Metadata validateNameIDFormat ok', async function () { - expect( + assert( await parseMetadata(samlMetadata, { validateNameIDFormat: 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress', }) - ).to.be.ok; + ); }); it('saml MetaData not ok', async function () { @@ -106,14 +111,16 @@ describe('metadata.ts', function () { validateNameIDFormat: 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress', }); } catch (error) { - expect(error).to.be.ok; + assert(error); } }); it(`metadata with missing KeyDescriptor attribute 'use=signing' should use the cert available`, async function () { const value = await parseMetadata(samlMetadata5, {}); - expect(value.thumbprint).to.equal(`d797f3829882233d3f01e49643f6a1195f242c94`); - expect(value.publicKey).to.equal(`MIIC4jCCAcoCCQC33wnybT5QZDANBgkqhkiG9w0BAQsFADAyMQswCQYDVQQGEwJV + assert.strictEqual(value.thumbprint, 'd797f3829882233d3f01e49643f6a1195f242c94'); + assert.strictEqual( + value.publicKey, + `MIIC4jCCAcoCCQC33wnybT5QZDANBgkqhkiG9w0BAQsFADAyMQswCQYDVQQGEwJV SzEPMA0GA1UECgwGQm94eUhRMRIwEAYDVQQDDAlNb2NrIFNBTUwwIBcNMjIwMjI4 MjE0NjM4WhgPMzAyMTA3MDEyMTQ2MzhaMDIxCzAJBgNVBAYTAlVLMQ8wDQYDVQQK DAZCb3h5SFExEjAQBgNVBAMMCU1vY2sgU0FNTDCCASIwDQYJKoZIhvcNAQEBBQAD @@ -128,16 +135,20 @@ describe('metadata.ts', function () { khuU3AM3L63g7VexCuO7kwkjh/+LqdcIXsVGO6XDfu2QOs1Xpe9zIzLpwm/RNYeX UjbSj5ce/jekpAw7qyVVL4xOyh8AtUW1ek3wIw1MJvEgEPt0d16oshWJpoS1OT8L r/22SvYEo3EmSGdTVGgk3x3s+A0qWAqTcyjr7Q4s/GKYRFfomGwz0TZ4Iw1ZN99M - m0eo2USlSRTVl7QHRTuiuSThHpLKQQ==`); + m0eo2USlSRTVl7QHRTuiuSThHpLKQQ==` + ); }); it(`metadata with missing KeyDescriptor attribute 'use=signing' should use all the certs available (multi cert metadata)`, async function () { const value = await parseMetadata(samlMetadata7, {}); - expect(value.thumbprint).to.equal( - `8996bcc1afff3ff8e41f8025ff034b516050a434,f9e424fe5fb3422db37859fe29b7f92f11af60a7` + assert.strictEqual( + value.thumbprint, + '8996bcc1afff3ff8e41f8025ff034b516050a434,f9e424fe5fb3422db37859fe29b7f92f11af60a7' ); - expect(value.publicKey).to.equal(`MIICmDCCAYACCQC6LM978TM/gjANBgkqhkiG9w0BAQsFADANMQswCQYDVQQGEwJJ + assert.strictEqual( + value.publicKey, + `MIICmDCCAYACCQC6LM978TM/gjANBgkqhkiG9w0BAQsFADANMQswCQYDVQQGEwJJ bjAgFw0yMjA0MTExMDI3MjBaGA8zMDIxMDgxMjEwMjcyMFowDTELMAkGA1UEBhMC SW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgPMN71V4y5VzLw6Ev aQA+oMLzmIpoV/p4Y3AM00FUYbVhVtngvRPCmsKOvIxkTM9kZ6VjVfPmzQet+dDS @@ -164,7 +175,8 @@ describe('metadata.ts', function () { GAe8T1u0Cu+Tyo8ZFf9VrPg5kZ7x2G+nojFfs8zeuEKdNrUZz4bkgkC7sTWHFsOA oZjUqLyT2tfLnXfYGiXd0qGg9X1bs1x+anAhViltjZ97Eeq8wPtRqhm1hiQyawKT 5qs4oKw0AaKsW4pBQux4h+ZmfvqD+1chBd5Ve/bq9FsEnWNkGyawzmsMSTB9UwDA - +bqiHmfaTXWlQnualNaY3g5v7EDVB4COz6rXXQY/y5Y90BFoho5MqIjGW0I=`); + +bqiHmfaTXWlQnualNaY3g5v7EDVB4COz6rXXQY/y5Y90BFoho5MqIjGW0I=` + ); }); it(`metadata with missing KeyDescriptor should throw an error`, async () => { @@ -172,7 +184,7 @@ describe('metadata.ts', function () { await parseMetadata(samlMetadata6, {}); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Could not find X509Certificate in the IdP metadata.'); + assert.strictEqual(result, 'Could not find X509Certificate in the IdP metadata.'); } }); }); diff --git a/test/lib/post.spec.ts b/test/lib/post.spec.ts index 5f924879..4abe93f5 100644 --- a/test/lib/post.spec.ts +++ b/test/lib/post.spec.ts @@ -1,5 +1,5 @@ +import assert from 'assert'; import * as saml from '../../lib/post'; -import { expect } from 'chai'; describe('post.ts', function () { it('Should validate creation of post form', function (done) { @@ -16,10 +16,13 @@ describe('post.ts', function () { }, ]); - expect(form.includes(`
`)).to.be.ok; - expect(form.includes(``)).to.be.ok; - expect(form.includes(``)).to.be.ok; - expect(form.includes(``)).to.be.ok; + assert.strictEqual(form.includes(``), true); + assert.strictEqual(form.includes(``), true); + assert.strictEqual( + form.includes(``), + true + ); + assert.strictEqual(form.includes(``), true); done(); }); }); diff --git a/test/lib/request.spec.ts b/test/lib/request.spec.ts index b21e8bc0..478a5952 100644 --- a/test/lib/request.spec.ts +++ b/test/lib/request.spec.ts @@ -1,5 +1,5 @@ +import assert from 'assert'; import { request } from '../../lib/request'; -import { expect } from 'chai'; const ssoUrl = 'https://dev-20901260.okta.com/app/dev-20901260_jacksondemo5225_1/exk3wth7ss1TKnAN15d7/sso/saml'; @@ -13,7 +13,7 @@ const publicKey = describe('request.ts', function () { it('request ok', function () { - expect( + assert( request({ ssoUrl, entityID: entityID, @@ -21,6 +21,6 @@ describe('request.ts', function () { signingKey: signingKey, publicKey: publicKey, }) - ).to.be.ok; + ); }); }); diff --git a/test/lib/response.spec.ts b/test/lib/response.spec.ts index 1cfebc79..8951b5c0 100644 --- a/test/lib/response.spec.ts +++ b/test/lib/response.spec.ts @@ -1,5 +1,5 @@ +import assert from 'assert'; import { parse, parseIssuer, validate } from '../../lib/response'; -import { expect } from 'chai'; import fs from 'fs'; const rawResponse = fs.readFileSync('./test/assets/saml20.validResponseSignedMessage.xml').toString(); @@ -26,11 +26,12 @@ const validAssertion = fs.readFileSync('./test/assets/saml20.validAssertion.xml' describe('response.ts', function () { it('RAW response ok', async function () { const response = await parse(rawResponse); - expect(response.audience).to.equal('http://sp.example.com/demo1/metadata.php'); - expect('_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7').to.equal( - response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'] + assert.strictEqual(response.audience, 'http://sp.example.com/demo1/metadata.php'); + assert.strictEqual( + response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'], + '_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7' ); - expect(response.issuer).to.equal('http://idp.example.com/metadata.php'); + assert.strictEqual(response.issuer, 'http://idp.example.com/metadata.php'); }); it('RAW response with invalid StatusCode', async function () { @@ -38,7 +39,7 @@ describe('response.ts', function () { await parse(rawResponseAuthnFailed); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid Status Code (AuthnFailed).'); + assert.strictEqual(result, 'Invalid Status Code (AuthnFailed).'); } }); @@ -47,7 +48,7 @@ describe('response.ts', function () { await parse('rawResponse'); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('An error occurred trying to parse XML assertion.'); + assert.strictEqual(result, 'An error occurred trying to parse XML assertion.'); } }); @@ -56,7 +57,7 @@ describe('response.ts', function () { await parse(errorResponse); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid Status Code (AuthnFailed).'); + assert.strictEqual(result, 'Invalid Status Code (AuthnFailed).'); } }); @@ -65,31 +66,33 @@ describe('response.ts', function () { await parse('undefined'); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('An error occurred trying to parse XML assertion.'); + assert.strictEqual(result, 'An error occurred trying to parse XML assertion.'); } }); it('An error occurred trying to parse assertion', async function () { try { const response = await parse(validResponse); - expect(response.audience).to.equal('http://sp.example.com/demo1/metadata.php'); - expect('_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7').to.equal( - response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'] + assert.strictEqual(response.audience, 'http://sp.example.com/demo1/metadata.php'); + assert.strictEqual( + response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'], + '_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7' ); - expect(response.issuer).to.equal('http://idp.example.com/metadata.php'); + assert.strictEqual(response.issuer, 'http://idp.example.com/metadata.php'); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('An error occurred trying to parse assertion.'); + assert.strictEqual(result, 'An error occurred trying to parse assertion.'); } }); it('validate ok', async function () { const response = await validate(rawResponse, validateOpts); - expect(response.audience).to.equal('http://sp.example.com/demo1/metadata.php'); - expect('_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7').to.equal( - response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'] + assert.strictEqual(response.audience, 'http://sp.example.com/demo1/metadata.php'); + assert.strictEqual( + response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'], + '_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7' ); - expect(response.issuer).to.equal('http://idp.example.com/metadata.php'); + assert.strictEqual(response.issuer, 'http://idp.example.com/metadata.php'); }); it('validate raw response with invalid StatusCode', async function () { @@ -97,7 +100,7 @@ describe('response.ts', function () { await validate(rawResponseAuthnFailed, validateOpts); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid Status Code (AuthnFailed).'); + assert.strictEqual(result, 'Invalid Status Code (AuthnFailed).'); } }); @@ -106,7 +109,7 @@ describe('response.ts', function () { await validate('rawResponse', validateOpts); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid assertion.'); + assert.strictEqual(result, 'Invalid assertion.'); } }); @@ -119,7 +122,7 @@ describe('response.ts', function () { }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid assertion.'); + assert.strictEqual(result, 'Invalid assertion.'); } }); @@ -132,7 +135,7 @@ describe('response.ts', function () { }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('publicKey or thumbprint are options required.'); + assert.strictEqual(result, 'publicKey or thumbprint are options required.'); } }); it('Assertion is expired.', async function () { @@ -144,15 +147,16 @@ describe('response.ts', function () { }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid assertion.'); + assert.strictEqual(result, 'Invalid assertion.'); } }); it('Should validate saml 2.0 token using certificate', async function () { const response = await validate(validToken, { publicKey: certificate, bypassExpiration: true }); - expect(issuerName).to.equal(response.issuer); - expect('demo@kidozen.com').to.equal( - response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress'] + assert.strictEqual(response.issuer, issuerName); + assert.strictEqual( + response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress'], + 'demo@kidozen.com' ); }); @@ -162,7 +166,7 @@ describe('response.ts', function () { audience: audience, bypassExpiration: true, }); - expect(issuerName).to.equal(response.issuer); + assert.strictEqual(response.audience, audience); }); it('Should fail with invalid audience', async function () { @@ -174,7 +178,7 @@ describe('response.ts', function () { }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid audience.'); + assert.strictEqual(result, 'Invalid audience.'); } }); it('Should fail with invalid signature', async function () { @@ -182,7 +186,7 @@ describe('response.ts', function () { await validate(invalidToken, { publicKey: certificate, bypassExpiration: true }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid assertion signature.'); + assert.strictEqual(result, 'Invalid assertion signature.'); } }); @@ -191,7 +195,7 @@ describe('response.ts', function () { await validate('invalid-assertion', { publicKey: certificate, bypassExpiration: true }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid assertion.'); + assert.strictEqual(result, 'Invalid assertion.'); } }); @@ -200,7 +204,7 @@ describe('response.ts', function () { await validate(invalidWrappedToken, { publicKey: certificate, bypassExpiration: true }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid assertion. Possible assertion wrapping.'); + assert.strictEqual(result, 'Invalid assertion. Possible assertion wrapping.'); } }); @@ -209,32 +213,33 @@ describe('response.ts', function () { await validate(validToken, { publicKey: certificate }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Assertion is expired.'); + assert.strictEqual(result, 'Assertion is expired.'); } }); it('Should parse saml 2.0 without signature validation', async function () { const response = await parse(invalidToken); - expect(issuerName).to.equal(response.issuer); + assert.strictEqual(response.issuer, issuerName); }); it('parseIssuer response ok', async function () { const issuer = await parseIssuer(validResponse); - expect(issuer).to.equal('http://idp.example.com/metadata.php'); + assert.strictEqual(issuer, 'http://idp.example.com/metadata.php'); }); it('parseIssuer not ok', async function () { try { await parseIssuer('rawResponse'); } catch (error) { - expect((error as Error).message).to.be.equal('Invalid assertion.'); + assert.strictEqual((error as Error).message, 'Invalid assertion.'); } }); it('Should parse saml 2.0 assertion and check nameidentifier picks up nameid-permanent', async function () { const response = await parse(validAssertion); - expect('permanent-id').to.equal( - response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'] + assert.strictEqual( + response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'], + 'permanent-id' ); }); }); diff --git a/test/lib/saml20.attacks.spec.ts b/test/lib/saml20.attacks.spec.ts index 447d8ce6..6ecc2032 100644 --- a/test/lib/saml20.attacks.spec.ts +++ b/test/lib/saml20.attacks.spec.ts @@ -1,5 +1,5 @@ +import assert from 'assert'; import { parseIssuer, validate } from '../../lib/response'; -import { expect } from 'chai'; import fs from 'fs'; const certificate = @@ -23,7 +23,7 @@ describe('saml20.attacks', () => { }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('multirooted xml not allowed.'); + assert.strictEqual(result, 'multirooted xml not allowed.'); } }); @@ -32,7 +32,7 @@ describe('saml20.attacks', () => { parseIssuer(multipleRootElements); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('multirooted xml not allowed.'); + assert.strictEqual(result, 'multirooted xml not allowed.'); } }); }); diff --git a/test/lib/saml20.attacks.wrapping.spec.ts b/test/lib/saml20.attacks.wrapping.spec.ts index 276e22ba..f8b10e49 100644 --- a/test/lib/saml20.attacks.wrapping.spec.ts +++ b/test/lib/saml20.attacks.wrapping.spec.ts @@ -1,5 +1,5 @@ +import assert from 'assert'; import { validate } from '../../lib/response'; -import { expect } from 'chai'; import fs from 'fs'; // Tests Configuration @@ -52,7 +52,7 @@ describe('saml20.attacks.wrapping', function () { }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid assertion. Possible assertion wrapping.'); + assert.strictEqual(result, 'Invalid assertion. Possible assertion wrapping.'); } }); @@ -65,7 +65,7 @@ describe('saml20.attacks.wrapping', function () { }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid assertion. Possible assertion wrapping.'); + assert.strictEqual(result, 'Invalid assertion. Possible assertion wrapping.'); } }); @@ -78,7 +78,7 @@ describe('saml20.attacks.wrapping', function () { }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid assertion. Possible assertion wrapping.'); + assert.strictEqual(result, 'Invalid assertion. Possible assertion wrapping.'); } }); @@ -91,7 +91,7 @@ describe('saml20.attacks.wrapping', function () { }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid assertion. Possible assertion wrapping.'); + assert.strictEqual(result, 'Invalid assertion. Possible assertion wrapping.'); } }); @@ -104,7 +104,7 @@ describe('saml20.attacks.wrapping', function () { }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid assertion. Possible assertion wrapping.'); + assert.strictEqual(result, 'Invalid assertion. Possible assertion wrapping.'); } }); @@ -117,7 +117,7 @@ describe('saml20.attacks.wrapping', function () { }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid assertion.'); + assert.strictEqual(result, 'Invalid assertion.'); } }); @@ -130,7 +130,7 @@ describe('saml20.attacks.wrapping', function () { }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid assertion.'); + assert.strictEqual(result, 'Invalid assertion.'); } }); }); diff --git a/test/lib/saml20.response.spec.ts b/test/lib/saml20.response.spec.ts index a88a47a5..01aa89c1 100644 --- a/test/lib/saml20.response.spec.ts +++ b/test/lib/saml20.response.spec.ts @@ -1,5 +1,5 @@ +import assert from 'assert'; import { validate } from '../../lib/response'; -import { expect } from 'chai'; import fs from 'fs'; // Tests Configuration @@ -20,9 +20,10 @@ describe('lib.saml20.response', function () { bypassExpiration: true, inResponseTo: inResponseTo, }); - expect(issuerName).to.equal(response.issuer); - expect('_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7').to.equal( - response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'] + assert.strictEqual(response.issuer, issuerName); + assert.strictEqual( + response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'], + '_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7' ); }); @@ -32,9 +33,10 @@ describe('lib.saml20.response', function () { bypassExpiration: true, inResponseTo: inResponseTo, }); - expect(issuerName).to.equal(response.issuer); - expect('_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7').to.equal( - response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'] + assert.strictEqual(response.issuer, issuerName); + assert.strictEqual( + response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'], + '_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7' ); }); @@ -45,7 +47,7 @@ describe('lib.saml20.response', function () { bypassExpiration: true, inResponseTo: inResponseTo, }); - expect(issuerName).to.equal(response.issuer); + assert.strictEqual(response.issuer, issuerName); }); it('Should validate saml 2.0 token skipping InResponseTo validation', async function () { @@ -55,7 +57,7 @@ describe('lib.saml20.response', function () { bypassExpiration: true, inResponseTo: inResponseTo, }); - expect(issuerName).to.equal(response.issuer); + assert.strictEqual(response.issuer, issuerName); }); it('Should fail with invalid audience', async function () { @@ -68,7 +70,7 @@ describe('lib.saml20.response', function () { }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid audience.'); + assert.strictEqual(result, 'Invalid audience.'); } }); @@ -81,7 +83,7 @@ describe('lib.saml20.response', function () { }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid assertion.'); + assert.strictEqual(result, 'Invalid assertion.'); } }); @@ -95,7 +97,7 @@ describe('lib.saml20.response', function () { }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid InResponseTo.'); + assert.strictEqual(result, 'Invalid InResponseTo.'); } }); }); diff --git a/test/lib/saml20.responseSignedMessage.spec.ts b/test/lib/saml20.responseSignedMessage.spec.ts index 538f486c..c549c58b 100644 --- a/test/lib/saml20.responseSignedMessage.spec.ts +++ b/test/lib/saml20.responseSignedMessage.spec.ts @@ -1,5 +1,5 @@ +import assert from 'assert'; import { validate } from '../../lib/response'; -import { expect } from 'chai'; import fs from 'fs'; // Tests Configuration @@ -20,9 +20,10 @@ describe('saml20.responseSignedMessage', function () { inResponseTo: inResponseTo, }); - expect(issuerName).to.equal(response.issuer); - expect('_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7').to.equal( - response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'] + assert.strictEqual(response.issuer, issuerName); + assert.strictEqual( + response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'], + '_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7' ); }); @@ -33,9 +34,10 @@ describe('saml20.responseSignedMessage', function () { inResponseTo: inResponseTo, }); - expect(issuerName).to.equal(response.issuer); - expect('_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7').to.equal( - response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'] + assert.strictEqual(response.issuer, issuerName); + assert.strictEqual( + response.claims['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'], + '_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7' ); }); @@ -46,7 +48,7 @@ describe('saml20.responseSignedMessage', function () { bypassExpiration: true, inResponseTo: inResponseTo, }); - expect(issuerName).to.equal(response.issuer); + assert.strictEqual(response.issuer, issuerName); }); it('Should fail with invalid audience', async function () { @@ -59,7 +61,7 @@ describe('saml20.responseSignedMessage', function () { }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid audience.'); + assert.strictEqual(result, 'Invalid audience.'); } }); @@ -72,7 +74,7 @@ describe('saml20.responseSignedMessage', function () { }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid assertion.'); + assert.strictEqual(result, 'Invalid assertion.'); } }); @@ -86,7 +88,7 @@ describe('saml20.responseSignedMessage', function () { }); } catch (error) { const result = (error as Error).message; - expect(result).to.be.equal('Invalid InResponseTo.'); + assert.strictEqual(result, 'Invalid InResponseTo.'); } }); }); diff --git a/test/lib/saml20.spec.ts b/test/lib/saml20.spec.ts index f2fe0305..754019e1 100644 --- a/test/lib/saml20.spec.ts +++ b/test/lib/saml20.spec.ts @@ -1,5 +1,5 @@ +import assert from 'assert'; import { default as saml20 } from '../../lib/saml20'; -import { expect } from 'chai'; import fs from 'fs'; const assertion = fs.readFileSync('./test/assets/saml20.validResponseSignedMessage.xml').toString(); @@ -27,106 +27,106 @@ const assertion1 = { describe('saml20.ts', function () { it('parse assertion ok', function () { const value = saml20.parse(assertion); - expect(value.audience).to.equal(undefined); - expect(value.claims).to.empty; - expect(value.issuer).to.equal(undefined); - expect(value.sessionIndex).to.equal(undefined); - expect(saml20.parse(assertion)).to.be.ok; + assert.strictEqual(value.audience, undefined); + assert.deepEqual(value.claims, {}); + assert.strictEqual(value.issuer, undefined); + assert.strictEqual(value.sessionIndex, undefined); + assert(saml20.parse(assertion)); }); it('parse assertion not ok', function () { try { const value = saml20.parse('assertion'); - expect(value.audience).to.equal(undefined); - expect(value.claims).to.empty; - expect(value.issuer).to.equal(undefined); - expect(value.sessionIndex).to.equal(undefined); + assert.strictEqual(value.audience, undefined); + assert.deepEqual(value.claims, {}); + assert.strictEqual(value.issuer, undefined); + assert.strictEqual(value.sessionIndex, undefined); } catch (error) { - expect(error).to.be.ok; + assert(error); } }); it('validateAudience false', function () { const value = saml20.validateAudience(assertion, validateOpts); - expect(value).to.equal(false); - expect(saml20.validateAudience(assertion, validateOpts)).to.be.false; + assert.strictEqual(value, false); + assert.strictEqual(saml20.validateAudience(assertion, validateOpts), false); }); it('validateAudience assertion not ok', function () { try { const value = saml20.validateAudience('assertion', validateOpts); - expect(value).to.equal(false); + assert.strictEqual(value, false); } catch (error) { - expect(error).to.be.ok; + assert(error); } }); it('validateAudience empty Array not ok', function () { try { const value = saml20.validateAudience(assertion, []); - expect(value).to.equal(false); + assert.strictEqual(value, false); } catch (error) { - expect(error).to.be.ok; + assert(error); } }); it('validateAudience empty Array ok', function () { try { const value = saml20.validateAudience(assertion, validateOptsArray); - expect(value).to.equal(false); + assert.strictEqual(value, false); } catch (error) { - expect(error).to.be.ok; + assert(error); } }); it('validateAudience with Suffix ok', async function () { try { const value = saml20.validateAudience(assertion1, 'https://saml.boxyhq.com'); - expect(value).to.equal(true); + assert.strictEqual(value, true); } catch (error) { - expect(error).to.be.ok; + assert(error); } }); it('validateAudience with Suffix Array ok', async function () { try { const value = saml20.validateAudience(assertion1, [...validateOptsArray, 'https://saml.boxyhq.com']); - expect(value).to.equal(true); + assert.strictEqual(value, true); } catch (error) { - expect(error).to.be.ok; + assert(error); } }); it('validateAudience with Suffix Array not ok', async function () { try { const value = saml20.validateAudience(assertion1, validateOptsArray); - expect(value).to.equal(false); + assert.strictEqual(value, false); } catch (error) { - expect(error).to.be.ok; + assert(error); } }); it('validateAudience not ok', function () { try { const value = saml20.validateAudience('assertion', 'validateOpts'); - expect(value).to.equal(false); + assert.strictEqual(value, false); } catch (error) { - expect(error).to.be.ok; + assert(error); } }); it('validateExpiration ok', function () { const value = saml20.validateExpiration(assertion); - expect(value).to.equal(true); - expect(saml20.validateExpiration(assertion)).to.be.ok; + assert.strictEqual(value, true); + assert(saml20.validateExpiration(assertion)); }); it('validateExpiration not ok', function () { try { const value = saml20.validateExpiration('assertion'); - expect(value).to.equal(true); + assert.strictEqual(value, true); } catch (error) { - expect(error).to.be.ok; + assert(error); } }); }); diff --git a/test/lib/validateSignature.spec.ts b/test/lib/validateSignature.spec.ts index b1a10a2c..c075657d 100644 --- a/test/lib/validateSignature.spec.ts +++ b/test/lib/validateSignature.spec.ts @@ -1,10 +1,10 @@ import { certToPEM, hasValidSignature, validateSignature } from '../../lib/validateSignature'; -import { expect } from 'chai'; import xmlbuilder from 'xmlbuilder'; import crypto from 'crypto'; import fs from 'fs'; import { sign } from '../../lib/sign'; +import assert from 'assert'; const ssoUrl = 'https://dev-20901260.okta.com/app/dev-20901260_jacksondemo5225_1/exk3wth7ss1TKnAN15d7/sso/saml'; @@ -151,42 +151,42 @@ function generateXML() { describe('validateSignature.ts', function () { it('certToPEM ok', function () { const value = certToPEM(publicKey); - expect(publicKey).to.eqls(value); + assert.strictEqual(value, publicKey); }); it('hasValidSignature ok ', function () { const value = hasValidSignature(generateXML(), publicKey, null); - expect(value.valid).to.be.equal(true); + assert.strictEqual(value.valid, true); }); it('validateSignature ok ', function () { - expect(validateSignature(generateXML(), publicKey, null)).to.be.ok; + assert(validateSignature(generateXML(), publicKey, null)); }); it('validate response signature - no embedded cert, use single cert to validate', function () { const value = validateSignature(validResponseSigned_noX509, singlePublicKey, null); - expect(value).to.be.ok; + assert(value); }); it('validate response signature - no embedded cert, use different cert, should fail validate', function () { try { validateSignature(validResponseSigned_noX509, singlePublicKeyNotUsedToSign, null); } catch (error) { - expect(error).to.be.ok; + assert(error); } }); it('validate response signature - no embedded cert, use multikey cert to validate', function () { const value = validateSignature(validResponseSigned_noX509, multiPublicKey, null); - expect(value).to.be.ok; + assert(value); }); it('validateSignature public key not ok ', function () { try { const value = validateSignature(generateXML(), undefined, 'null'); - expect(value).to.be.equal(undefined); + assert.strictEqual(value, undefined); } catch (error) { - expect(error).to.be.ok; + assert(error); } }); @@ -264,7 +264,7 @@ sT/txBnVJGziyO8DPYdu2fPMER8ajJfl 'd730fc9342107b05032393d21cd5ef550150e06b' ); } catch (error) { - expect(error).to.be.ok; + assert(error); } }); });