Skip to content

Commit

Permalink
fix for signature checks failing with 
 chars
Browse files Browse the repository at this point in the history
  • Loading branch information
@deepakprabhakara
deepakprabhakara committed Dec 18, 2024
1 parent 2319fc6 commit 963f059
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 5 deletions.
2 changes: 1 addition & 1 deletion lib/validateSignature.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ const _hasValidSignature = (xml, cert, certThumbprint) => {
idAttribute: 'AssertionID',
});

signed.loadSignature(signature.toString());
signed.loadSignature(signature);

let valid;
let id, calculatedThumbprint;
Expand Down
10 changes: 6 additions & 4 deletions test/lib/saml20.responseSignedMessage.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,9 @@ import fs from 'fs';

// Tests Configuration
const validResponse = fs.readFileSync('./test/assets/saml20.validResponseSignedMessage.xml').toString();
const validResponseUnsanitized = fs.readFileSync('./test/assets/saml20.validResponseSignedMessage-unsanitized.xml').toString();
const validResponseUnsanitized = fs
.readFileSync('./test/assets/saml20.validResponseSignedMessage-unsanitized.xml')
.toString();

const issuerName = 'http://idp.example.com/metadata.php';
const thumbprint = 'e606eced42fa3abd0c5693456384f5931b174707';
Expand Down Expand Up @@ -94,7 +96,7 @@ describe('saml20.responseSignedMessage', function () {
});
});

describe('saml20.validResponseSignedMessage-unsanitized', function () {
describe('saml20.validResponseSignedMessageUnsanitized', function () {
it('Should validate saml 2.0 token using thumbprint', async function () {
const response = await validate(validResponseUnsanitized, {
thumbprint: thumbprint,
Expand Down Expand Up @@ -147,7 +149,7 @@ describe('saml20.validResponseSignedMessage-unsanitized', function () {
}
});

it('Should fail with invalid assertion', async function () {
it('Should fail with missing root element', async function () {
try {
await validate('invalid-assertion', {
publicKey: certificate,
Expand All @@ -156,7 +158,7 @@ describe('saml20.validResponseSignedMessage-unsanitized', function () {
});
} catch (error) {
const result = (error as Error).message;
assert.strictEqual(result, 'Invalid assertion.');
assert.strictEqual(result, 'missing root element');
}
});

Expand Down

0 comments on commit 963f059

Please sign in to comment.