Skip to content

Commit 7d2a147

Browse files
ploerploer
committed
Merge pull request #111 from T1B0/childless-attribute
Ignore attribute with no attributeValue child
2 parents bbf398e + 1aa4690 commit 7d2a147

File tree

3 files changed

+87
-0
lines changed

3 files changed

+87
-0
lines changed

lib/passport-saml/saml.js

+4
Original file line numberDiff line numberDiff line change
@@ -675,6 +675,10 @@ SAML.prototype.processValidlySignedAssertion = function(xml, inResponseTo, callb
675675

676676
if (attributes) {
677677
attributes.forEach(function (attribute) {
678+
if(!attribute.hasOwnProperty('AttributeValue')) {
679+
// if attributes has no AttributeValue child, continue
680+
return;
681+
}
678682
var value = attribute.AttributeValue;
679683
if (value.length === 1) {
680684
profile[attribute.$.Name] = attrValueMapper(value[0]);

test/static/response-with-uncomplete-attribute.xml

+54
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,54 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<ns3:Response xmlns:ns3="urn:oasis:names:tc:SAML:2.0:protocol" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ns4="http://www.w3.org/2001/04/xmlenc#" Destination="https://evil-corp.madness.com/sso/callback" ID="pfx2dcf0103-2026-b5cf-0772-f776bd9f54cf" InResponseTo="_e8df3fe5f04237d25670" IssueInstant="2015-08-31T08:54:06+00:00" Version="2.0">
3+
<Issuer>https://evil-corp.com</Issuer>
4+
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
5+
<ds:SignedInfo>
6+
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
7+
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
8+
<ds:Reference URI="#pfx2dcf0103-2026-b5cf-0772-f776bd9f54cf">
9+
<ds:Transforms>
10+
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
11+
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
12+
</ds:Transforms>
13+
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
14+
<ds:DigestValue>U1QoTD0C6ikXZ1QIkJqlJ5BHQws=</ds:DigestValue>
15+
</ds:Reference>
16+
</ds:SignedInfo>
17+
<ds:SignatureValue>wuA92x0HttYKetEqmdm+zzUG7SwRTt3B60hacbT0i4UEA6UBU472toKBgzDWIiVAfKGXyRr8wd7d4mxnc4XeFhREX8H2RRNGy6csMx8YObQnHs9N+WswYyB4Y6XpM1oMLC3Bj+oQyl0bTlXc1J6cscQ37GcrKBXp7uWeentzp3AxhnxY+jyERfY34ShNg8sFHppXT36wqGrj/9r2QHMY66+ydfhFD8Q1QysVF4+lsThkVoqHbnCUocmikAsQyelX5SO4QBvZG9RF3S55MTVP8v0aCa9X2NKNytDvW28NpnrKfkEVyRMEbSH/qZ4bb/mdgY80i3UFYfTvkjIz9jwqBA==</ds:SignatureValue>
18+
<ds:KeyInfo>
19+
<ds:X509Data>
20+
<ds:X509Certificate>MIIEBzCCAu+gAwIBAgIJAMFLV+m1vy2CMA0GCSqGSIb3DQEBCwUAMIGZMQswCQYDVQQGEwJGUjEVMBMGA1UECAwMc29tZS1jb21wYW55MQ4wDAYDVQQHDAVQYXJpczEVMBMGA1UECgwMc29tZS1jb21wYW55MRIwEAYDVQQLDAlldmlsLWNvcnAxFjAUBgNVBAMMDWV2aWwtY29ycC5jb20xIDAeBgkqhkiG9w0BCQEWEWJpZ0BldmlsLWNvcnAuY29tMB4XDTE1MDkwODE0NTMyN1oXDTI1MDkwNzE0NTMyN1owgZkxCzAJBgNVBAYTAkZSMRUwEwYDVQQIDAxzb21lLWNvbXBhbnkxDjAMBgNVBAcMBVBhcmlzMRUwEwYDVQQKDAxzb21lLWNvbXBhbnkxEjAQBgNVBAsMCWV2aWwtY29ycDEWMBQGA1UEAwwNZXZpbC1jb3JwLmNvbTEgMB4GCSqGSIb3DQEJARYRYmlnQGV2aWwtY29ycC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXepJd/fXaODEXNqfvHWtQfumyS0VUnPb7oQzNuC/5IYPwtM/hGhyfdIaNsAEszjsxvmcJP7eVJH4JO4N5CoCTnsQ8SkA6x9xldQQZbnlkty0oPDRDspl/XNqlfODWXz6SlavUrMWg7knUo4RXyvgvIbMC0u4W9lDK0ujMWrjmGaf1/c0r7+dyUZ3yKBv+ZAxZuFYwRAruG1wwLWcsqp3g8n9USMqyEVz7KnP8sJd3rmCKLXFfXZRCQvQMaBNHGLsHR4LH3s6729roQc6zz1qO/pb9cBGrHW3QMWbDtcU3tsKQKJ1WBKWy96SH+X8RgmF3e/HzB6s+HSJXrPbMarKtAgMBAAGjUDBOMB0GA1UdDgQWBBScdrSwdMQDoEVeHn7XhbUiAOiEpjAfBgNVHSMEGDAWgBScdrSwdMQDoEVeHn7XhbUiAOiEpjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQB5MAIw2tRI+MWi7gFf6xSL7DjuRcUaSPL5/c0SFHpDvczhkel6/Sl4L0ERZd8WxNKffROWGWTfhz07gY6EcuNByz2XkWKEjzJmoy8rwPNum2pLXI9Qdp1RK9/sU2mvJfKAXN/kWMUPazmm4LjIxCEmS1Yk72YBS9lfqGk4rrWIJyU5Z5/Bqq2gjmdKH10eLpzxjLQ3kHWbkDUPmmR+iHCLqSDH4NB/JY0GnYKgr8Z3+CozB7907quhcOBLQbXTV1Ct95klfPUWfS/1vUJ62JXXVXLzl0g8f9ZuoZgP4SlPx7Ya6vXpGkF8b11ABOv2ln/PZ7S7rKHRNIZkiU69ezIW</ds:X509Certificate>
21+
</ds:X509Data>
22+
</ds:KeyInfo>
23+
</ds:Signature>
24+
<ns3:Status>
25+
<ns3:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
26+
</ns3:Status>
27+
<Assertion ID="_9e315bdf7b1b6732be33c377cf6f5c4f" IssueInstant="2015-08-31T08:54:06+00:00" Version="2.0">
28+
<Issuer>https://evil-corp.com</Issuer>
29+
<Subject>
30+
<NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">[email protected]</NameID>
31+
<SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
32+
<SubjectConfirmationData InResponseTo="_e8df3fe5f04237d25670" NotOnOrAfter="2015-08-31T08:56:06+00:00" Recipient="https://evil-corp.madness.com/sso/callback"/>
33+
</SubjectConfirmation>
34+
</Subject>
35+
<Conditions NotBefore="2015-08-31T08:53:06+00:00" NotOnOrAfter="2015-08-31T08:56:06+00:00"/>
36+
<AuthnStatement AuthnInstant="2015-08-31T08:54:05+00:00" SessionIndex="_9e315bdf7b1b6732be33c377cf6f5c4f">
37+
<AuthnContext>
38+
<AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</AuthnContextClassRef>
39+
</AuthnContext>
40+
</AuthnStatement>
41+
<AttributeStatement>
42+
<Attribute Name="evil-corp.egroupid">
43+
<AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">[email protected]</AttributeValue>
44+
</Attribute>
45+
<Attribute Name="evilcorp.roles"/>
46+
<Attribute Name="evilcorp.givenname">
47+
<AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Vincent</AttributeValue>
48+
</Attribute>
49+
<Attribute Name="evilcorp.sn">
50+
<AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">VEGA</AttributeValue>
51+
</Attribute>
52+
</AttributeStatement>
53+
</Assertion>
54+
</ns3:Response>

test/tests.js

+29
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)