|
1 | 1 | /* |
2 | 2 | * JavaScript functions for providing SAML SP with NGINX Plus |
3 | 3 | * |
4 | | - * Copyright (C) 2023 Nginx, Inc. |
| 4 | + * Copyright (C) 2025 Nginx, Inc. |
5 | 5 | */ |
6 | 6 |
|
7 | | -export default { |
8 | | - handleSingleSignOn, // Process SAML Response form IdP |
9 | | - handleSingleLogout, // Process SAML LogoutRequest and LogoutResponse from IdP |
10 | | - handleAllMessages, // Process all SAML messages from IdP |
11 | | - initiateSingleSignOn, // Initiate SAML SSO by redirecting to IdP |
12 | | - initiateSingleLogout // Initiate SAML SLO by redirecting to IdP |
13 | | -}; |
14 | | - |
15 | | -const xml = require("xml"); |
16 | | -const zlib = require("zlib"); |
17 | | -const querystring = require("querystring"); |
18 | | -const fs = require("fs"); |
| 7 | +import xml from 'xml'; |
| 8 | +import zlib from 'zlib'; |
| 9 | +import querystring from 'querystring'; |
| 10 | +import fs from 'fs'; |
19 | 11 |
|
20 | 12 | const initiateSingleSignOn = produceSAMLMessage.bind(null, "AuthnRequest"); |
21 | 13 | const initiateSingleLogout = produceSAMLMessage.bind(null, "LogoutRequest"); |
@@ -1321,22 +1313,20 @@ function parseConfigurationOptions(r, messageType) { |
1321 | 1313 | } |
1322 | 1314 |
|
1323 | 1315 | function getEscapeXML() { |
1324 | | - const fpc = Function.prototype.call; |
1325 | | - const _replace = fpc.bind(fpc, String.prototype.replace); |
1326 | | - |
1327 | | - const tbl = { |
1328 | | - '<': '<', |
1329 | | - '>': '>', |
1330 | | - "'": ''', |
1331 | | - '"': '"', |
1332 | | - '&': '&', |
| 1316 | + const escapeMap = { |
| 1317 | + '<': '<', |
| 1318 | + '>': '>', |
| 1319 | + "'": ''', |
| 1320 | + '"': '"', |
| 1321 | + '&': '&' |
1333 | 1322 | }; |
1334 | | - tbl.__proto__ = null; |
1335 | 1323 |
|
1336 | | - return function (str) { |
1337 | | - return _replace(str, /[<>'"&]/g, c => tbl[c]); |
1338 | | - } |
1339 | | -}; |
| 1324 | + return function escapeXML(str) { |
| 1325 | + if (str == null) return ''; |
| 1326 | + |
| 1327 | + return String(str).replace(/[<>'"&]/g, character => escapeMap[character]); |
| 1328 | + }; |
| 1329 | +} |
1340 | 1330 |
|
1341 | 1331 | function isUrlOrUrn(str) { |
1342 | 1332 | const urlRegEx = /^((?:(?:https?):)\/\/)?((?:(?:[^:@]+(?::[^:@]+)?|[^:@]+@[^:@]+)(?::\d+)?)|(?:\[[a-fA-F0-9:]+]))(\/(?:[^?#]*))?(\\?(?:[^#]*))?(#(?:.*))?$/; |
@@ -1373,3 +1363,11 @@ function readKeysFromFile(keyFile) { |
1373 | 1363 | throw Error(`Failed to read private or public key from file "${keyFile}": ${e.message}`); |
1374 | 1364 | } |
1375 | 1365 | } |
| 1366 | + |
| 1367 | +export default { |
| 1368 | + handleSingleSignOn, // Process SAML Response form IdP |
| 1369 | + handleSingleLogout, // Process SAML LogoutRequest and LogoutResponse from IdP |
| 1370 | + handleAllMessages, // Process all SAML messages from IdP |
| 1371 | + initiateSingleSignOn, // Initiate SAML SSO by redirecting to IdP |
| 1372 | + initiateSingleLogout // Initiate SAML SLO by redirecting to IdP |
| 1373 | +}; |
0 commit comments