Added X509 certificate to KeyInfo X509Data, if passed through options#36
Merged
cjbarth merged 40 commits intonode-saml:masterfrom Feb 14, 2024
Merged
Conversation
cjbarth
requested changes
Jan 6, 2022
Collaborator
cjbarth
left a comment
There was a problem hiding this comment.
This looks reasonable, but it needs a README update and a test.
Contributor
Author
Updated PR with the changes.. Can you please review again.. |
Contributor
Author
|
@cjbarth, Updated the PR, please review |
Collaborator
|
I won't be able to get to it until later this week at the earliest. |
Contributor
Author
@cjbarth, Can you please help with this PR.. |
Collaborator
|
I have been without my computer for more than a month and only just got it back... long story, but it has put me out of the loop, and I need to catch back up. Lots of |
Contributor
Yikes! Welcome back. |
Collaborator
|
@ganesha289 please fix the build before I review. |
472a8e6 to
a228f49
Compare
Contributor
Author
@cjbarth , I am getting same build errors for master code too. Initially it fails for "prettier-check" script, When I run "prettier-format" script, that issue get resolved, but with so many file modifications, After fixing "prettier-check" issue, 9 unit tests failing, One more issue I see is Code scanning result -> CodeQL, but that is failing for existing function crypto.ts -> removeCertPEMHeaderAndFooter Can you please help.. |
1676187 to
a228f49
Compare
Contributor
Author
@cjbarth, I'm facing same issue with master code.. Can you please help.. |
Contributor
|
@ganesha289 Please see the PR I made against your branch, this will fix the formatting issues and provide tests for this code change. https://github.com/ganesha289/node-saml/pull/1/files I'm guessing you didn't have prettier using the correct config file and that caused line ending changes in test files. |
Contributor
Author
@barryhagan , Thank you very much for fixing the formatting issues and adding test cases. I have approved the PR.. Merging is enabled now.. Should I proceed with merging the PR..? |
Contributor
Yes, that should get your PR ready for review. |
Formatting and tests
Contributor
Author
@barryhagan , @cjbarth , Thank you for the help in issue resolution. I have merged PR - ganesha289#1 - in to this one.. Please review.. |
Contributor
Author
|
@cjbarth / @barryhagan, Can you please help with the review..? |
Contributor
sorry @ganesha289, wish I could help, but I'm not a maintainer of this project. |
Collaborator
|
@ganesha289 I'm preparing a v5 release. Would you like to work with me to get this landed for that release? |
Contributor
Author
Sure @cjbarth |
Collaborator
|
@ganesha289 , did you want to start by fixing the merge conflicts and then have a look at the https://github.com/node-saml/xml-crypto project and see if we can't use some of the new features there to add this feature there and use it here. Now that we have both projects in the same organization, we can put the code where it belongs very easily. |
This was referenced Jun 6, 2023
Conflicts: src/xml.ts
# Conflicts: # src/xml.ts
Collaborator
|
@ganesha289 , can you give this another look over to see if, after the merge, things look good for you? |
cjbarth
approved these changes
Feb 14, 2024
AlbertPangilinan
pushed a commit
to Foxquilt/foxden-node-saml
that referenced
this pull request
Sep 22, 2025
…node-saml#36) Co-authored-by: Ganesh Kshirsagar <ganesh.kshirsagar@nice.com> Co-authored-by: Barry Hagan <barryhagan@gmail.com> Co-authored-by: Chris Barth <chrisjbarth@hotmail.com>
AlbertPangilinan
added a commit
to Foxquilt/foxden-node-saml
that referenced
this pull request
Sep 23, 2025
* Bump xml-encryption from 3.0.1 to 3.0.2 (node-saml#236) Bumps [xml-encryption](https://github.com/auth0/node-xml-encryption) from 3.0.1 to 3.0.2. - [Release notes](https://github.com/auth0/node-xml-encryption/releases) - [Commits](https://github.com/auth0/node-xml-encryption/commits) --- updated-dependencies: - dependency-name: xml-encryption dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump xml2js from 0.4.23 to 0.5.0 (node-saml#268) Bumps [xml2js](https://github.com/Leonidas-from-XIV/node-xml2js) from 0.4.23 to 0.5.0. - [Release notes](https://github.com/Leonidas-from-XIV/node-xml2js/releases) - [Commits](https://github.com/Leonidas-from-XIV/node-xml2js/commits/0.5.0) --- updated-dependencies: - dependency-name: xml2js dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Release 4.0.4 * Update minor dependencies (node-saml#269) * Improve audience mismatch error message (node-saml#257) * feat: add public getAuthorizeMessage method (node-saml#235) * Acknowledge that XML can be parsed to `any` (node-saml#271) * feat: support additionalParams on HTTP-POST binding (node-saml#263) * Make `callbackUrl` manditory (node-saml#214) * Add public key support (node-saml#225) Co-authored-by: Chris Barth <chrisjbarth@hotmail.com> * Remove types specific to Passport (node-saml#226) * Export types required for SamlOptions (node-saml#224) * Bump vm2 from 3.9.16 to 3.9.19 (node-saml#277) Bumps [vm2](https://github.com/patriksimek/vm2) from 3.9.16 to 3.9.19. - [Release notes](https://github.com/patriksimek/vm2/releases) - [Changelog](https://github.com/patriksimek/vm2/blob/master/CHANGELOG.md) - [Commits](patriksimek/vm2@3.9.16...3.9.19) --- updated-dependencies: - dependency-name: vm2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump json5 from 2.2.1 to 2.2.3 (node-saml#244) Bumps [json5](https://github.com/json5/json5) from 2.2.1 to 2.2.3. - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v2.2.1...v2.2.3) --- updated-dependencies: - dependency-name: json5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump prettier from 2.8.7 to 2.8.8 (node-saml#274) Bumps [prettier](https://github.com/prettier/prettier) from 2.8.7 to 2.8.8. - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](prettier/prettier@2.8.7...2.8.8) --- updated-dependencies: - dependency-name: prettier dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump @typescript-eslint/parser from 5.58.0 to 5.59.8 (node-saml#281) Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.58.0 to 5.59.8. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.59.8/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump codecov/codecov-action from 3.1.1 to 3.1.4 (node-saml#279) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.1 to 3.1.4. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@v3.1.1...v3.1.4) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update minor dependencies (node-saml#283) * Roll-up changelog entries for beta releases (node-saml#282) * Fix spelling and normalize naming (node-saml#278) * Remove express dependency (node-saml#284) * Prefer Chai `expect` to Node `assert` (node-saml#286) * Add test coverage (node-saml#287) * Separate linting out from testing (node-saml#288) * Remove dependency on Passport types (node-saml#296) * Add tests for XML parsing with comments (node-saml#285) * Bump concurrently from 7.6.0 to 8.2.0 (node-saml#290) Bumps [concurrently](https://github.com/open-cli-tools/concurrently) from 7.6.0 to 8.2.0. - [Release notes](https://github.com/open-cli-tools/concurrently/releases) - [Commits](open-cli-tools/concurrently@v7.6.0...v8.2.0) --- updated-dependencies: - dependency-name: concurrently dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump @typescript-eslint/parser from 5.59.9 to 5.60.1 (node-saml#292) Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.59.9 to 5.60.1. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.60.1/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump typescript from 4.8.4 to 5.1.6 (node-saml#293) Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.8.4 to 5.1.6. - [Release notes](https://github.com/Microsoft/TypeScript/releases) - [Commits](https://github.com/Microsoft/TypeScript/commits) --- updated-dependencies: - dependency-name: typescript dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Allow 5.x series for TypeScript --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump sinon from 14.0.2 to 15.2.0 (node-saml#294) Bumps [sinon](https://github.com/sinonjs/sinon) from 14.0.2 to 15.2.0. - [Release notes](https://github.com/sinonjs/sinon/releases) - [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md) - [Commits](sinonjs/sinon@v14.0.2...v15.2.0) --- updated-dependencies: - dependency-name: sinon dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump word-wrap from 1.2.3 to 1.2.4 (node-saml#298) Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4. - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.4) --- updated-dependencies: - dependency-name: word-wrap dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump @typescript-eslint/parser from 5.59.9 to 5.62.0 (node-saml#299) Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.59.9 to 5.62.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.62.0/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump @xmldom/xmldom from 0.8.8 to 0.8.10 (node-saml#301) Bumps [@xmldom/xmldom](https://github.com/xmldom/xmldom) from 0.8.8 to 0.8.10. - [Release notes](https://github.com/xmldom/xmldom/releases) - [Changelog](https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md) - [Commits](xmldom/xmldom@0.8.8...0.8.10) --- updated-dependencies: - dependency-name: "@xmldom/xmldom" dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump @typescript-eslint/eslint-plugin from 5.59.9 to 5.62.0 (node-saml#302) Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.59.9 to 5.62.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.62.0/packages/eslint-plugin) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump @types/node from 14.18.50 to 14.18.53 (node-saml#303) Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.18.50 to 14.18.53. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump @cjbarth/github-release-notes from 4.0.0 to 4.1.0 (node-saml#304) Bumps [@cjbarth/github-release-notes](https://github.com/cjbarth/github-release-notes) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/cjbarth/github-release-notes/releases) - [Changelog](https://github.com/cjbarth/github-release-notes/blob/master/CHANGELOG.md) - [Commits](cjbarth/github-release-notes@4.0.0...4.1.0) --- updated-dependencies: - dependency-name: "@cjbarth/github-release-notes" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump release-it from 15.11.0 to 16.1.3 (node-saml#305) Bumps [release-it](https://github.com/release-it/release-it) from 15.11.0 to 16.1.3. - [Release notes](https://github.com/release-it/release-it/releases) - [Changelog](https://github.com/release-it/release-it/blob/main/CHANGELOG.md) - [Commits](release-it/release-it@15.11.0...16.1.3) --- updated-dependencies: - dependency-name: release-it dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump eslint from 8.42.0 to 8.45.0 (node-saml#306) Bumps [eslint](https://github.com/eslint/eslint) from 8.42.0 to 8.45.0. - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md) - [Commits](eslint/eslint@v8.42.0...v8.45.0) --- updated-dependencies: - dependency-name: eslint dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump prettier-plugin-packagejson from 2.4.3 to 2.4.5 (node-saml#307) Bumps [prettier-plugin-packagejson](https://github.com/matzkoh/prettier-plugin-packagejson) from 2.4.3 to 2.4.5. - [Release notes](https://github.com/matzkoh/prettier-plugin-packagejson/releases) - [Commits](matzkoh/prettier-plugin-packagejson@v2.4.3...v2.4.5) --- updated-dependencies: - dependency-name: prettier-plugin-packagejson dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump prettier from 2.8.8 to 3.0.0 (node-saml#300) Bumps [prettier](https://github.com/prettier/prettier) from 2.8.8 to 3.0.0. - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](prettier/prettier@2.8.8...3.0.0) --- updated-dependencies: - dependency-name: prettier dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Lint --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Chris Barth <chrisjbarth@hotmail.com> * Merge pull request from GHSA-vx8m-6fhw-pccw * Added verifyLogoutRequest to validatePostRequestAsync flow * Added bad expiration test * Updated IssueInstance to be in the past * Enforce valid setting for validateInResponseTo (node-saml#314) * Add test coverage for initialize() of saml.ts (node-saml#327) * Fixes `node-saml` not checking all `Audience`s in an `AudienceRestriction` (node-saml#340) * Upgrade to latest version of xml-crypto (node-saml#341) * Update to current Node versions (node-saml#342) * Fix metadata order (node-saml#334) Use the element order defined by "saml-schema-metadata-2.0.xsd" Closes node-saml#333 * Export generateServiceProviderMetadata (node-saml#337) * Rename `cert` to `idpCert` and `signingCert` to `publicCert` (node-saml#343) * Added X509 certificate to KeyInfo X509Data, if passed through options (node-saml#36) Co-authored-by: Ganesh Kshirsagar <ganesh.kshirsagar@nice.com> Co-authored-by: Barry Hagan <barryhagan@gmail.com> Co-authored-by: Chris Barth <chrisjbarth@hotmail.com> * Update minor dependencies and Node to 18 (node-saml#344) * Bump actions/checkout from 3 to 4 (node-saml#330) Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump sinon and @types/sinon (node-saml#349) Bumps [sinon](https://github.com/sinonjs/sinon) and [@types/sinon](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/sinon). These dependencies needed to be updated together. Updates `sinon` from 15.2.0 to 17.0.1 - [Release notes](https://github.com/sinonjs/sinon/releases) - [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md) - [Commits](sinonjs/sinon@v15.2.0...v17.0.1) Updates `@types/sinon` from 10.0.20 to 17.0.3 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/sinon) --- updated-dependencies: - dependency-name: sinon dependency-type: direct:development update-type: version-update:semver-major - dependency-name: "@types/sinon" dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump eslint-plugin-deprecation from 1.5.0 to 2.0.0 (node-saml#347) Bumps [eslint-plugin-deprecation](https://github.com/gund/eslint-plugin-deprecation) from 1.5.0 to 2.0.0. - [Release notes](https://github.com/gund/eslint-plugin-deprecation/releases) - [Changelog](https://github.com/gund/eslint-plugin-deprecation/blob/master/CHANGELOG.md) - [Commits](gund/eslint-plugin-deprecation@v1.5.0...v2.0.0) --- updated-dependencies: - dependency-name: eslint-plugin-deprecation dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump eslint-config-prettier from 8.10.0 to 9.1.0 (node-saml#345) Bumps [eslint-config-prettier](https://github.com/prettier/eslint-config-prettier) from 8.10.0 to 9.1.0. - [Changelog](https://github.com/prettier/eslint-config-prettier/blob/main/CHANGELOG.md) - [Commits](prettier/eslint-config-prettier@v8.10.0...v9.1.0) --- updated-dependencies: - dependency-name: eslint-config-prettier dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump eslint-plugin-prettier from 4.2.1 to 5.1.3 (node-saml#346) Bumps [eslint-plugin-prettier](https://github.com/prettier/eslint-plugin-prettier) from 4.2.1 to 5.1.3. - [Release notes](https://github.com/prettier/eslint-plugin-prettier/releases) - [Changelog](https://github.com/prettier/eslint-plugin-prettier/blob/master/CHANGELOG.md) - [Commits](prettier/eslint-plugin-prettier@v4.2.1...v5.1.3) --- updated-dependencies: - dependency-name: eslint-plugin-prettier dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump release-it from 16.3.0 to 17.0.5 (node-saml#348) Bumps [release-it](https://github.com/release-it/release-it) from 16.3.0 to 17.0.5. - [Release notes](https://github.com/release-it/release-it/releases) - [Changelog](https://github.com/release-it/release-it/blob/main/CHANGELOG.md) - [Commits](release-it/release-it@16.3.0...17.0.5) --- updated-dependencies: - dependency-name: release-it dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Release 5.0.0 * Update sponsor acknowledgements (node-saml#365) * Docs: add pitch to encourage more sponsors (node-saml#366) * feat: improve error messages when validating pems (node-saml#373) * docs: Update README.md set never default validateInResponseTo (node-saml#384) * Adjust to support type stripping (node-saml#389) * Update xml-crypto to address CVE (node-saml#388) This update addresses the following CVE: CVE-2025-29774; CVE-2025-29775 * Release 5.0.1 * Update dependencies (node-saml#391) * Adjust linting rules for line endings (node-saml#393) * Export custom SamlStatusError (node-saml#394) * add CI test & lint for Node.js 22 (node-saml#386) * Use new .signedReferences interace in xml-crypto to "see what is signed" (node-saml#397) * Update sponsors: Stytch (node-saml#395) * Release 5.1.0 * Update to support Node strip-only TypeScript support (node-saml#407) * Security: remove debug dependency (node-saml#406) * ARCH-32 node_saml changes * ARCH-32_fixed test * ARCH-32 updated the review comments * ARCH-32 package.json changes * ARCH-32 updated package json * ARCH-32 access to public * upgraded circleci node version to 22 * updated yarn.lock * removed package-lock.json * reset config.yml except for node version * reset workflow.yml * added 22.x to node-version matrix * fixed package-lock.json * fixed package-lock.json and yarn.lock * fixed node version number in package.json --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Chris Barth <chrisjbarth@hotmail.com> Co-authored-by: gmhewett <gmhewett@users.noreply.github.com> Co-authored-by: aykutbulca <aykutbulca@gmail.com> Co-authored-by: Gert Sallaerts <1267900+GertSallaerts@users.noreply.github.com> Co-authored-by: RopoMen <RopoMen@users.noreply.github.com> Co-authored-by: jindazhao01 <137830289+jindazhao01@users.noreply.github.com> Co-authored-by: Adam Andreasson <hej@adamandreasson.se> Co-authored-by: 56 <kg0r0@yahoo.co.jp> Co-authored-by: Nikolay <catamphetamine@users.noreply.github.com> Co-authored-by: Salvador Ortiz <sog@msg.mx> Co-authored-by: Nathan Sarang-Walters <nwalters512@gmail.com> Co-authored-by: Ganesh Kshirsagar <ganeshakshirsagar@gmail.com> Co-authored-by: Ganesh Kshirsagar <ganesh.kshirsagar@nice.com> Co-authored-by: Barry Hagan <barryhagan@gmail.com> Co-authored-by: Mark Stosberg <mark@rideamigos.com> Co-authored-by: Kilian Finger <hey@kilianfinger.com> Co-authored-by: Kiran Mali <39133739+kdhttps@users.noreply.github.com> Co-authored-by: Manan Jadhav <166636237+manan-jadhav-ab@users.noreply.github.com> Co-authored-by: ahacker1 <alex@securesaml.com> Co-authored-by: howard-stytch <89414701+howard-stytch@users.noreply.github.com> Co-authored-by: suriyaka <106838750+suriyaka@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
As per issue - https://github.com/node-saml/passport-saml/issues/585 - X509Certificate is not getting added to KeyInfo of AuthnRequest.
Added fix for this issue. If signingCert (service provider's certificate) parameter is passed in options, then X509Certificate will be added to AuthnRequest.
Checklist: