From eca2501de1e8d8e9bcc5d4a004733a5f22d2e0c9 Mon Sep 17 00:00:00 2001 From: Nelito Junior Date: Tue, 11 Apr 2023 15:17:50 +0200 Subject: [PATCH 1/3] Fix minor typos (#853) --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 6b2019ca..dcf59316 100644 --- a/README.md +++ b/README.md @@ -63,7 +63,7 @@ passport.use( ### Configure strategy for multiple providers -You can pass a `getSamlOptions` parameter to `MultiSamlStrategy` which will be called before the SAML flows. Passport-SAML will pass in the request object so you can decide which configuation is appropriate. +You can pass a `getSamlOptions` parameter to `MultiSamlStrategy` which will be called before the SAML flows. Passport-SAML will pass in the request object so you can decide which configuration is appropriate. ```javascript const { MultiSamlStrategy } = require('passport-saml'); @@ -108,7 +108,7 @@ The options passed when the `MultiSamlStrategy` is initialized are also passed a Using multiple providers supports `validateInResponseTo`, but all the `InResponse` values are stored on the same Cache. This means, if you're using the default `InMemoryCache`, that all providers have access to it and a provider might get its response validated against another's request. [Issue Report](https://github.com/node-saml/passport-saml/issues/334). To amend this you should provide a different cache provider per SAML provider, through the `getSamlOptions` function. -Please note that in the above examples, `findProvider()`, `findByNameId()`, and `findByEmail()` are an examples of functions you need to implement yourself. These are just examples. You can implement this functionality any way you see fit. Please note that calling `getSamlOptions()` should result in `done()` being called with a proper SAML Configuration (see the TypeScript typings for more information) and the `done()` callbacks for the second and third arguments should be called with an object that represents the user. +Please note that in the above examples, `findProvider()`, `findByNameId()`, and `findByEmail()` are examples of functions you need to implement yourself. These are just examples. You can implement this functionality any way you see fit. Please note that calling `getSamlOptions()` should result in `done()` being called with a proper SAML Configuration (see the TypeScript typings for more information) and the `done()` callbacks for the second and third arguments should be called with an object that represents the user. ### The profile object From eb6561550222427e1bbcfe4aa381927699cd2c21 Mon Sep 17 00:00:00 2001 From: Chris Barth Date: Tue, 11 Apr 2023 18:50:43 -0400 Subject: [PATCH 2/3] Use secure version of node-saml (#855) --- package-lock.json | 66 +++++++++++++++++++++++------------------------ package.json | 2 +- 2 files changed, 34 insertions(+), 34 deletions(-) diff --git a/package-lock.json b/package-lock.json index 365d4aef..83db4120 100644 --- a/package-lock.json +++ b/package-lock.json @@ -564,20 +564,20 @@ } }, "@node-saml/node-saml": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/@node-saml/node-saml/-/node-saml-4.0.0.tgz", - "integrity": "sha512-C3Vl14kZv55Vj464OWOJIEE4abdNH04SSvB+CXHCIaMSjY4QAnqvWykN/UGBSaRET/+7XK7B9v8jcMqJgvvPJw==", + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/@node-saml/node-saml/-/node-saml-4.0.4.tgz", + "integrity": "sha512-oybUBWBYVsHGckQxzyzlpRM4E2iuW3I2Ok/J9SwlotdmjvmZxSo6Ub74D9wltG8C9daJZYI57uy+1UK4FtcGXA==", "requires": { "@types/debug": "^4.1.7", "@types/passport": "^1.0.11", "@types/xml-crypto": "^1.4.2", "@types/xml-encryption": "^1.2.1", "@types/xml2js": "^0.4.11", - "@xmldom/xmldom": "^0.8.3", + "@xmldom/xmldom": "^0.8.6", "debug": "^4.3.4", - "xml-crypto": "^3.0.0", - "xml-encryption": "^3.0.1", - "xml2js": "^0.4.23", + "xml-crypto": "^3.0.1", + "xml-encryption": "^3.0.2", + "xml2js": "^0.5.0", "xmlbuilder": "^15.1.1" } }, @@ -1347,9 +1347,9 @@ } }, "@xmldom/xmldom": { - "version": "0.8.6", - "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.8.6.tgz", - "integrity": "sha512-uRjjusqpoqfmRkTaNuLJ2VohVr67Q5YwDATW3VU7PfzTj6IRaihGrYI7zckGZjxQPBIp63nfvJbM+Yu5ICh0Bg==" + "version": "0.8.7", + "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.8.7.tgz", + "integrity": "sha512-sI1Ly2cODlWStkINzqGrZ8K6n+MTSbAeQnAipGyL+KZCXuHaRlj2gyyy8B/9MvsFFqN7XHryQnB2QwhzvJXovg==" }, "abbrev": { "version": "1.1.1", @@ -3322,9 +3322,9 @@ "dev": true }, "http-cache-semantics": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.1.0.tgz", - "integrity": "sha512-carPklcUh7ROWRK7Cv27RPtdhYhUsela/ue5/jKzjegVvXDqM2ILE9Q2BGn9JZJh1g87cp56su/FgQSzcWS8cQ==", + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.1.1.tgz", + "integrity": "sha512-er295DKPVsV82j5kw1Gjt+ADA/XYHsajl82cGNQG2eyoPkvgUhX+nDIyelzhIWbbsXP39EHcI6l5tYs2FYqYXQ==", "dev": true }, "http-errors": { @@ -3998,9 +3998,9 @@ } }, "json5": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.1.tgz", - "integrity": "sha512-1hqLFMSrGHRHxav9q9gNjJ5EXznIxGVO09xQRrwplcS8qs28pZ8s8hupZAmqDwZUmVZ2Qb2jnyPOWcDH8m8dlA==", + "version": "2.2.3", + "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", + "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", "dev": true }, "jsonfile": { @@ -5237,9 +5237,9 @@ } }, "http-cache-semantics": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.1.0.tgz", - "integrity": "sha512-carPklcUh7ROWRK7Cv27RPtdhYhUsela/ue5/jKzjegVvXDqM2ILE9Q2BGn9JZJh1g87cp56su/FgQSzcWS8cQ==", + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.1.1.tgz", + "integrity": "sha512-er295DKPVsV82j5kw1Gjt+ADA/XYHsajl82cGNQG2eyoPkvgUhX+nDIyelzhIWbbsXP39EHcI6l5tYs2FYqYXQ==", "dev": true }, "http-proxy-agent": { @@ -8391,9 +8391,9 @@ "dev": true }, "vm2": { - "version": "3.9.11", - "resolved": "https://registry.npmjs.org/vm2/-/vm2-3.9.11.tgz", - "integrity": "sha512-PFG8iJRSjvvBdisowQ7iVF580DXb1uCIiGaXgm7tynMR1uTBlv7UJlB1zdv5KJ+Tmq1f0Upnj3fayoEOPpCBKg==", + "version": "3.9.16", + "resolved": "https://registry.npmjs.org/vm2/-/vm2-3.9.16.tgz", + "integrity": "sha512-3T9LscojNTxdOyG+e8gFeyBXkMlOBYDoF6dqZbj+MPVHi9x10UfiTAJIobuchRCp3QvC+inybTbMJIUrLsig0w==", "dev": true, "requires": { "acorn": "^8.7.0", @@ -8605,11 +8605,11 @@ "dev": true }, "xml-crypto": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/xml-crypto/-/xml-crypto-3.0.0.tgz", - "integrity": "sha512-vdmZOsWgjnFxYGY7OwCgxs+HLWzwvLgX2n0NSYWh3gudckQyNOmtJTT6ooOWEvDZSpC9qRjRs2bEXqKFi1oCHw==", + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/xml-crypto/-/xml-crypto-3.0.1.tgz", + "integrity": "sha512-7XrwB3ujd95KCO6+u9fidb8ajvRJvIfGNWD0XLJoTWlBKz+tFpUzEYxsN+Il/6/gHtEs1RgRh2RH+TzhcWBZUw==", "requires": { - "@xmldom/xmldom": "^0.8.3", + "@xmldom/xmldom": "^0.8.5", "xpath": "0.0.32" }, "dependencies": { @@ -8621,11 +8621,11 @@ } }, "xml-encryption": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/xml-encryption/-/xml-encryption-3.0.1.tgz", - "integrity": "sha512-KhHltZXyQ43nGFuZr+UMfCa5G6Ws2uXdiLLJPBP3SRlMh6PmUJkXqMHdhYpy0wSgEkx4UKBQ59nRmZxcXL+4GA==", + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/xml-encryption/-/xml-encryption-3.0.2.tgz", + "integrity": "sha512-VxYXPvsWB01/aqVLd6ZMPWZ+qaj0aIdF+cStrVJMcFj3iymwZeI0ABzB3VqMYv48DkSpRhnrXqTUkR34j+UDyg==", "requires": { - "@xmldom/xmldom": "^0.8.3", + "@xmldom/xmldom": "^0.8.5", "escape-html": "^1.0.3", "xpath": "0.0.32" }, @@ -8638,9 +8638,9 @@ } }, "xml2js": { - "version": "0.4.23", - "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.4.23.tgz", - "integrity": "sha512-ySPiMjM0+pLDftHgXY4By0uswI3SPKLDw/i3UXbnO8M/p28zqexCUoPmQFrYD+/1BzhGJSs2i1ERWKJAtiLrug==", + "version": "0.5.0", + "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.5.0.tgz", + "integrity": "sha512-drPFnkQJik/O+uPKpqSgr22mpuFHqKdbS835iAQrUC73L2F5WkboIRd63ai/2Yg6I1jzifPFKH2NTK+cfglkIA==", "requires": { "sax": ">=0.6.0", "xmlbuilder": "~11.0.0" diff --git a/package.json b/package.json index d947b976..64ffc589 100644 --- a/package.json +++ b/package.json @@ -51,7 +51,7 @@ "watch": "concurrently --kill-others \"npm:*-watch\"" }, "dependencies": { - "@node-saml/node-saml": "^4.0.0", + "@node-saml/node-saml": "^4.0.4", "@types/express": "^4.17.14", "@types/passport": "^1.0.11", "@types/passport-strategy": "^0.2.35", From 91b1ba6df23fd5d30c36a3c52d4e6885cb075284 Mon Sep 17 00:00:00 2001 From: Chris Barth Date: Tue, 11 Apr 2023 18:56:11 -0400 Subject: [PATCH 3/3] Release 4.0.3 --- CHANGELOG.md | 12 ++++++++++++ package-lock.json | 2 +- package.json | 2 +- 3 files changed, 14 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a096d826..99aa0c42 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,17 @@ # Changelog +## v4.0.3 (2023-04-11) + +#### 🔗 Dependencies: + +- [**security**] Use secure version of node-saml [#855](https://github.com/node-saml/passport-saml/pull/855) + +#### 📚 Documentation: + +- Fix minor typos [#853](https://github.com/node-saml/passport-saml/pull/853) + +--- + ## v4.0.2 (2022-12-13) #### 🔗 Dependencies: diff --git a/package-lock.json b/package-lock.json index 83db4120..4a07820d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "@node-saml/passport-saml", - "version": "4.0.2", + "version": "4.0.3", "lockfileVersion": 1, "requires": true, "dependencies": { diff --git a/package.json b/package.json index 64ffc589..4f3c80bb 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@node-saml/passport-saml", - "version": "4.0.2", + "version": "4.0.3", "description": "SAML 2.0 authentication strategy for Passport", "keywords": [ "saml",