UNPKG

wsfed

Version:

WSFed server middleware

github.com/auth0/node-wsfed

auth0/node-wsfed

81 lines (66 loc) 2.79 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
var fs = require('fs'); var path = require('path'); var expect = require('chai').expect; var server = require('./fixture/server'); var request = require('request'); var cheerio = require('cheerio'); var xmlenc = require('xml-encryption'); var xmlhelper = require('./xmlhelper'); var credentials = { cert: fs.readFileSync(path.join(__dirname, '/fixture/wsfed.test-cert.pem')), key: fs.readFileSync(path.join(__dirname, '/fixture/wsfed.test-cert.key')), pkcs7: fs.readFileSync(path.join(__dirname, '/fixture/wsfed.test-cert.pb7')), pub: fs.readFileSync(path.join(__dirname, '/fixture/wsfed.test-cert.pub')) }; describe('when dwdw encrypting the assertion', function () { before(function (done) { server.start({ encryptionPublicKey: credentials.pub, encryptionCert: credentials.cert }, done); }); after(function (done) { server.close(done); }); var body, $, encryptedAssertion; describe('when encrypting the assertion', function () { before(function (done) { request.get({ jar: request.jar(), uri: 'http://localhost:5050/wsfed?wa=wsignin1.0&wctx=123&wtrealm=urn:the-super-client-id' }, function (err, response, b){ if(err) return done(err); body = b; $ = cheerio.load(body); var wresult = $('input[name="wresult"]').attr('value'); encryptedAssertion = /<t:RequestedSecurityToken>(.*)<\/t:RequestedSecurityToken>/.exec(wresult)[1]; done(); }); }); it('should contain a form in the result', function(){ expect(body).to.match(/<form/); }); it('should contain an encrypted xml', function(){ expect(encryptedAssertion).to.match(/xenc:EncryptedData/); }); it('should contain a valid encrypted xml with the assertion', function(done){ xmlenc.decrypt(encryptedAssertion, { key: credentials.key }, function(err, decrypted) { var isValid = xmlhelper.verifySignature(decrypted, credentials.cert); expect(isValid).to.be.ok; var attributes = xmlhelper.getAttributes(decrypted); function validateAttribute(position, name, value) { expect(attributes[position].getAttribute('AttributeName')) .to.equal(name); expect(attributes[position].firstChild.textContent) .to.equal(value); } validateAttribute(0, 'nameidentifier', server.fakeUser.id); validateAttribute(1, 'emailaddress', server.fakeUser.emails[0].value); validateAttribute(2, 'name', server.fakeUser.displayName); validateAttribute(3, 'givenname', server.fakeUser.name.givenName); validateAttribute(4, 'surname', server.fakeUser.name.familyName); done(); }); }); }); });