Skip to content

Commit

Permalink
remove dependency on deprecated library querystring - use URLSearchPa…
Browse files Browse the repository at this point in the history
…rams #137
  • Loading branch information
aelliott-atlas committed Oct 19, 2023
1 parent 46305eb commit 0775a40
Show file tree
Hide file tree
Showing 5 changed files with 19 additions and 29 deletions.
3 changes: 1 addition & 2 deletions lib/logout.js
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ var signers = require('./signers');
var SessionStore = require('flowstate').SessionStore;
var SessionParticipants = require('./sessionParticipants');
var zlib = require('zlib');
var qs = require('querystring');
var xtend = require('xtend');
var constants = require('./constants');

Expand Down Expand Up @@ -361,7 +360,7 @@ function prepareAndSendToken(req, res, element_type, token, options, cb) {
}

params.SigAlg = signers.getSigAlg(options);
params.Signature = signers.sign(options, qs.stringify(params));
params.Signature = signers.sign(options, (new URLSearchParams(params)).toString());

send(params);
});
Expand Down
3 changes: 1 addition & 2 deletions lib/utils.js
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
const zlib = require('zlib');
const xmldom = require('@auth0/xmldom');
const qs = require('querystring');
const xpath = require('xpath');
const url = require('url');
const xtend = require('xtend');
Expand Down Expand Up @@ -215,7 +214,7 @@ function validateSignature(req, element_type, xml, options) {
throw new Error('Invalid signature algorithm. Supported algorithms are http://www.w3.org/2001/04/xmldsig-more#rsa-sha1 and http://www.w3.org/2001/04/xmldsig-more#rsa-sha256');
}

const valid = signers.isValidContentAndSignature(qs.stringify(signedContent), req.query.Signature, {
const valid = signers.isValidContentAndSignature((new URLSearchParams(signedContent)).toString(), req.query.Signature, {
signingCert: options.signingCert,
signatureAlgorithm: req.query.SigAlg
});
Expand Down
1 change: 0 additions & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,6 @@
"auth0-id-generator": "^0.2.0",
"ejs": "^3.1.8",
"flowstate": "^0.4.0",
"querystring": "^0.2.0",
"saml": "^3.0.1",
"xml-crypto": "^2.0.0",
"@auth0/xmldom": "0.1.21",
Expand Down
19 changes: 8 additions & 11 deletions test/samlp.logout.custom_store.tests.js
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ var xmldom = require('@auth0/xmldom');
var xmlhelper = require('./xmlhelper');
var zlib = require('zlib');
var utils = require('../lib/utils');
var qs = require('querystring');
var signers = require('../lib/signers');
var InMemoryStore = require('./in_memory_store');
var SPs = require('../lib/sessionParticipants');
Expand Down Expand Up @@ -166,9 +165,8 @@ describe('samlp logout with Session Participants - Custom Provider', function ()
}, function (err, response){
if(err) return done(err);
expect(response.statusCode).to.equal(302);
var qs = require('querystring');
var i = response.headers.location.indexOf('SAMLResponse=');
var query = qs.parse(response.headers.location.substr(i));
var query = Object.fromEntries(new URLSearchParams(response.headers.location.substr(i)));
var SAMLResponse = query.SAMLResponse;
RelayState = query.RelayState;

Expand Down Expand Up @@ -231,7 +229,7 @@ describe('samlp logout with Session Participants - Custom Provider', function ()

var i = response.headers.location.indexOf('?');
var completeQueryString = response.headers.location.substr(i+1);
var parsedQueryString = qs.parse(completeQueryString);
var parsedQueryString = Object.fromEntries(new URLSearchParams(completeQueryString));

SAMLRequest = parsedQueryString.SAMLRequest;
sessionParticipantLogoutRequestRelayState = parsedQueryString.RelayState;
Expand Down Expand Up @@ -306,7 +304,7 @@ describe('samlp logout with Session Participants - Custom Provider', function ()
};

// We need to sign the reponse here
var signature = signers.sign({key: sp2_credentials.key, signatureAlgorithm: 'rsa-sha1' }, qs.stringify(params));
var signature = signers.sign({key: sp2_credentials.key, signatureAlgorithm: 'rsa-sha1' }, (new URLSearchParams(params)).toString());
params.Signature = signature;

request.get({
Expand All @@ -316,11 +314,10 @@ describe('samlp logout with Session Participants - Custom Provider', function ()
}, function (err, response) {
if (err) { return done(err); }
expect(response.statusCode).to.equal(302);
var qs = require('querystring');

var i = response.headers.location.indexOf('?');
var completeQueryString = response.headers.location.substr(i+1);
var parsedQueryString = qs.parse(completeQueryString);
var parsedQueryString = Object.fromEntries(new URLSearchParams(completeQueryString));

SAMLResponse = parsedQueryString.SAMLResponse;
sessionParticipantLogoutResponseRelayState = parsedQueryString.RelayState;
Expand Down Expand Up @@ -466,7 +463,7 @@ describe('samlp logout with Session Participants - Custom Provider', function ()

var i = response.headers.location.indexOf('?');
var completeQueryString = response.headers.location.substr(i+1);
var parsedQueryString = qs.parse(completeQueryString);
var parsedQueryString = Object.fromEntries(new URLSearchParams(completeQueryString));

SAMLRequest = parsedQueryString.SAMLRequest;
sessionParticipantLogoutRequestRelayState = parsedQueryString.RelayState;
Expand Down Expand Up @@ -538,7 +535,7 @@ describe('samlp logout with Session Participants - Custom Provider', function ()

var i = response.headers.location.indexOf('?');
var completeQueryString = response.headers.location.substr(i+1);
var parsedQueryString = qs.parse(completeQueryString);
var parsedQueryString = Object.fromEntries(new URLSearchParams(completeQueryString));

SAMLRequest = parsedQueryString.SAMLRequest;
sessionParticipantLogoutRequestRelayState = parsedQueryString.RelayState;
Expand Down Expand Up @@ -614,7 +611,7 @@ describe('samlp logout with Session Participants - Custom Provider', function ()
};

// We need to sign the reponse here
var signature = signers.sign({key: sp1_credentials.key, signatureAlgorithm: 'rsa-sha1' }, qs.stringify(params));
var signature = signers.sign({key: sp1_credentials.key, signatureAlgorithm: 'rsa-sha1' }, (new URLSearchParams(params)).toString());
params.Signature = signature;

request.get({
Expand All @@ -628,7 +625,7 @@ describe('samlp logout with Session Participants - Custom Provider', function ()

var i = response.headers.location.indexOf('?');
var completeQueryString = response.headers.location.substr(i+1);
var parsedQueryString = qs.parse(completeQueryString);
var parsedQueryString = Object.fromEntries(new URLSearchParams(completeQueryString))

SAMLRequest2 = parsedQueryString.SAMLRequest;
sessionParticipant2LogoutRequestRelayState = parsedQueryString.RelayState;
Expand Down
22 changes: 9 additions & 13 deletions test/samlp.logout.session_store.tests.js
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ var xmldom = require('@auth0/xmldom');
var xmlhelper = require('./xmlhelper');
var zlib = require('zlib');
var utils = require('../lib/utils');
var qs = require('querystring');
var signers = require('../lib/signers');
var fs = require('fs');
var path = require('path');
Expand Down Expand Up @@ -243,9 +242,8 @@ describe('samlp logout with Session Participants - Session Provider', function (
}, function (err, response){
if(err) return done(err);
expect(response.statusCode).to.equal(302);
var qs = require('querystring');
var i = response.headers.location.indexOf('SAMLResponse=');
var query = qs.parse(response.headers.location.substr(i));
var query = Object.fromEntries(new URLSearchParams(response.headers.location.substr(i)));
var SAMLResponse = query.SAMLResponse;
RelayState = query.RelayState;

Expand Down Expand Up @@ -306,7 +304,7 @@ describe('samlp logout with Session Participants - Session Provider', function (

var i = response.headers.location.indexOf('?');
var completeQueryString = response.headers.location.substr(i+1);
var parsedQueryString = qs.parse(completeQueryString);
var parsedQueryString = Object.fromEntries(new URLSearchParams(completeQueryString));

SAMLRequest = parsedQueryString.SAMLRequest;
sessionParticipantLogoutRequestRelayState = parsedQueryString.RelayState;
Expand Down Expand Up @@ -380,7 +378,7 @@ describe('samlp logout with Session Participants - Session Provider', function (
};

// We need to sign the reponse here
var signature = signers.sign({key: sp2_credentials.key, signatureAlgorithm: 'rsa-sha1' }, qs.stringify(params));
var signature = signers.sign({key: sp2_credentials.key, signatureAlgorithm: 'rsa-sha1' }, (new URLSearchParams(params)).toString());
params.Signature = signature;

request.get({
Expand All @@ -390,11 +388,10 @@ describe('samlp logout with Session Participants - Session Provider', function (
}, function (err, response) {
if (err) { return done(err); }
expect(response.statusCode).to.equal(302);
var qs = require('querystring');

var i = response.headers.location.indexOf('?');
var completeQueryString = response.headers.location.substr(i+1);
var parsedQueryString = qs.parse(completeQueryString);
var parsedQueryString = Object.fromEntries(new URLSearchParams(completeQueryString));

SAMLResponse = parsedQueryString.SAMLResponse;
sessionParticipantLogoutResponseRelayState = parsedQueryString.RelayState;
Expand Down Expand Up @@ -476,9 +473,8 @@ describe('samlp logout with Session Participants - Session Provider', function (
}, function (err, response){
if(err) return done(err);
expect(response.statusCode).to.equal(302);
const qs = require('querystring');
const i = response.headers.location.indexOf('SAMLResponse=');
const query = qs.parse(response.headers.location.substr(i));
const query = Object.fromEntries(new URLSearchParams(response.headers.location.substr(i)));
const SAMLResponse = query.SAMLResponse;

zlib.inflateRaw(Buffer.from(SAMLResponse, 'base64'), function (err, decodedAndInflated) {
Expand Down Expand Up @@ -656,7 +652,7 @@ describe('samlp logout with Session Participants - Session Provider', function (

var i = response.headers.location.indexOf('?');
var completeQueryString = response.headers.location.substr(i+1);
var parsedQueryString = qs.parse(completeQueryString);
var parsedQueryString = Object.fromEntries(new URLSearchParams(completeQueryString));

SAMLRequest = parsedQueryString.SAMLRequest;
sessionParticipantLogoutRequestSigAlg = parsedQueryString.SigAlg;
Expand Down Expand Up @@ -725,7 +721,7 @@ describe('samlp logout with Session Participants - Session Provider', function (

var i = response.headers.location.indexOf('?');
var completeQueryString = response.headers.location.substr(i+1);
var parsedQueryString = qs.parse(completeQueryString);
var parsedQueryString = Object.fromEntries(new URLSearchParams(completeQueryString));

SAMLRequest = parsedQueryString.SAMLRequest;
sessionParticipantLogoutRequestRelayState = parsedQueryString.RelayState;
Expand Down Expand Up @@ -799,7 +795,7 @@ describe('samlp logout with Session Participants - Session Provider', function (
};

// We need to sign the reponse here
var signature = signers.sign({key: sp1_credentials.key, signatureAlgorithm: 'rsa-sha1' }, qs.stringify(params));
var signature = signers.sign({key: sp1_credentials.key, signatureAlgorithm: 'rsa-sha1' }, (new URLSearchParams(params)).toString());
params.Signature = signature;

request.get({
Expand All @@ -812,7 +808,7 @@ describe('samlp logout with Session Participants - Session Provider', function (

var i = response.headers.location.indexOf('?');
var completeQueryString = response.headers.location.substr(i+1);
var parsedQueryString = qs.parse(completeQueryString);
var parsedQueryString = Object.fromEntries(new URLSearchParams(completeQueryString));

SAMLRequest2 = parsedQueryString.SAMLRequest;
sessionParticipant2LogoutRequestRelayState = parsedQueryString.RelayState;
Expand Down

0 comments on commit 0775a40

Please sign in to comment.