check for missing signature and throw appropriate error (#80)

2022-10-12 19:11:50 +01:00 · 2022-10-12 19:11:50 +01:00 · 929fac62dd
commit 929fac62dd
parent e2ecfd28d5
2 changed files with 10 additions and 3 deletions
--- a/pages/api/saml/sso.ts
+++ b/pages/api/saml/sso.ts
@ -42,6 +42,6 @@ async function processSAMLRequest(req: NextApiRequest, res: NextApiResponse, isP
  } catch (err) {
    console.error(err);
-    res.status(500).send(`Error parsing SAML request`);
+    res.status(500).send(`${err}`);
  }
 }
--- a/utils/request.ts
+++ b/utils/request.ts
@ -31,13 +31,20 @@ const extractSAMLRequestAttributes = async (rawRequest: string) => {
  const attributes = result['samlp:AuthnRequest']['$'];
  const issuer = result['samlp:AuthnRequest']['saml:Issuer'];
  const publicKey = result['samlp:AuthnRequest']['Signature']
    ? result['samlp:AuthnRequest']['Signature']['KeyInfo'][0]['X509Data'][0]['X509Certificate'][0]
    : null;
  if (!publicKey) {
    throw new Error('Missing signature');
  }
  return {
    id: attributes.ID,
    acsUrl: attributes.AssertionConsumerServiceURL,
    providerName: attributes.ProviderName,
    audience: issuer[0]['_'],
-    publicKey:
+    publicKey,
      result['samlp:AuthnRequest']['Signature'][0]['KeyInfo'][0]['X509Data'][0]['X509Certificate'][0],
  };
 };