diff --git a/package-lock.json b/package-lock.json index 39b0503..ef6c0a7 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,7 +9,7 @@ "version": "1.4.1", "license": "Apache 2.0", "dependencies": { - "@boxyhq/saml20": "1.10.2", + "@boxyhq/saml20": "1.12.1", "daisyui": "4.12.24", "next": "15.5.3", "react": "19.1.1", @@ -50,9 +50,9 @@ } }, "node_modules/@boxyhq/saml20": { - "version": "1.10.2", - "resolved": "https://registry.npmjs.org/@boxyhq/saml20/-/saml20-1.10.2.tgz", - "integrity": "sha512-B7Z3bbgc2T3+284nqyciHeQpu4+isBITuRKeLsznHIkunXb/viakkfGJOmW78ohmtGz0P73lu6mAuQBm8ASAJA==", + "version": "1.12.1", + "resolved": "https://registry.npmjs.org/@boxyhq/saml20/-/saml20-1.12.1.tgz", + "integrity": "sha512-lAHJ13kTZqPgSFUuAV8+kg5As3/MoSfiEr96tNKP0sj6c6o/Sbwn6DIhUZLQRNzDtmyAu9zuQk3vdbY5BK56Xg==", "license": "MIT", "dependencies": { "@xmldom/xmldom": "0.9.8", diff --git a/package.json b/package.json index 51f8dcb..dd1e609 100644 --- a/package.json +++ b/package.json @@ -14,7 +14,7 @@ "release": "git checkout release && git merge origin/main && release-it && git checkout main && git merge origin/release && git push origin main" }, "dependencies": { - "@boxyhq/saml20": "1.10.2", + "@boxyhq/saml20": "1.12.1", "daisyui": "4.12.24", "next": "15.5.3", "react": "19.1.1", diff --git a/pages/api/saml/sso.ts b/pages/api/saml/sso.ts index e69dd0a..910aeca 100644 --- a/pages/api/saml/sso.ts +++ b/pages/api/saml/sso.ts @@ -34,8 +34,7 @@ async function processSAMLRequest(req: NextApiRequest, res: NextApiResponse, isP const { id, audience, acsUrl, providerName, publicKey } = await saml.parseSAMLRequest(rawRequest, isPost); if (isPost) { - const { valid } = await saml.hasValidSignature(rawRequest, publicKey, null); - if (!valid) { + if (!saml.validateSignature(rawRequest, publicKey, null)) { throw new Error('Invalid signature'); } }