build(deps): bump @boxyhq/saml20 from 1.10.2 to 1.12.1 (#1001)

* build(deps): bump @boxyhq/saml20 from 1.10.2 to 1.12.1 Bumps [@boxyhq/saml20](https://github.com/boxyhq/saml20) from 1.10.2 to 1.12.1. - [Release notes](https://github.com/boxyhq/saml20/releases) - [Changelog](https://github.com/ory/saml20/blob/main/.release-it.json) - [Commits](https://github.com/boxyhq/saml20/compare/1.10.2...1.12.1) --- updated-dependencies: - dependency-name: "@boxyhq/saml20" dependency-version: 1.12.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * updated saml20 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Deepak Prabhakara <deepak.prabhakara@ory.sh>
2025-09-15 23:49:47 +01:00 · 2025-09-15 23:49:47 +01:00 · c9a56026ff
commit c9a56026ff
parent 8c1fddb8e3
3 changed files with 6 additions and 7 deletions
--- a/package-lock.json
+++ b/package-lock.json
@ -9,7 +9,7 @@
      "version": "1.4.1",
      "license": "Apache 2.0",
      "dependencies": {
-        "@boxyhq/saml20": "1.10.2",
+        "@boxyhq/saml20": "1.12.1",
        "daisyui": "4.12.24",
        "next": "15.5.3",
        "react": "19.1.1",
@ -50,9 +50,9 @@
      }
    },
    "node_modules/@boxyhq/saml20": {
-      "version": "1.10.2",
-      "resolved": "https://registry.npmjs.org/@boxyhq/saml20/-/saml20-1.10.2.tgz",
-      "integrity": "sha512-B7Z3bbgc2T3+284nqyciHeQpu4+isBITuRKeLsznHIkunXb/viakkfGJOmW78ohmtGz0P73lu6mAuQBm8ASAJA==",
+      "version": "1.12.1",
+      "resolved": "https://registry.npmjs.org/@boxyhq/saml20/-/saml20-1.12.1.tgz",
+      "integrity": "sha512-lAHJ13kTZqPgSFUuAV8+kg5As3/MoSfiEr96tNKP0sj6c6o/Sbwn6DIhUZLQRNzDtmyAu9zuQk3vdbY5BK56Xg==",
      "license": "MIT",
      "dependencies": {
        "@xmldom/xmldom": "0.9.8",
--- a/package.json
+++ b/package.json
@ -14,7 +14,7 @@
    "release": "git checkout release && git merge origin/main && release-it && git checkout main && git merge origin/release && git push origin main"
  },
  "dependencies": {
-    "@boxyhq/saml20": "1.10.2",
+    "@boxyhq/saml20": "1.12.1",
    "daisyui": "4.12.24",
    "next": "15.5.3",
    "react": "19.1.1",
--- a/pages/api/saml/sso.ts
+++ b/pages/api/saml/sso.ts
@ -34,8 +34,7 @@ async function processSAMLRequest(req: NextApiRequest, res: NextApiResponse, isP
    const { id, audience, acsUrl, providerName, publicKey } = await saml.parseSAMLRequest(rawRequest, isPost);

    if (isPost) {
-      const { valid } = await saml.hasValidSignature(rawRequest, publicKey, null);
-      if (!valid) {
+      if (!saml.validateSignature(rawRequest, publicKey, null)) {
        throw new Error('Invalid signature');
      }
    }