Skip to content

Commit

Permalink
fix(saml11): do not mutate moment() when options.lifetimeInSeconds is…
Browse files Browse the repository at this point in the history
… provided
  • Loading branch information
luuuis committed Sep 24, 2021
1 parent d281fdd commit 0a5afd1
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 1 deletion.
2 changes: 1 addition & 1 deletion lib/saml11.js
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,7 @@ function createAssertion(options, strategies, callback) {

if (options.lifetimeInSeconds) {
conditions[0].setAttribute('NotBefore', now.format('YYYY-MM-DDTHH:mm:ss.SSS[Z]'));
conditions[0].setAttribute('NotOnOrAfter', now.add(options.lifetimeInSeconds, 'seconds').format('YYYY-MM-DDTHH:mm:ss.SSS[Z]'));
conditions[0].setAttribute('NotOnOrAfter', moment(now).add(options.lifetimeInSeconds, 'seconds').format('YYYY-MM-DDTHH:mm:ss.SSS[Z]'));
}

if (options.audiences) {
Expand Down
3 changes: 3 additions & 0 deletions test/saml11.tests.js
Original file line number Diff line number Diff line change
Expand Up @@ -95,10 +95,13 @@ describe('saml 1.1', function () {
var signedAssertion = saml11[createAssertion](options);
var conditions = utils.getConditions(signedAssertion);
assert.equal(1, conditions.length);
var authenticationInstant = utils.getAuthenticationInstant(signedAssertion);
var notBefore = conditions[0].getAttribute('NotBefore');
var notOnOrAfter = conditions[0].getAttribute('NotOnOrAfter');

should.ok(notBefore);
should.ok(notOnOrAfter);
should.equal(authenticationInstant, notBefore);

var lifetime = Math.round((moment(notOnOrAfter).utc() - moment(notBefore).utc()) / 1000);
assert.equal(600, lifetime);
Expand Down
4 changes: 4 additions & 0 deletions test/utils.js
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,10 @@ exports.getIssueInstant = function(assertion) {
return doc.documentElement.getAttribute('IssueInstant');
};

exports.getAuthenticationInstant = function (assertion) {
return exports.getAuthenticationStatement(assertion).getAttribute('AuthenticationInstant');
};

exports.getConditions = function(assertion) {
var doc = new xmldom.DOMParser().parseFromString(assertion);
return doc.documentElement.getElementsByTagName('saml:Conditions');
Expand Down

0 comments on commit 0a5afd1

Please sign in to comment.