tngan
Refactor to support encrypted assertions
Support encrypted assertions which was broken during security patch
@h-bragg, @tngan , can you help review this PR.
To run tests we need to:
yarn add @authenio/samlify-xsd-schema-validator
yarn run build
Now this passes all the test cases. (last time, I forgot to run yarn add schema validator, which is why it didn't detect the failing test cases for the encrypted assertions).
To review: extractor depends solely on verified XML i.e. getSignedReferences()
@mastermatt do you plan on proposing any new changes i.e. error handling. If not, I will apply the current feedback and then start the release process for a new version.
This is also breaking for services our teams use that leverage encrypted assertions, and we will not be able to bump until this is released.
I'm fine with the new error handling, I just wanted to make sure it was understood that thrown errors have changed. Whether intentional or not.
Maintainer tngan, says he will review over the weekend. In the meantime, I recommend sponsoring him: https://github.com/sponsors/tngan
@tngan is there a path to getting this live? Anything we can do to help get it over the line?
@davecardwell There's a sponsor link: https://github.com/sponsors/tngan
Here are the tiers:
$50 a month
🎩Professional - feel free to consider this tier if you are an individual and you use my work for a commercial product that is ready for sale.
I will prioritise your requests and issues on my open source projects
$100 a month
👥Partner - feel free to consider this tier if your team and your company use my work in your products.
I will
prioritise your requests and issues on my open source projects
review some of your projects and help you improve
Why don't we see the 2.10.1 version as the last release on github but we do see it on npm? Thank you,
