I want to sign this:
<saml:Assertion
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
ID="_SomeId"
Version="2.0"
IssueInstant="2004-12-05T09:22:05Z"
>
<saml:Issuer>https://issuer.com</saml:Issuer>
<saml2:Subject>
<saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">api_user</saml2:NameID>
<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml2:SubjectConfirmationData NotOnOrAfter="2020-08-21T09:23:24.511Z" Recipient="https://api.acme.com/oauth/token"/>
</saml2:SubjectConfirmation>
</saml2:Subject>
<saml2:Conditions NotBefore="2020-08-21T09:03:24.511Z" NotOnOrAfter="2024-08-21T09:23:24.511Z">
<saml2:AudienceRestriction>
<saml2:Audience>www.acme.com</saml2:Audience>
</saml2:AudienceRestriction>
</saml2:Conditions>
<saml2:AttributeStatement>
<saml2:Attribute Name="api_key">
<saml2:AttributeValue xsi:type="xs:string">API_KEY</saml2:AttributeValue>
</saml2:Attribute>
</saml2:AttributeStatement>
</saml:Assertion>Doing it like this:
const assertion = '<THE XML HERE>'
const signer = new SignedXml({
// From my X.509 certificate file
privateKey,
publicCert,
});
signer.computeSignature(assertion);
const signedAssertion = signer.getSignedXml();Gives:
Error: error:1E08010C:DECODER routines::unsupported
library: 'DECODER routines',
reason: 'unsupported',
code: 'ERR_OSSL_UNSUPPORTED'
Adding:
signer.addReference({ xpath: "/" }); // since I want to sign the whole document?Gives:
/me/project/node_modules/xml-crypto/src/utils.ts:20
for (let i = 0; i < element.attributes.length; i++) {
^
TypeError: Cannot read properties of null (reading 'length')
at Object.findAttr (/me/project/node_modules/xml-crypto/src/utils.ts:20:42)What am I missing here?
I want to sign this:
Doing it like this:
Gives:
Adding:
Gives:
What am I missing here?