Skip to content

Commit a05732d

Browse files
cjbarthcjbarth
authored
Use stricter typing in tests (#366)
1 parent 682aca5 commit a05732d

File tree

5 files changed

+165
-141
lines changed

5 files changed

+165
-141
lines changed

test/c14n-non-exclusive-unit-tests.spec.ts

Lines changed: 10 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -7,14 +7,17 @@ import * as utils from "../src/utils";
77

88
const test_C14nCanonicalization = function (xml, xpathArg, expected) {
99
const doc = new xmldom.DOMParser().parseFromString(xml);
10-
const elem = xpath.select1(xpathArg, doc);
10+
const node = xpath.select1(xpathArg, doc);
1111
const can = new C14nCanonicalization();
12-
const result = can
13-
// @ts-expect-error FIXME
14-
.process(elem, {
15-
ancestorNamespaces: utils.findAncestorNs(doc, xpathArg),
16-
})
17-
.toString();
12+
let result = "";
13+
14+
if (xpath.isNodeLike(node)) {
15+
result = can
16+
.process(node, {
17+
ancestorNamespaces: utils.findAncestorNs(doc, xpathArg),
18+
})
19+
.toString();
20+
}
1821

1922
expect(result).to.equal(expected);
2023
};

test/hmac-tests.spec.ts

Lines changed: 30 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -12,14 +12,17 @@ describe("HMAC tests", function () {
1212
"/*/*[local-name(.)='Signature' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']",
1313
doc,
1414
);
15-
const sig = new SignedXml();
16-
sig.enableHMAC();
17-
sig.publicCert = fs.readFileSync("./test/static/hmac.key");
18-
// @ts-expect-error FIXME
19-
sig.loadSignature(signature);
20-
const result = sig.checkSignature(xml);
15+
if (xpath.isNodeLike(signature)) {
16+
const sig = new SignedXml();
17+
sig.enableHMAC();
18+
sig.publicCert = fs.readFileSync("./test/static/hmac.key");
19+
sig.loadSignature(signature);
20+
const result = sig.checkSignature(xml);
2121

22-
expect(result).to.be.true;
22+
expect(result).to.be.true;
23+
} else {
24+
expect(xpath.isNodeLike(signature)).to.be.true;
25+
}
2326
});
2427

2528
it("test HMAC signature with incorrect key", function () {
@@ -29,14 +32,17 @@ describe("HMAC tests", function () {
2932
"/*/*[local-name(.)='Signature' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']",
3033
doc,
3134
);
32-
const sig = new SignedXml();
33-
sig.enableHMAC();
34-
sig.publicCert = fs.readFileSync("./test/static/hmac-foobar.key");
35-
// @ts-expect-error FIXME
36-
sig.loadSignature(signature);
37-
const result = sig.checkSignature(xml);
35+
if (xpath.isNodeLike(signature)) {
36+
const sig = new SignedXml();
37+
sig.enableHMAC();
38+
sig.publicCert = fs.readFileSync("./test/static/hmac-foobar.key");
39+
sig.loadSignature(signature);
40+
const result = sig.checkSignature(xml);
3841

39-
expect(result).to.be.false;
42+
expect(result).to.be.false;
43+
} else {
44+
expect(xpath.isNodeLike(signature)).to.be.true;
45+
}
4046
});
4147

4248
it("test create and validate HMAC signature", function () {
@@ -53,13 +59,16 @@ describe("HMAC tests", function () {
5359
"/*/*[local-name(.)='Signature' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']",
5460
doc,
5561
);
56-
const verify = new SignedXml();
57-
verify.enableHMAC();
58-
verify.publicCert = fs.readFileSync("./test/static/hmac.key");
59-
// @ts-expect-error FIXME
60-
verify.loadSignature(signature);
61-
const result = verify.checkSignature(sig.getSignedXml());
62+
if (xpath.isNodeLike(signature)) {
63+
const verify = new SignedXml();
64+
verify.enableHMAC();
65+
verify.publicCert = fs.readFileSync("./test/static/hmac.key");
66+
verify.loadSignature(signature);
67+
const result = verify.checkSignature(sig.getSignedXml());
6268

63-
expect(result).to.be.true;
69+
expect(result).to.be.true;
70+
} else {
71+
expect(xpath.isNodeLike(signature)).to.be.true;
72+
}
6473
});
6574
});

test/saml-response-tests.spec.ts

Lines changed: 69 additions & 48 deletions
Original file line numberDiff line numberDiff line change
@@ -12,36 +12,45 @@ describe("SAML response tests", function () {
1212
"/*/*[local-name(.)='Signature' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']",
1313
doc,
1414
);
15-
const sig = new SignedXml();
16-
sig.publicCert = fs.readFileSync("./test/static/feide_public.pem");
17-
// @ts-expect-error FIXME
18-
sig.loadSignature(signature);
19-
const result = sig.checkSignature(xml);
15+
if (xpath.isNodeLike(signature)) {
16+
const sig = new SignedXml();
17+
sig.publicCert = fs.readFileSync("./test/static/feide_public.pem");
18+
sig.loadSignature(signature);
19+
const result = sig.checkSignature(xml);
2020

21-
expect(result).to.be.true;
21+
expect(result).to.be.true;
22+
} else {
23+
expect(xpath.isNodeLike(signature)).to.be.true;
24+
}
2225
});
2326

2427
it("test validating wrapped assertion signature", function () {
2528
const xml = fs.readFileSync("./test/static/valid_saml_signature_wrapping.xml", "utf-8");
2629
const doc = new xmldom.DOMParser().parseFromString(xml);
2730
const assertion = xpath.select1("//*[local-name(.)='Assertion']", doc);
28-
const signature = xpath.select1(
29-
"//*[local-name(.)='Signature' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']",
30-
// @ts-expect-error FIXME
31-
assertion,
32-
);
33-
const sig = new SignedXml();
34-
sig.publicCert = fs.readFileSync("./test/static/feide_public.pem");
35-
// @ts-expect-error FIXME
36-
sig.loadSignature(signature);
37-
expect(
38-
function () {
39-
sig.checkSignature(xml);
40-
},
41-
"Should not validate a document which contains multiple elements with the " +
42-
"same value for the ID / Id / Id attributes, in order to prevent " +
43-
"signature wrapping attack.",
44-
).to.throw();
31+
if (xpath.isNodeLike(assertion)) {
32+
const signature = xpath.select1(
33+
"//*[local-name(.)='Signature' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']",
34+
assertion,
35+
);
36+
if (xpath.isNodeLike(signature)) {
37+
const sig = new SignedXml();
38+
sig.publicCert = fs.readFileSync("./test/static/feide_public.pem");
39+
sig.loadSignature(signature);
40+
expect(
41+
function () {
42+
sig.checkSignature(xml);
43+
},
44+
"Should not validate a document which contains multiple elements with the " +
45+
"same value for the ID / Id / Id attributes, in order to prevent " +
46+
"signature wrapping attack.",
47+
).to.throw();
48+
} else {
49+
expect(xpath.isNodeLike(signature)).to.be.true;
50+
}
51+
} else {
52+
expect(xpath.isNodeLike(assertion)).to.be.true;
53+
}
4554
});
4655

4756
it("test validating SAML response where a namespace is defined outside the signed element", function () {
@@ -51,30 +60,39 @@ describe("SAML response tests", function () {
5160
"//*//*[local-name(.)='Signature' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']",
5261
doc,
5362
);
54-
const sig = new SignedXml();
55-
sig.publicCert = fs.readFileSync("./test/static/saml_external_ns.pem");
56-
// @ts-expect-error FIXME
57-
sig.loadSignature(signature);
58-
const result = sig.checkSignature(xml);
59-
expect(result).to.be.true;
63+
if (xpath.isNodeLike(signature)) {
64+
const sig = new SignedXml();
65+
sig.publicCert = fs.readFileSync("./test/static/saml_external_ns.pem");
66+
sig.loadSignature(signature);
67+
const result = sig.checkSignature(xml);
68+
expect(result).to.be.true;
69+
} else {
70+
expect(xpath.isNodeLike(signature)).to.be.true;
71+
}
6072
});
6173

6274
it("test reference id does not contain quotes", function () {
6375
const xml = fs.readFileSync("./test/static/id_with_quotes.xml", "utf-8");
6476
const doc = new xmldom.DOMParser().parseFromString(xml);
6577
const assertion = xpath.select1("//*[local-name(.)='Assertion']", doc);
66-
const signature = xpath.select1(
67-
"//*[local-name(.)='Signature' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']",
68-
// @ts-expect-error FIXME
69-
assertion,
70-
);
71-
const sig = new SignedXml();
72-
sig.publicCert = fs.readFileSync("./test/static/feide_public.pem");
73-
// @ts-expect-error FIXME
74-
sig.loadSignature(signature);
75-
expect(function () {
76-
sig.checkSignature(xml);
77-
}, "id should not contain quotes").to.throw();
78+
if (xpath.isNodeLike(assertion)) {
79+
const signature = xpath.select1(
80+
"//*[local-name(.)='Signature' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']",
81+
assertion,
82+
);
83+
if (xpath.isNodeLike(signature)) {
84+
const sig = new SignedXml();
85+
sig.publicCert = fs.readFileSync("./test/static/feide_public.pem");
86+
sig.loadSignature(signature);
87+
expect(function () {
88+
sig.checkSignature(xml);
89+
}, "id should not contain quotes").to.throw();
90+
} else {
91+
expect(xpath.isNodeLike(signature)).to.be.true;
92+
}
93+
} else {
94+
expect(xpath.isNodeLike(assertion)).to.be.true;
95+
}
7896
});
7997

8098
it("test validating SAML response WithComments", function () {
@@ -84,12 +102,15 @@ describe("SAML response tests", function () {
84102
"/*/*[local-name(.)='Signature' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']",
85103
doc,
86104
);
87-
const sig = new SignedXml();
88-
sig.publicCert = fs.readFileSync("./test/static/feide_public.pem");
89-
// @ts-expect-error FIXME
90-
sig.loadSignature(signature);
91-
const result = sig.checkSignature(xml);
92-
// This doesn't matter, just want to make sure that we don't fail due to unknown algorithm
93-
expect(result).to.be.false;
105+
if (xpath.isNodeLike(signature)) {
106+
const sig = new SignedXml();
107+
sig.publicCert = fs.readFileSync("./test/static/feide_public.pem");
108+
sig.loadSignature(signature);
109+
const result = sig.checkSignature(xml);
110+
// This doesn't matter, just want to make sure that we don't fail due to unknown algorithm
111+
expect(result).to.be.false;
112+
} else {
113+
expect(xpath.isNodeLike(signature)).to.be.true;
114+
}
94115
});
95116
});

0 commit comments

Comments
 (0)