github/oneuptime
1
1
Fork 0
mirror of https://github.com/OneUptime/oneuptime.git synced 2026-04-06 00:32:12 +02:00
Code Issues 193 Packages Projects Releases Wiki Activity

feat: add validation for SAML Assertion length in response handling

Browse Source
This commit is contained in:
Nawaz Dhandala
2026-03-30 21:52:52 +01:00
parent 599e8dda1d
commit 2fd7ede52f
1 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
App/FeatureSet/Identity/Utils/SSO.ts
View File

@@ -81,6 +81,12 @@ export default class SSOUtil {
throw new BadRequestException("SAML Assertion not found");
}
if (samlAssertion.length !== 1) {
throw new BadRequestException(
"Expected exactly one Assertion in SAML Response",
);
}
const samlSubject: JSONArray =
((samlAssertion[0] as JSONObject)["saml2:Subject"] as JSONArray) ||
((samlAssertion[0] as JSONObject)["saml:Subject"] as JSONArray) ||
@@ -158,6 +164,10 @@ export default class SSOUtil {
return null;
}
if (samlAssertion.length !== 1) {
return null;
}
const samlAttributeStatement: JSONArray =
((samlAssertion[0] as JSONObject)[
"saml2:AttributeStatement"
@@ -242,6 +252,12 @@ export default class SSOUtil {
throw new BadRequestException("SAML Assertion not found");
}
if (samlAssertion.length !== 1) {
throw new BadRequestException(
"Expected exactly one Assertion in SAML Response",
);
}
const samlSubject: JSONArray =
((samlAssertion[0] as JSONObject)["saml2:Subject"] as JSONArray) ||
((samlAssertion[0] as JSONObject)["saml:Subject"] as JSONArray) ||