fix all vulnerabilities in the production code (#817)

Signed-off-by: Denis barbaron <denis.barbaron@orange.com>
2026-04-18 07:53:22 +02:00 · 2024-11-29 11:02:11 +01:00
parent 2f54e40206
commit 872b0bcbd8
26 changed files with 160 additions and 13627 deletions
--- a/lib/units/auth/saml2.js
+++ b/lib/units/auth/saml2.js
@@ -7,7 +7,7 @@ var http = require('http')

 var express = require('express')
 var passport = require('passport')
-var SamlStrategy = require('passport-saml').Strategy
+var SamlStrategy = require('@node-saml/passport-saml').Strategy
 var bodyParser = require('body-parser')
 var _ = require('lodash')

@@ -54,7 +54,7 @@ module.exports = function(options) {

  if (options.saml.certPath) {
    samlConfig = _.merge(samlConfig, {
-      cert: fs.readFileSync(options.saml.certPath).toString()
+      idpCert: fs.readFileSync(options.saml.certPath).toString()
    })
  }