Add support for tracking which notes have been validated

node-saml · Sep 18, 2023 · 16b81bc · 16b81bc
1 parent 3cf5e51
commit 16b81bc
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 0 deletions.
diff --git a/src/signed-xml.ts b/src/signed-xml.ts
@@ -451,6 +451,7 @@ export class SignedXml {
       const validationError = new Error(
         `invalid signature: the signature references an element with uri ${ref.uri} but could not find such element in the xml`,
       );
+      ref.validationError = validationError;
       this.validationErrors.push(validationError.message);
       return false;
     }
@@ -463,11 +464,20 @@ export class SignedXml {
       const validationError = new Error(
         `invalid signature: for uri ${ref.uri} calculated digest is ${digest} but the xml to validate supplies digest ${ref.digestValue}`,
       );
+      ref.validationError = validationError;
       this.validationErrors.push(validationError.message);
 
       return false;
     }
 
+    ref.getValidatedNode = () => {
+      if (typeof ref.xpath !== "string") {
+        return null;
+      }
+      const selectedValue = xpath.select1(ref.xpath, doc);
+      return isDomNode.isNodeLike(selectedValue) ? selectedValue : null;
+    };
+
     return true;
   }
 
@@ -657,6 +667,7 @@ export class SignedXml {
       digestValue,
       inclusiveNamespacesPrefixList,
       isEmptyUri,
+      getValidatedNode: () => null,
     });
   }
 

diff --git a/src/types.ts b/src/types.ts
@@ -129,6 +129,10 @@ export interface Reference {
 
   // Optional. The type of the reference node.
   ancestorNamespaces?: NamespacePrefix[];
+
+  validationError?: Error;
+
+  getValidatedNode(): Node | null;
 }
 
 /** Implement this to create a new CanonicalizationOrTransformationAlgorithm */