diff --git a/CHANGELOG.md b/CHANGELOG.md index bc4bd71..455f980 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,8 @@ # Changelog +## 2022-dec-16 (v3.1) +* Fix [#58](https://github.com/prolane/samltoawsstskeys/issues/58). Parse various SAML Assertion AttributeValue syntax in a consistent way. + ## 2022-dec-15 (v3.0) * Code refactoring due to upgrading to Extension Manifest V3 * Improved popup styling diff --git a/background/script.js b/background/script.js index 8f7c902..b5dcc94 100644 --- a/background/script.js +++ b/background/script.js @@ -94,7 +94,8 @@ async function onBeforeRequestEvent(details) { options = { ignoreAttributes: false, attributeNamePrefix : "__", - removeNSPrefix: true + removeNSPrefix: true, + alwaysCreateTextNode: true }; parser = new XMLParser(options); jsObj = parser.parse(samlXmlDoc); @@ -112,7 +113,7 @@ async function onBeforeRequestEvent(details) { } } if (attributes[i].__Name == "https://aws.amazon.com/SAML/Attributes/SessionDuration") { - sessionduration = attributes[i].AttributeValue + sessionduration = attributes[i].AttributeValue['#text'] if (DebugLogs) { console.log('DEBUG: sessionduration:'); console.log(sessionduration); @@ -163,17 +164,18 @@ async function onBeforeRequestEvent(details) { if (attributes_role_list.length > 1 && hasRoleIndex) { if (DebugLogs) console.log('DEBUG: More than one role claimed and role chosen.'); for (i = 0; i < attributes_role_list.length; i++) { - attributes_role_list_item = attributes_role_list[i]; - if (attributes_role_list_item.indexOf(roleIndex) > -1) { + // roleIndex is an AWS IAM Role ARN. + // We need to check which item in attributes_role_list matches with roleIndex as substring + if (attributes_role_list[i]['#text'].indexOf(roleIndex) > -1) { // This item holdes the data for the role to assume. // (i.e. the ARN for the IAM role and the ARN of the saml-provider resource) - attributes_role = attributes_role_list_item + attributes_role = attributes_role_list[i]['#text'] } } } // If there is just 1 role in the claim there will be no 'roleIndex' in the form data. // If there is just one role, the XMLParser does not create a list - else if (attributes_role_list.length == undefined) { + else if (attributes_role_list.hasOwnProperty('#text')) { // This item holdes the data for the role to assume. // (i.e. the ARN for the IAM role and the ARN of the saml-provider resource) // Use "['#text']" selector, because with one role its not a list and we simply need the value diff --git a/manifest.json b/manifest.json index 2c86850..6c0f7e0 100644 --- a/manifest.json +++ b/manifest.json @@ -4,7 +4,7 @@ "homepage_url": "https://github.com/prolane/samltoawsstskeys", "name": "SAML to AWS STS Keys Conversion", "description": "Generates file with AWS STS Keys after logging in to AWS webconsole using SSO (SAML 2.0). It leverages 'assumeRoleWithSAML' API.", - "version": "3.0", + "version": "3.1", "icons": { "16": "icons/icon_16.png", "32": "icons/icon_32.png", "48": "icons/icon_48.png", diff --git a/options/changelog.html b/options/changelog.html index 4bcc5b6..edb28da 100644 --- a/options/changelog.html +++ b/options/changelog.html @@ -20,6 +20,13 @@
+

2022-dec-16
v3.1

+ +
+
+

2022-dec-15
v3.0