Extend and document the profile object

README.md

@@ -73,6 +73,28 @@ passport.use(new MultiSamlStrategy(
 );
 ```
 
+#### The profile object:
+
+The profile object referenced above contains the following:
+
+```typescript
+type Profile = {
+  issuer?: string;
+  sessionIndex?: string;
+  nameID?: string;
+  nameIDFormat?: string;
+  nameQualifier?: string;
+  spNameQualifier?: string;
+  mail?: string;  // InCommon Attribute urn:oid:0.9.2342.19200300.100.1.3
+  email?: string;  // `mail` if not present in the assertion
+  getAssertionXml(): string;  // get the raw assertion XML
+  getAssertion(): object;  // get the assertion XML parsed as a JavaScript object
+  ID?: string;
+} & {
+  [attributeName: string]: string;  // arbitrary `AttributeValue`s
+}
+```
+
 #### Config parameter details:
 
  * **Core**

lib/passport-saml/saml.js

@@ -718,9 +718,11 @@ SAML.prototype.processValidlySignedAssertion = function(xml, inResponseTo, callb
   var nowMs = new Date().getTime();
   var profile = {};
   var assertion;
+  var parsedAssertion;
   var parser = new xml2js.Parser(parserConfig);
   Q.ninvoke(parser, 'parseString', xml)
   .then(function(doc) {
+	parsedAssertion = doc;
     assertion = doc.Assertion;
 
     var issuer = assertion.Issuer;
@@ -858,7 +860,8 @@ SAML.prototype.processValidlySignedAssertion = function(xml, inResponseTo, callb
     }
 
     if (!profile.mail && profile['urn:oid:0.9.2342.19200300.100.1.3']) {
-      // See http://www.incommonfederation.org/attributesummary.html for definition of attribute OIDs
+      // See https://spaces.internet2.edu/display/InCFederation/Supported+Attribute+Summary
+      // for definition of attribute OIDs
       profile.mail = profile['urn:oid:0.9.2342.19200300.100.1.3'];
     }
 
@@ -867,6 +870,7 @@ SAML.prototype.processValidlySignedAssertion = function(xml, inResponseTo, callb
     }
 
     profile.getAssertionXml = function() { return xml; };
+    profile.getAssertion = function() { return parsedAssertion; };
 
     callback(null, profile, false);
   })