Lint code (#288)

.eslintrc.json

@@ -10,7 +10,7 @@
   },
   "extends": ["eslint:recommended", "prettier"],
   "rules": {
-    "no-console": "warn",
+    "no-console": "error",
     "no-unused-vars": "warn",
     "no-prototype-builtins": "warn"
   }

.vscode/settings.json

@@ -4,6 +4,8 @@
     "canonicalize",
     "canonicalized",
     "codecov",
+    "feide",
+    "reserialization",
     "wsfederation",
     "wssecurity"
   ]

lib/enveloped-signature.js

@@ -18,10 +18,10 @@ EnvelopedSignature.prototype.process = function (node, options) {
   var signatures = xpath.select(".//*[local-name(.)='Signature' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']", node);
   for (var h in signatures) {
     if (!signatures.hasOwnProperty(h)) continue;
-    var signature = signatures[h];
-    var signatureValue = utils.findFirst(signature, ".//*[local-name(.)='SignatureValue']/text()").data;
+    var nodeSignature = signatures[h];
+    var signatureValue = utils.findFirst(nodeSignature, ".//*[local-name(.)='SignatureValue']/text()").data;
     if (expectedSignatureValue === signatureValue) {
-      signature.parentNode.removeChild(signature);
+      nodeSignature.parentNode.removeChild(nodeSignature);
     }
   }
   return node;

lib/signed-xml.js

@@ -340,7 +340,7 @@ SignedXml.findAncestorNs = findAncestorNs;
 
 SignedXml.prototype.checkSignature = function(xml, callback) {
   if (callback != null && typeof callback !== 'function') {
-    throw new Error("Last paramater must be a callback function")
+    throw new Error("Last parameter must be a callback function")
   }
 
   this.validationErrors = []
@@ -358,11 +358,11 @@ SignedXml.prototype.checkSignature = function(xml, callback) {
 
   this.signingKey = this.keyInfoProvider.getKey(this.keyInfo)
   if (!this.signingKey) {
-    var err = new Error("key info provider could not resolve key info " + this.keyInfo)
+    var err2 = new Error("key info provider could not resolve key info " + this.keyInfo)
     if (!callback) {
-      throw err
+      throw err2
     } else {
-      callback(err)
+      callback(err2)
       return
     }
   }
@@ -379,13 +379,13 @@ SignedXml.prototype.checkSignature = function(xml, callback) {
   }
 
   if (!callback) {
-    //Syncronous flow
+    // Synchronous flow
     if (!this.validateSignatureValue(doc)) {
       return false
     }
     return true
   } else {
-    //Asyncronous flow
+    // Asynchronous flow
     this.validateSignatureValue(doc, function (err, isValidSignature) {
       if (err) {
         this.validationErrors.push("invalid signature: the signature value " +
@@ -513,7 +513,7 @@ SignedXml.prototype.validateReferences = function(doc) {
     }
 
     if (elem.length==0) {
-      this.validationErrors.push("invalid signature: the signature refernces an element with uri "+
+      this.validationErrors.push("invalid signature: the signature references an element with uri "+
                         ref.uri + " but could not find such element in the xml")
       return false
     }
@@ -681,7 +681,7 @@ SignedXml.prototype.addReference = function(xpath, transforms, digestAlgorithm,
 }
 
 /**
- * Compute the signature of the given xml (usign the already defined settings)
+ * Compute the signature of the given xml (using the already defined settings)
  *
  * Options:
  *
@@ -701,7 +701,7 @@ SignedXml.prototype.computeSignature = function(xml, opts, callback) {
   }
 
   if (callback != null && typeof callback !== 'function') {
-    throw new Error("Last paramater must be a callback function")
+    throw new Error("Last parameter must be a callback function")
   }
 
   var doc = new Dom().parseFromString(xml),
@@ -775,17 +775,17 @@ SignedXml.prototype.computeSignature = function(xml, opts, callback) {
   // A trick to remove the namespaces that already exist in the xml
   // This only works if the prefix and namespace match with those in te xml
   var dummySignatureWrapper = "<Dummy " + existingPrefixesString + ">" + signatureXml + "</Dummy>"
-  var xml = new Dom().parseFromString(dummySignatureWrapper)
-  var signatureDoc = xml.documentElement.firstChild;
+  var nodeXml = new Dom().parseFromString(dummySignatureWrapper)
+  var signatureDoc = nodeXml.documentElement.firstChild;
 
   var referenceNode = xpath.select(location.reference, doc);
 
   if (!referenceNode || referenceNode.length === 0) {
-    var err = new Error("the following xpath cannot be used because it was not found: " + location.reference);
+    var err2 = new Error("the following xpath cannot be used because it was not found: " + location.reference);
     if (!callback) {
-      throw err
+      throw err2
     } else {
-      callback(err, null)
+      callback(err2, null)
       return
     }
   }
@@ -805,11 +805,11 @@ SignedXml.prototype.computeSignature = function(xml, opts, callback) {
   this.signatureNode = signatureDoc
   var signedInfoNode = utils.findChilds(this.signatureNode, "SignedInfo")
   if (signedInfoNode.length == 0) {
-    var err = new Error("could not find SignedInfo element in the message")
+    var err3 = new Error("could not find SignedInfo element in the message")
     if (!callback) {
-      throw err
+      throw err3
     } else {
-      callback(err)
+      callback(err3)
       return
     }
   }
@@ -934,8 +934,8 @@ SignedXml.prototype.getCanonXml = function(transforms, node, options) {
     var transform = this.findCanonicalizationAlgorithm(transforms[t])
     canonXml = transform.process(canonXml, options);
     //TODO: currently transform.process may return either Node or String value (enveloped transformation returns Node, exclusive-canonicalization returns String).
-    //This eitehr needs to be more explicit in the API, or all should return the same.
-    //exclusive-canonicalization returns String since it builds the Xml by hand. If it had used xmldom it would inccorectly minimize empty tags
+    //This either needs to be more explicit in the API, or all should return the same.
+    //exclusive-canonicalization returns String since it builds the Xml by hand. If it had used xmldom it would incorrectly minimize empty tags
     //to <x/> instead of <x></x> and also incorrectly handle some delicate line break issues.
     //enveloped transformation returns Node since if it would return String consider this case:
     //<x xmlns:p='ns'><p:y/></x>

test/c14nWithComments-unit-tests.js

@@ -185,7 +185,7 @@ module.exports = {
   },
 
 
-  "Exclusive canonicalization preserves white space bewteen elements": function (test) {
+  "Exclusive canonicalization preserves white space between elements": function (test) {
     compare(test, 
       "<root><child><inner>123</inner>\n</child></root>",
       "//*[local-name(.)='child']", 

test/canonicalization-unit-tests.js

@@ -195,6 +195,7 @@ module.exports = {
 
   "Exclusive canonicalization works on xml with element values with special characters": function (test) {
     compare(test,
+      // eslint-disable-next-line no-useless-escape
         "<root><child><innerEncoded>&amp;&lt;>&quot;11&#xD;</innerEncoded><innerUnencoded>&>\"11\r\</innerUnencoded></child></root>",
         "//*[local-name(.)='child']",
         "<child><innerEncoded>&amp;&lt;&gt;\"11&#xD;</innerEncoded><innerUnencoded>&amp;&gt;\"11\n</innerUnencoded></child>")

test/signature-integration-tests.js

@@ -151,7 +151,6 @@ module.exports = {
     sig.computeSignature(xml)      
 
     var signed = sig.getSignedXml();
-    console.log(signed);
 
     var doc = new Dom().parseFromString(signed);
 

test/signature-unit-tests.js

@@ -7,7 +7,7 @@ var select = require('xpath').select
 
 module.exports = {
 
-  "signer adds increasing id atributes to elements": function (test) {
+  "signer adds increasing id attributes to elements": function (test) {
     verifyAddsId(test, "wssecurity", "equal")
     verifyAddsId(test, null, "different")
     test.done();
@@ -131,14 +131,14 @@ module.exports = {
   "signer creates signature with correct structure": function(test) {
 
     function DummyKeyInfo() {
-      this.getKeyInfo = function(key) {
+      this.getKeyInfo = function() {
         return "dummy key info"
       }
     }
 
     function DummyDigest() {
 
-      this.getHash = function(xml) {
+      this.getHash = function() {
         return "dummy digest"
       }
 
@@ -149,7 +149,7 @@ module.exports = {
 
     function DummySignatureAlgorithm() {
 
-      this.getSignature = function(xml, signingKey) {
+      this.getSignature = function() {
         return "dummy signature"
       }
 
@@ -160,7 +160,7 @@ module.exports = {
     }
 
     function DummyTransformation() {
-      this.process = function(node) {
+      this.process = function() {
         return "< x/>"
       }
 
@@ -170,7 +170,7 @@ module.exports = {
     }
 
     function DummyCanonicalization() {
-      this.process = function(node) {
+      this.process = function() {
         return "< x/>"
       }
 
@@ -283,14 +283,14 @@ module.exports = {
     var prefix = 'ds';
 
     function DummyKeyInfo() {
-      this.getKeyInfo = function(key) {
+      this.getKeyInfo = function() {
         return "<ds:dummy>dummy key info</ds:dummy>"
       }
     }
 
     function DummyDigest() {
 
-      this.getHash = function(xml) {
+      this.getHash = function() {
         return "dummy digest"
       }
 
@@ -301,7 +301,7 @@ module.exports = {
 
     function DummySignatureAlgorithm() {
 
-      this.getSignature = function(xml, signingKey) {
+      this.getSignature = function( ) {
         return "dummy signature"
       }
 
@@ -312,7 +312,7 @@ module.exports = {
     }
 
     function DummyTransformation() {
-      this.process = function(node) {
+      this.process = function() {
         return "< x/>"
       }
 
@@ -322,7 +322,7 @@ module.exports = {
     }
 
     function DummyCanonicalization() {
-      this.process = function(node) {
+      this.process = function() {
         return "< x/>"
       }
 
@@ -505,7 +505,7 @@ module.exports = {
     sig.addReference("//*[local-name(.)='y']")
     sig.addReference("//*[local-name(.)='w']")
 
-    sig.computeSignature(xml, function(err) {
+    sig.computeSignature(xml, function() {
       var signedXml = sig.getSignedXml()
       var expected = "<root><x xmlns=\"ns\" Id=\"_0\"/><y attr=\"value\" Id=\"_1\"/><z><w Id=\"_2\"/></z>" +
         "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\">" +
@@ -613,10 +613,10 @@ module.exports = {
 
   "signer adds existing prefixes": function(test) {
     function AssertionKeyInfo(assertionId) {
-      this.getKeyInfo = function(key, prefix) {
+      this.getKeyInfo = function() {
         return '<wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1" wsu:Id="0" ' +
               'xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"> ' +
-              '<wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">'+assertionId+'</wsse:KeyIdentifier>'
+              '<wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">'+assertionId+'</wsse:KeyIdentifier>' +
           '</wsse:SecurityTokenReference>';
       };
     }
@@ -648,7 +648,7 @@ module.exports = {
         wsu: "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
       }
     });
-    result = sig.getSignedXml();
+    var result = sig.getSignedXml();
     test.equal((result.match(/xmlns:wsu=/g) || []).length, 1)
     test.equal((result.match(/xmlns:wsse=/g) || []).length, 1)
     test.done();
@@ -825,7 +825,7 @@ function verifySignature(xml, mode) {
   sig.keyInfoProvider = new FileKeyInfo("./test/static/client_public.pem")
   sig.loadSignature(node)
   var res = sig.checkSignature(xml)
-  console.log(sig.validationErrors)
+
   return res;
 }
 
@@ -835,10 +835,10 @@ function verifyDoesNotDuplicateIdAttributes(test, mode, prefix) {
   sig.signingKey = fs.readFileSync("./test/static/client.pem")
   sig.addReference("//*[local-name(.)='x']")
   sig.computeSignature(xml)
-  var signedxml = sig.getOriginalXmlWithIds()
-  var doc = new dom().parseFromString(signedxml)
+  var signedXml = sig.getOriginalXmlWithIds()
+  var doc = new dom().parseFromString(signedXml)
   var attrs = select("//@*", doc)
-  test.equals(2, attrs.length, "wrong nuber of attributes")
+  test.equals(2, attrs.length, "wrong number of attributes")
 
 }
 
@@ -852,10 +852,10 @@ function verifyAddsId(test, mode, nsMode) {
   sig.addReference("//*[local-name(.)='w']")
 
   sig.computeSignature(xml)
-  var signedxml = sig.getOriginalXmlWithIds()
-  var doc = new dom().parseFromString(signedxml)
+  var signedXml = sig.getOriginalXmlWithIds()
+  var doc = new dom().parseFromString(signedXml)
 
-  op = nsMode == "equal" ? "=" : "!="
+  var op = nsMode == "equal" ? "=" : "!="
 
   var xpath = "//*[local-name(.)='{elem}' and '_{id}' = @*[local-name(.)='Id' and namespace-uri(.)" + op + "'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd']]"