From 0544376c51d9061a7d901c76ce19d0412b8765a1 Mon Sep 17 00:00:00 2001
From: Jose Miguel Colella <josecolella@yahoo.com>
Date: Mon, 17 Dec 2018 17:03:34 -0500
Subject: [PATCH] Add SamlResponseXML method to profile object

This add the ability to extract the original SamlResponseXML as a method in the profile object.
---
 README.md                 | 1 +
 lib/passport-saml/saml.js | 7 ++++---
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 03b8535d..c3a8938e 100644
--- a/README.md
+++ b/README.md
@@ -89,6 +89,7 @@ type Profile = {
   email?: string;  // `mail` if not present in the assertion
   getAssertionXml(): string;  // get the raw assertion XML
   getAssertion(): object;  // get the assertion XML parsed as a JavaScript object
+  getSamlResponseXml(): string; // get the raw SAML response XML
   ID?: string;
 } & {
   [attributeName: string]: string;  // arbitrary `AttributeValue`s
diff --git a/lib/passport-saml/saml.js b/lib/passport-saml/saml.js
index 8e2a9035..295bd016 100644
--- a/lib/passport-saml/saml.js
+++ b/lib/passport-saml/saml.js
@@ -611,7 +611,7 @@ SAML.prototype.validatePostResponse = function (container, callback) {
           !self.validateSignature(xml, assertions[0], certs)) {
         throw new Error('Invalid signature');
       }
-      return self.processValidlySignedAssertion(assertions[0].toString(), inResponseTo, callback);
+      return self.processValidlySignedAssertion(assertions[0].toString(), xml, inResponseTo, callback);
     }
 
     if (encryptedAssertions.length == 1) {
@@ -633,7 +633,7 @@ SAML.prototype.validatePostResponse = function (container, callback) {
               !self.validateSignature(decryptedXml, decryptedAssertions[0], certs))
             throw new Error('Invalid signature from encrypted assertion');
 
-          self.processValidlySignedAssertion(decryptedAssertions[0].toString(), inResponseTo, callback);
+          self.processValidlySignedAssertion(decryptedAssertions[0].toString(), xml, inResponseTo, callback);
         });
     }
 
@@ -863,7 +863,7 @@ SAML.prototype.verifyIssuer = function (samlMessage) {
   }
 };
 
-SAML.prototype.processValidlySignedAssertion = function(xml, inResponseTo, callback) {
+SAML.prototype.processValidlySignedAssertion = function(xml, samlResponseXml, inResponseTo, callback) {
   var self = this;
   var msg;
   var parserConfig = {
@@ -1026,6 +1026,7 @@ SAML.prototype.processValidlySignedAssertion = function(xml, inResponseTo, callb
 
     profile.getAssertionXml = function() { return xml; };
     profile.getAssertion = function() { return parsedAssertion; };
+    profile.getSamlResponseXml = function() { return samlResponseXml; };
 
     callback(null, profile, false);
   })