17. EPMO Open Source Coordination Office Redaction File Detail Report

Produced by Araxis Merge on 4/18/2019 5:55:13 PM Eastern Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.

17.1 Files compared

# Location File Last Modified
1 MCCF_EDI_TAS_TASCore v2.0_Build_10.zip\MCCF_EDI_TAS_API_Core\src\tas sts.js Wed Apr 3 02:27:58 2019 UTC
2 MCCF_EDI_TAS_TASCore v2.0_Build_10.zip\MCCF_EDI_TAS_API_Core\src\tas sts.js Mon Apr 15 17:54:40 2019 UTC

17.2 Comparison summary

Description Between
Files 1 and 2
Text Blocks Lines
Unchanged 5 166
Changed 4 8
Inserted 0 0
Removed 0 0

17.3 Comparison options

Whitespace
Character case Differences in character case are significant
Line endings Differences in line endings (CR and LF characters) are ignored
CR/LF characters Not shown in the comparison detail

17.4 Active regular expressions

No regular expressions were active.

17.5 Comparison detail

  1   const debu g = requir e('debug') ('security ')
  2  
  3   const $tas  = require ('.')()
  4  
  5   /* istanbu l ignore n ext */
  6   if (proces s.env.TAS_ STS_CERT_P ATH && pro cess.env.T AS_STS_KEY _PATH) {
  7  
  8   const stsE ndpoint =  'https:// DNS . URL : PORT /STS/Reque stSecurity Token'
  9  
  10   const stsR equestTemp late = '<s oap:Envelo pe xmlns:n s1="http:/ /docs.oasi s-open.org /ws-sx/ws- trust/2005 12" xmlns: wss="http: //docs.oas is-open.or g/wss/2004 /01/oasis- 200401-wss -wssecurit y-secext-1 .0.xsd" xm lns:soap=" http://sch emas.xmlso ap.org/soa p/envelope /" xmlns:w sa="http:/ /schemas.x mlsoap.org /ws/2004/0 8/addressi ng" xmlns: wsp="http: //schemas. xmlsoap.or g/ws/2004/ 09/policy"  xmlns:xsd ="http://w ww.w3.org/ 2001/XMLSc hema" xmln s:xsi="htt p://www.w3 .org/2001/ XMLSchema- instance"> <soap:Head er/> \
  11   <soap:Body >  \
  12       <ns1:R equestSecu rityToken> \
  13        <ns1: OnBehalfOf >\
  14           <n s1:Base>\
  15                  <wss:Binar ySecurityT oken Encod ingType="b ase64" Val ueType="ht tp:// DNS               /siteminde r/std_toke n">{{IAM_S ESSION}}</ wss:Binary SecurityTo ken>\
  16           </ ns1:Base>\
  17        </ns1 :OnBehalfO f>\
  18           <w sp:Applies To>\
  19                <wsa:End pointRefer ence>\
  20                      <wsa:Addre ss>https:/ / DNS . URL </wsa:Addr ess>\
  21                </wsa:En dpointRefe rence>\
  22           </ wsp:Applie sTo>\
  23           <n s1:Issuer> \
  24                  <wsa:Addre ss>https:/ / DNS               /Issuer/sm token/SAML 2</wsa:Add ress>\
  25           </ ns1:Issuer >\
  26           <n s1:Request Type>http: //schemas. xmlsoap.or g/ws/2005/ 02/trust/V alidate</n s1:Request Type>\
  27       </ns1: RequestSec urityToken >  \
  28   </soap:Bod y>\
  29   </soap:Env elope>'
  30  
  31   const read Cert = asy nc filenam e => {
  32       debug( 'Loading c ert...')
  33       let va lue = awai t $tas.cac he.get(fil ename)
  34       if (!v alue) {
  35           va lue = awai t $tas.fs. readFile(f ilename)
  36           if  (!value)  {
  37                throw ne w Error('C ertificate  not found . ' + file name)
  38           }
  39           aw ait $tas.c ache.set(f ilename, v alue)
  40           de bug('Cert  loaded and  cached.')
  41       }
  42       else {
  43           de bug('Cert  was cached .')
  44       }
  45       return  value
  46   }
  47  
  48   const stsC all = asyn c iamsessi on => {
  49       debug( 'Calling S TS...')
  50       if (ty peof proce ss.env.TAS _STS_CERT_ PATH === ' undefined'  || typeof  process.e nv.TAS_STS _KEY_PATH  === 'undef ined') {
  51           re turn "MOCK  TOKEN"
  52       }
  53       else {
  54           co nst stsReq uestBody =  stsReques tTemplate. replace(/{ {IAM_SESSI ON}}/, iam session)
  55           co nst key =  await read Cert(proce ss.env.TAS _STS_KEY_P ATH)
  56           co nst cert =  await rea dCert(proc ess.env.TA S_STS_CERT _PATH)
  57           re turn await  webclient (null, {
  58                url: sts Endpoint,
  59                agentOpt ions: { ke y, cert },
  60                body: st sRequestBo dy
  61           })
  62       }
  63   }
  64  
  65   module.exp orts.getSa mlAssertio n = async  iamsession  => {
  66       debug( 'Getting S AML assert ion...')
  67       let va lue = awai t $tas.cac he.get(iam session)
  68       if (!v alue) {
  69           va lue = awai t stsCall( iamsession )
  70           if  (!value)  {
  71                throw ne w Error('U nable to l oad assert ion.')
  72           }
  73           $t as.cache.s et(iamsess ion, value )
  74           de bug('SAML  assertion  loaded and  cached.')
  75       }
  76       else {
  77           de bug('SAML  assertion  was cached .')
  78       }
  79       return  value
  80   }
  81  
  82   module.exp orts = { g etSamlAsse rtion }
  83  
  84   }
  85   else {
  86       module .exports =  { getSaml Assertion:  () => { r eturn "--- --" } }
  87   }