- Download the ADFS metadata file and save it as
FederationMetadata.xml. - Install dependencies with:
npm install [email protected] [email protected] - Run the file:
node calcFSThumbprint.js
Last active
June 9, 2021 00:45
-
-
Save thameera/877d3b9f080d1113f373aa46d32a4fbc to your computer and use it in GitHub Desktop.
Calculate thumbprints from an ADFS metadata file
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const xpath = require('xpath') | |
| const dom = require('xmldom').DOMParser | |
| const crypto = require('crypto') | |
| const fs = require('fs') | |
| const calcThumbprint = function (cert) { | |
| const shasum = crypto.createHash('sha1') | |
| const der = new Buffer(cert, 'base64').toString('binary') | |
| shasum.update(der, 'binary') | |
| return shasum.digest('hex') | |
| } | |
| const xml = fs.readFileSync('./FederationMetadata.xml', 'utf8') | |
| let doc | |
| try { | |
| doc = new dom().parseFromString(xml) | |
| } catch (e) { | |
| console.log('error parsing dom') | |
| process.exit(1) | |
| } | |
| const select = xpath.useNamespaces({ 'xsi': 'http://www.w3.org/2001/XMLSchema-instance' }) | |
| const certs = select("//*[local-name(.)='RoleDescriptor' and @xsi:type='fed:SecurityTokenServiceType']/*[local-name(.)='KeyDescriptor' and @use='signing']/*[local-name(.)='KeyInfo' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']/*[local-name(.)='X509Data']/*[local-name(.)='X509Certificate']/text()", doc) | |
| const thumbprints = certs.map(function (cert) { | |
| return calcThumbprint(cert.toString()) | |
| }); | |
| console.log(thumbprints) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment