Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
function adjustSecurityPolicy(channel, userTokenPolicy_securityPolicyUri) {
// check that userIdentityToken
let securityPolicy = fromURI(userTokenPolicy_securityPolicyUri);
// if the security policy is not specified we use the session security policy
if (securityPolicy === SecurityPolicy.Invalid) {
securityPolicy = fromURI(channel.clientSecurityHeader.securityPolicyUri);
assert(securityPolicy);
}
return securityPolicy;
}
function adjustSecurityPolicy(channel, userTokenPolicy_securityPolicyUri) {
// check that userIdentityToken
let securityPolicy = fromURI(userTokenPolicy_securityPolicyUri);
// if the security policy is not specified we use the session security policy
if (securityPolicy === SecurityPolicy.Invalid) {
securityPolicy = fromURI(channel.clientSecurityHeader.securityPolicyUri);
assert(securityPolicy);
}
return securityPolicy;
}
* OPC Unified Architecture 1.0.4: Part 4 155
* Each UserIdentityToken allowed by an Endpoint shall have a UserTokenPolicy specified in the
* EndpointDescription. The UserTokenPolicy specifies what SecurityPolicy to use when encrypting
* or signing. If this SecurityPolicy is omitted then the Client uses the SecurityPolicy in the
* EndpointDescription. If the matching SecurityPolicy is set to None then no encryption or signature
* is required.
*
*/
const userTokenPolicy = findUserTokenPolicy(endpoint_desc, UserIdentityTokenType.USERNAME);
// istanbul ignore next
if (!userTokenPolicy) {
throw new Error("Cannot find USERNAME user token policy in end point description");
}
let securityPolicy = fromURI(userTokenPolicy.securityPolicyUri);
// if the security policy is not specified we use the session security policy
if (securityPolicy === SecurityPolicy.Invalid) {
securityPolicy = session._client._secureChannel.securityPolicy;
assert(securityPolicy);
}
let identityToken;
let serverCertificate = session.serverCertificate;
// if server does not provide certificate use unencrypted password
if (!serverCertificate) {
identityToken = new UserNameIdentityToken({
encryptionAlgorithm: null,
password: Buffer.from(password, "utf-8"),
policyId: userTokenPolicy ? userTokenPolicy.policyId : null,
userName: userName,
function matching_endpoint(
securityMode: MessageSecurityMode,
securityPolicy: SecurityPolicy,
endpointUrl: string | undefined,
endpoint: EndpointDescription
): boolean {
assert(endpoint instanceof EndpointDescription);
const endpoint_securityPolicy = fromURI(endpoint.securityPolicyUri);
if (endpointUrl && endpoint.endpointUrl! !== endpointUrl) {
return false;
}
return (endpoint.securityMode === securityMode && endpoint_securityPolicy === securityPolicy);
}
function matching_endpoint(
securityMode: MessageSecurityMode,
securityPolicy: SecurityPolicy,
endpointUrl: string | undefined,
endpoint: EndpointDescription
): boolean {
assert(endpoint instanceof EndpointDescription);
const endpoint_securityPolicy = fromURI(endpoint.securityPolicyUri);
if (endpointUrl && endpoint.endpointUrl! !== endpointUrl) {
return false;
}
return (endpoint.securityMode === securityMode && endpoint_securityPolicy === securityPolicy);
}