isValidXml is somethings _a lot_ slow #552
Description
I'm using
"samlify": "^2.8.11"
I'm on AWS lambda environment
In an handler, I an using a controller class to handle login request's from an SP that is using my own implementation as Identity Providers
private readonly _idp: samlify.IdentityProviderInstance
In the constructor I initialize _idp
this._idp = samlify.IdentityProvider({
wantAuthnRequestsSigned: true,
privateKey: fs.readFileSync(IdpConfig.PrivateKeyFilePath), // in .pem format
metadata: this._getRawMetadataXml(), // metadata in xml format
isAssertionEncrypted: false,
loginResponseTemplate: {
context: IdpConfig.IdpResponseTemplate,
attributes: params.attributes,
},
})
then I parse login request
const request = await this._idp.parseLoginRequest(params.sp, params.binding, params.request)
The binding is always redirect
The code is working at 100%, even at high request rate . Very high.
The problem is that sometimes this (the previous) row takes litterally 20 seconds.
We gave 2GB of memory to lambda, without any changes; it's a bit faster, but when this happen, this parse requires 15-20 seconds anyway.
We are able to reproduce 'sometimes' the error using legit requests. And, with same request code, sometimes it happens, rarely but enough to be noticed by our customer.
We deeped dive into your code until 'isValidXml' call. This is the exact call that sometimes is so slow.
=> https://github.com/tngan/samlify/blob/master/src/flow.ts#L74
I am pretty sure it's not a bug of your code, but I cannot imagine what can happens that the SAME request is SOMETIMES requiring 20 seconds to be parsed.
How is isValidXml() working? what does it do? Does it require storage space?