isValidXml is somethings _a lot_ slow

[realtebo]

I'm using

"samlify": "^2.8.11"

I'm on AWS lambda environment

In an handler, I an using a controller class to handle login request's from an SP that is using my own implementation as Identity Providers

private readonly _idp: samlify.IdentityProviderInstance

In the constructor I initialize _idp

this._idp = samlify.IdentityProvider({
        wantAuthnRequestsSigned: true,
        privateKey: fs.readFileSync(IdpConfig.PrivateKeyFilePath), // in .pem format
        metadata: this._getRawMetadataXml(), // metadata in xml format
        isAssertionEncrypted: false,
        loginResponseTemplate: {
            context: IdpConfig.IdpResponseTemplate,
            attributes: params.attributes,
        },
    })

then I parse login request

    const request = await this._idp.parseLoginRequest(params.sp, params.binding, params.request)

The binding is always redirect

The code is working at 100%, even at high request rate . Very high.
The problem is that sometimes this (the previous) row takes litterally 20 seconds.

We gave 2GB of memory to lambda, without any changes; it's a bit faster, but when this happen, this parse requires 15-20 seconds anyway.

We are able to reproduce 'sometimes' the error using legit requests. And, with same request code, sometimes it happens, rarely but enough to be noticed by our customer.

We deeped dive into your code until 'isValidXml' call. This is the exact call that sometimes is so slow.

=> https://github.com/tngan/samlify/blob/master/src/flow.ts#L74

I am pretty sure it's not a bug of your code, but I cannot imagine what can happens that the SAME request is SOMETIMES requiring 20 seconds to be parsed.

How is isValidXml() working? what does it do? Does it require storage space?