You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It looks like this library, when signing, will find the first Signature and compute the Digest/Signature values for that. Is it possible to use this library also when you want to sign both the Message and the Assertions in a SAML response document - thus you would have two Signature blocks in the xml documents to sign both the whole document and then also the assertions.
You could potentially still accomplish this by just passing in the Assertion segment, signing it, and inserting it back into the main doc. Then sign the whole message. I have not tested this, but if I'm understanding your use case correctly, it may work.
A code change would be required to do this in a single step. If you want to submit a PR for it, I'm certainly open to that.
It looks like this library, when signing, will find the first Signature and compute the Digest/Signature values for that. Is it possible to use this library also when you want to sign both the Message and the Assertions in a SAML response document - thus you would have two Signature blocks in the xml documents to sign both the whole document and then also the assertions.
Example of such a document with two Signature tags can be seen here: https://developers.onelogin.com/saml/examples/response#:~:text=A%20SAML%20Response%20is%20sent,NameID%20%2F%20attributes%20of%20the%20user.&text=A%20signed%20SAML%20Response%20with%20an%20encrypted%20Assertion,with%20an%20encrypted%20signed%20Assertion
The text was updated successfully, but these errors were encountered: