Skip to content

Allow the digital signature namespace to be at the top level of the SAML response. #123

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
andrewmaillet wants to merge 19 commits into
base: master
Choose a base branch
from
Open

Allow the digital signature namespace to be at the top level of the SAML response. #123

andrewmaillet wants to merge 19 commits into from

Conversation

@andrewmaillet
Copy link
Contributor

@andrewmaillet andrewmaillet commented Nov 20, 2017

We started receiving SAML responses from an IdP (Oracle Access Manager) that had the dsig namespace declared at the top of the response xml instead of on each signature element. The signature verifcation failed due to the xml.toString() before the sig.computeSignature() call. Passing the xmldom object directly instead of the result of the toString call fixed the problem. The toString was not rendering the namespace value in the xml.

Similar issue was solved here:
node-saml/xml-crypto#84

Andrew Maillet and others added 12 commits November 13, 2017 10:52
accept saml response with xml sig namespace at the root level
e76c814 
the xml dsig namespace can be specified at the root of the SAML response
instead of on each Signature element.  The canonincalized xml for the
signature element requires that the namespace declaration be present on
the siganture element.
@andrewmaillet
Merge pull request #2 from Kinvey/back-2900-top-level-dsig-namespace
ce600d3 
BACK-2900 Accept saml response with xml sig namespace at the root level
@r0bot
No signature authn xml method added.
5d92dc5
@r0bot
Lib-js removed from git ignore in order to be used in teh repo directly.
06f3270
@r0bot
Merge pull request #4 from Kinvey/no-signature-xml-method
c145dfc 
No signature xml method
@ivanovit
KDEV-647: Some Idp validates the order of elements in SAML Request.
c23d93b
@ivanovit
Merge pull request #5 from Kinvey/fix-saml-request-order
34b3fd6
Fix npm security problems
e627a0b
Merge pull request #6 from Kinvey/fix-security-problems
7be4929 
Fix npm security problems
@dimofeev
Bump xml-crypto to latest version in order to fix High npm audir secu…
da19963 
…rity issue
@dimofeev
Fixes after xml-crypto update
d914d76
Merge pull request #7 from Kinvey/KDEV-12760-fix-npm-security
7690ecb 
KDEV-1276: Bump xml-crypto to latest version
This was referenced Feb 3, 2021
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@andrewmaillet @r0bot @ivanovit @dimofeev @ventsislav-georgiev @tsvetomir-nedyalkov