Comments (2)
charl
commented on July 19, 2024
The decoded assertion XML looks like:
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="_f7c18a563bada5a53a02" InResponseTo="_0db217fa-99a8-40ba-9de7-5840bd93e7d4" Version="2.0" IssueInstant="2019-11-12T10:48:45Z" Destination="http://localhost:8181/v1/_saml_callback">
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">http://example.com/saml/acs/example</saml:Issuer>
<samlp:Status>
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
</samlp:Status>
<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Version="2.0" ID="_zpFqVARey6JzaE6PqrO9ibve9ezQktsQ" IssueInstant="2019-11-12T10:48:45.961Z">
<saml:Issuer>http://example.com/saml/acs/example</saml:Issuer>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#_zpFqVARey6JzaE6PqrO9ibve9ezQktsQ">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>HmLYbad7jtiGfak3ATYP895cgK8=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>ZNoVxGROREXS9OPfE9YhA4sqTkYDVtm1/F8x07AcAHjfMDzv2yZvxMb5k93LrZo1tOecc7h6IlaUfmeDBGDM/G6A+hm0BKZFdHlNZmXVSZnkhHF5thfjooo2mkUO1x3teDlBU167uqSEpUYvDUvPL6QDt87HEl2J88R2haKyBh+S2EbChACvhdHm8jjRLBIYuwVzHNBlxTxx7vQj+bcxJVgGkyGcu48qGatSwn/ZIpduExOnpj0RceXNl5B7rt3z0L83XeZ03xbEdQUKivmHPlKUOXmKXuo1ZwBSNF5PF9AKzYLs1AwVigl5wjleXOs+xWb6RUnVu3cK7EKxAIDl0g==</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>MIIDPDCCAiQCCQDydJgOlszqbzANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEQMA4GA1UEChMHSmFua3lDbzESMBAGA1UEAxMJbG9jYWxob3N0MB4XDTE0MDMxMjE5NDYzM1oXDTI3MTExOTE5NDYzM1owYDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xEDAOBgNVBAoTB0phbmt5Q28xEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMGvJpRTTasRUSPqcbqCG+ZnTAurnu0vVpIG9lzExnh11o/BGmzu7lB+yLHcEdwrKBBmpepDBPCYxpVajvuEhZdKFx/Fdy6j5mH3rrW0Bh/zd36CoUNjbbhHyTjeM7FN2yF3u9lcyubuvOzr3B3gX66IwJlU46+wzcQVhSOlMk2tXR+fIKQExFrOuK9tbX3JIBUqItpI+HnAow509CnM134svw8PTFLkR6/CcMqnDfDK1m993PyoC1Y+N4X9XkhSmEQoAlAHPI5LHrvuujM13nvtoVYvKYoj7ScgumkpWNEvX652LfXOnKYlkB8ZybuxmFfIkzedQrbJsyOhfL03cMECAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAeHwzqwnzGEkxjzSD47imXaTqtYyETZow7XwBc0ZaFS50qRFJUgKTAmKS1xQBP/qHpStsROT35DUxJAE6NY1Kbq3ZbCuhGoSlY0L7VzVT5tpu4EY8+Dq/u2EjRmmhoL7UkskvIZ2n1DdERtd+YUMTeqYl9co43csZwDno/IKomeN5qaPc39IZjikJ+nUC6kPFKeu/3j9rgHNlRtocI6S1FdtFz9OZMQlpr0JbUt2T3xS/YoQJn6coDmJL5GTiiKM6cOe+Ur1VwzS1JEDbSS2TWWhzq8ojLdrotYLGd9JOsoQhElmz+tMfCFQUFLExinPAyy7YHlSiVX13QH2XTu/iQQ==</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
<saml:Subject>
<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">[email protected]</saml:NameID>
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml:SubjectConfirmationData NotOnOrAfter="2019-11-12T11:48:45.961Z" Recipient="http://localhost:8181/v1/_saml_callback" InResponseTo="_0db217fa-99a8-40ba-9de7-5840bd93e7d4"/>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotBefore="2019-11-12T10:48:45.961Z" NotOnOrAfter="2019-11-12T11:48:45.961Z">
<saml:AudienceRestriction>
<saml:Audience>http://example.com/saml/acs/example</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AttributeStatement xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<saml:Attribute Name="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">
<saml:AttributeValue xsi:type="xs:anyType">[email protected]</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="Email">
<saml:AttributeValue xsi:type="xs:anyType">[email protected]</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="FirstName">
<saml:AttributeValue xsi:type="xs:anyType">Charl</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="LastName">
<saml:AttributeValue xsi:type="xs:anyType">Matthee</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
<saml:AuthnStatement AuthnInstant="2019-11-12T10:48:45.961Z">
<saml:AuthnContext>
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef>
</saml:AuthnContext>
</saml:AuthnStatement>
</saml:Assertion>
</samlp:Response>
from gosaml2.
charl
commented on July 19, 2024
Moving on.
from gosaml2.
Related Issues (20)
- assertionInfo.WarningInfo.InvalidTime using time finer than milliseconds
- Security policy link not working HOT 1
- Support Uncompressed SAML
- How to ignore the received public encryption certificate
- Possible Vulnerability: Auth Request sends the service providers validation certificate HOT 2
- panic on crypto/cipher: input not full blocks
- IdentityProviderSSOBinding and buildAuthnRequest HOT 1
- SPKeyStore HOT 2
- Does not work with samltest.id HOT 1
- Reparse the signed XML
- How do i generate SP MetaData File Using gosaml2 HOT 1
- Push a new tag and release HOT 2
- Add proper documentation on different functions available HOT 2
- samlp:NameIDPolicy Format attribute is written even if unspecified, causing Azure AD problems HOT 2
- HTTP-Redirect: Missing Signature and SigAlg parameters in SAMLRequest Url (AuthNRequest) HOT 1
- Sso saml for okta using this package
- Decrypt assertion returns wrong error value HOT 1
- validate does not check SessionNotOnOrAfter for expiration
- Missing exported function BuildAuthURLWithRedirect HOT 1
- [CVE-2020-7731] CWE-476: NULL Pointer Dereference? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gosaml2.