Sustainsys / Saml2

Saml2 Authentication services for ASP.NET
Other
961 stars 603 forks source link

Support for EncryptedId #1406

Open ArieGato opened 1 year ago

ArieGato commented 1 year ago

Hi,

I know this has been asked several times and I found at least two (closed) PR's for adding support for EncryptedId. I'm working on an interface with an external SP. We receive an EncryptedId in the Saml2 Response. This results in an exception that originates from the Microsoft Saml2Serializer.

Is this somewhere on the roadmap or Is there something I can do to add support for EncryptedId? And if so, what should be included in that PR?

Kind regards, Arjan

AndersAbel commented 1 year ago

This is something I'd like to get included in v3. I know that development of v3 has been stale, but I think I will have some more time this year to work on it. v3 will not use the Microsoft serializer or token handlar at all, which will give more flexibility to handle encryption and other features that are not available in the MS handler.

ArieGato commented 1 year ago

I really need a solution for this. Would it be a solution to add an IEncryptionHandler interface which can be set as property on SpOptions. Then the ReadEncryptionId can be overridden in the Saml2PSerializer and call a method on that interface. That way we can write our own handler without having to implement it in the Saml library.

AndersAbel commented 1 year ago

All the available unpaid time I can put into the library will go into the dev branch to get a version 3 shipped. Support and feature development target at v2 or v1 is done for paying commercial customers. If you are interested in commercial options to get EncryptedId support implemented, please mail support@sustainsys.com.

ArieGato commented 1 year ago

I don’t mind doing it. I can create a PR for it.

AndersAbel commented 1 year ago

Even a PR requires time for review and for creating a release. No PRs are accepted to v1 or v2 branches unless covered by commercial support.