EnvelopedSignatureReader throws exception reading Advice

[ArieGato]

Version 2.9.2 net48

Hi,

I'm trying to read a Saml Response I get from an SP which contains an Advice. The Advise contains a Signature. I get an exception from the EnvelopedSignatureReader simular to issue #1071

'Microsoft.IdentityModel.Xml.XmlReadException: IDX30019: Unable to read XML. A second <Signature> element was found. The EnvelopedSignatureReader can only process one <Signature>

As a last comment it states that the issue has been fixed. How can I implement this fix?

Kind regards, Arjan Vermunt

[AndersAbel]

Yet one more case where the Microsoft.IdentityModel library doesn't fully support all the variations of how Saml2 work.

For the development work on v3 I have opted to not use Microsoft.IdentityModel at all, but create my own validators. But that will unfortunately not help you if you are on .net 4.8 as v3 will only target .NET...

I'm sorry but I don't think I have any good solution for you if you are stuck on .Net Framework. I think it would require further troubleshooting to understand why it is failing. To fix it within the Saml2 library probably would mean filtering out the signatures completely before calling the Microsoft.IdentityModel library to read the token.