Closed tcrossland closed 5 years ago
Would you be interested in this PR to support encrypted assertions?
Our use case is integration with ADFS (Active Directory Federation Services) as the IDP, I've only implemented decryption for the methods that appear in the SAMLResponses we receive (http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p and http://www.w3.org/2001/04/xmlenc#aes256-cbc).
I haven't had time to create unit tests for this scenario yet, but have tested it successfully with live responses. The auth flow for unencrypted Assertions is not affected.
Thanks @handnot2 !
tcrossland
commented
5 years ago
Would you be interested in this PR to support encrypted assertions?
Our use case is integration with ADFS (Active Directory Federation Services) as the IDP, I've only implemented decryption for the methods that appear in the SAMLResponses we receive (http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p and http://www.w3.org/2001/04/xmlenc#aes256-cbc).
I haven't had time to create unit tests for this scenario yet, but have tested it successfully with live responses. The auth flow for unencrypted Assertions is not affected.