Closed Philonous closed 1 year ago
Fixed the failing tests
I think I've addressed all the comments in new requests and I've re-based the PR onto master.
@Philonous I made the few last changes, rebased this, and merged it. Thank you for again your work on this! 😄
This PR adds support for
InResponseTo
inResponse
elementsinResponseTo
toResult
typevalidateResponse
function to return it together with the validated assertionMUST
) be matched to request IDs, also depending on if unsolicited assertions are allowed.According to saml-core [1]:
Also compare this stack exchange post [2] which argues that this value should be validated
I don't think this validation has to happen within this library, but it should be returned so that callers of the library can implement it themselves, similar to how checks for duplicate
assertionId
are left as an exercise to the reader :sweat_smile:Checklist
@since
annotations.