Closed Sabareesh-LD closed 7 months ago
Based on your example code you try to configure node-saml with wantAuthnResponseSigned: false
.
Stacktrace that you posted
Error: Invalid document signature at SAML.validatePostResponseAsync (/var/task/node_modules/@node-saml/node-saml/lib/saml.js:510:23)
comes from @node-saml/node-saml
library's these JS lines:
if (this.options.wantAuthnResponseSigned === true && validSignature === false) {
throw new Error("Invalid document signature");
}
see: https://www.npmjs.com/package/@node-saml/node-saml/v/4.0.5?activeTab=code and lib/saml.js
line 510
And if you search for @node-saml/node-saml
codebase with information provided at stacktrace you shall see these TS lines:
if (this.options.wantAuthnResponseSigned === true && validSignature === false) {
throw new Error("Invalid document signature");
}
https://github.com/node-saml/node-saml/blob/v4.0.5/src/saml.ts#L695-L697
If wantAuthnResponseSigned
would have had value false
from node-saml point of view it would have considered missing or invalid document level signature as "soft error" and proceeded to check whether assertion is signed.
Use e.g. step debugger to find out why your effective node-saml configuration is not what you want it to be.
@Sabareesh-LD btw. why did you report this #890 as an issue/bug instead of using discussions? You said it yourself at the issue report that you are seeking debug help and content of your bug report doesn't seem to have any indication of bug related to node-saml / passport-saml.
Hi,
Could you guys help me fix this issue, I have checked the previous issues that were raised related to the same issue and tried to fix it with the solution given but it doesn't help me. Iam developing the SAML Auth in NestJS
Error:
Versions:
Node: v18.16.0 NestJs: 9.5.0 @node-saml/passport-saml: "^4.0.4"
Previous bug: https://github.com/node-saml/passport-saml/issues/859, https://github.com/node-saml/passport-saml/issues/839
Code: AuthController
SamlAuthGuard
SamlStrategy
Iam not sure where iam missing something or how to debug and fix it.