Name ID format not included in assertionInfo

russellhaering / gosaml2

Pure Go implementation of SAML 2.0

Apache License 2.0

326 stars 120 forks source link

Name ID format not included in assertionInfo #54

Open angusshire opened 5 years ago

angusshire commented 5 years ago

The SAML assertion includes the NameID format along with the NameID. For example, a SAML assertion sent back from the IdP could have:

<saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"> 3f7b3dcf-1674-4ecd-92c8-1544f346baf8 </saml:NameID>

Having the NameID format available in AssertionInfo could be useful for service providers if they only accept certain kinds of NameID formats and want to validate based off this field.

joernlenoch commented 3 years ago

We encountered this issue as well.

I've created a simple fix which would resolve this issue: https://github.com/russellhaering/gosaml2/pull/80