tvdijen
commented
3 years ago Thanks @phelan ! Makes total sense! I've asked my fellow dev to look at this before we merge it
Closed phelan closed 2 years ago
tvdijen
commented
3 years ago Thanks @phelan ! Makes total sense! I've asked my fellow dev to look at this before we merge it
tvdijen
commented
3 years ago @phelan How did you end up with an assertion that starts with a newline? Was it created using this library, or is it some other product send it to you? We kinda feel that the newline should have never ended up in the encrypted assertion in the first place.
phelan
commented
3 years ago A customer's idp send it to me, i can't ask them to trim the assertion, only have to trim it myself
tvdijen
commented
3 years ago Can you ask them what software they're using for their IDP? Or can you perhaps derive this info from their metadata?
phelan
commented
3 years ago @tvdijen I find this in metadata, may be SAML Artifact Resolution Services
tvdijen
commented
3 years ago That's not a product.. That's just part of the SAML protocol.. Sometimes the URLs in the metadata give away the name of the product.
phelan
commented
3 years ago I cant't find any other useful information in the metadata, may be they write the wrong code to build the assertion xml, because a well-formed XML documents can't starts with a newline character, i will checkout with them, thanks @tvdijen
when the assertion xml is start with a "\n", $newDoc->firstChild->firstChild got a DOMText but not DOMElement, trim xml will fix this