Success Reponse yet I get ERR_EMPTY_ASSERTION

[dtrce]

I have expressjs app configured as SP and using samltest.id as the IdP for testing purposes. Here's what I get for SP initiated SSO response but still get an error when executing sp.parseLoginResponse(idp, 'post', req) on assertion

<saml2p:Status>
  <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
</saml2p:Status>

[tngan]

@dtrce What error did you get?

[dtrce]

Here is the SAML response I get. As you can see the status is Sucess

<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://demo.wobbly.dev/acs" ID="_56cc2d754f86681c773e04abca8d6d53" InResponseTo="_5530ace7-5f3c-43bd-b54f-53675c246e98" IssueInstant="2020-07-29T13:14:50.828Z" Version="2.0">
   <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
   <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
      <ds:SignedInfo>
         <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
         <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
         <ds:Reference URI="#_56cc2d754f86681c773e04abca8d6d53">
            <ds:Transforms>
               <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
               <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
            </ds:Transforms>
            <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
            <ds:DigestValue>...</ds:DigestValue>
         </ds:Reference>
      </ds:SignedInfo>
      <ds:SignatureValue>...</ds:SignatureValue>
      <ds:KeyInfo>
         <ds:X509Data>
            <ds:X509Certificate>MII..</ds:X509Certificate>
         </ds:X509Data>
      </ds:KeyInfo>
   </ds:Signature>
   <saml2p:Status>
      <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
   </saml2p:Status>
   <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
      <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="_09e7a222c6bee4e4726248016899f1d2" Type="http://www.w3.org/2001/04/xmlenc#Element">
         <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
         <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <xenc:EncryptedKey Id="_8cbf34593d809e7250a6b9b0cc6a7af8" Recipient="https://demo.wobbly.dev/sp">
               <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
                  <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
               </xenc:EncryptionMethod>
               <ds:KeyInfo>
                  <ds:X509Data>
                     <ds:X509Certificate>MIIF...</ds:X509Certificate>
                  </ds:X509Data>
               </ds:KeyInfo>
               <xenc:CipherData>
                  <xenc:CipherValue>...</xenc:CipherValue>
               </xenc:CipherData>
            </xenc:EncryptedKey>
         </ds:KeyInfo>
         <xenc:CipherData>
            <xenc:CipherValue>...</xenc:CipherValue>
         </xenc:CipherData>
      </xenc:EncryptedData>
   </saml2:EncryptedAssertion>
</saml2p:Response>

I get ERR_EMPTY_ASSERTION in my nodejs

[Kekekw]

It looks like you have a encrypted assertion, that's maybe why you get this issue. Is your configuration setup for encrypted assertions ?

[alex-maxime]

I have the same issue, how to configure/setup for encrypted assertions ?

[desduvauchelle]

@Alex237 Any change you solved it?

[alex-maxime]

@Alex237 Any change you solved it?

no, i switche to another library for the moment

[tngan]

@desduvauchelle @Alex237

Sorry for late reply. In order to configure for encrypted assertions, you need to setup the key and flag properly. Do you have a sample code snippet to show how to configure the idp and sp?