-
Notifications
You must be signed in to change notification settings - Fork 163
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Is still happening: Error: SAML Assertion signature check failed! (checked 1 certificate(s)) #106
Comments
I'm experiencing this as well - did you end up finding a solution?? |
@cpurtlebaugh Yes, see if this helps :) //
// 1. Call service provider constructor with options
//
let sp = new saml2.ServiceProvider({});
//
// 2. Call identity provider constructor with options
//
let idp = new saml2.IdentityProvider({
certificates: CERTIFICATE_FROM_SERVICE_PROVIDER_AS_STRING,
allow_unencrypted_assertion: true
});
//
// 3. Pass the response that we got from the IDP
//
let options = {
request_body: {
RelayState: req.body.RelayState,
SAMLResponse: req.body.SAMLResponse,
}
};
//
// 4. Check the response
//
sp.post_assert(idp, options, function(error, saml_response) {
console.log(saml_response)
//
// 1. Check for potential errors
//
if(error)
{
return reject(error);
}
//
// 2. Add the email to the container
//
container.email = saml_response.user.name_id
//
// -> Move to the next chain
//
return resolve(container)
}); |
happens to me with the same code above (I don't have RelayState) |
these options fixed my issue: const options = { |
@dyaacov I would not ignore the signature, it defeats the purpose ;) |
So, what am I missing? |
Maybe the path to the certificate is wrong? Or you saved the cert in the file incorrectly? (do not copy and paste the cert file here) |
I used certificate from IDP as String instead of reading a file, that fixed my issue |
I had this error with one of the IDPs i'm using. cert was fine. Two things helped to resolve this:
|
Based on the issue here #34, this error seamed to be solved in 2015, but sadly I'm using
"saml2-js": "1.11.0"
and this is still happening 😟:The code that I'm using goes like this:
For testing I'm using Google SSO, and when I use the test URL that they provide I get this:
assertion
pageI hope that someone can point to what I'm doing incorrectly, because I'm out of ideas.
The text was updated successfully, but these errors were encountered: