-
Notifications
You must be signed in to change notification settings - Fork 121
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
okta service integration {error, bad_digest} (lack of support of InclusiveNamespaces?) #7
Comments
Is this the actual XML it's presenting? Without any xmlns: attributes? It seems weird that something that's asking for an InclusiveNamespace would not declare any namespaces at all, since the point of that option is to ask for a namespace to not be moved around... |
You are right this was wrong xml. I updated initial post with link to correct one. |
After this, we also check the signature method and c14n method to make sure they're the ones that we actually support (now we will crash if they are not). Will add some tests for this later, generating small XML to test it is quite complicated at the moment (since they need to be signed in the new canonical form). Probably solves #7
I can successfully verify the xml from your google drive now, after b6f3a91. Want to test again and let me know how it goes? |
TS-2979 - SAML: enhancement Auto-populate SAML username field with TT…
Signature verification is working fine when AttributeStatement is not presented.
But if okta started send user attributes i got {error,bad_digest} error.
I noticed that difference between this responses in additional child for Transform element:
https://drive.google.com/#folders/0BzsH_XaDBRd7SV9XLWVLLWlzMlk
The text was updated successfully, but these errors were encountered: