Certificate validation for RSA is optional? #225
Comments
|
Thanks for the kind words, @gotjosh. Your change looks good to me. My only concern is that the name of the function ( Thanks for the contribution! |
|
Thank you for the fast response @crewjam. PR incoming. |
|
ref PR #226 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi @crewjam π,
First of all, thank you very much for your hard work on this library πββοΈ. It has helped us provide a SAML integration that our customers love. Sadly, I'm not here only to deliver good news.
We've faced many problems while attempting to use the library with Keycloak as an IdP. One of them is that when using encrypted assertions (using RSA encryption) they don't provide a certificate within the ACS for us to validate against.
We've opted to remove this validation in a fork we've recently created. However, we would love to continue using upstream and contribute back if possible.
Please let me know if this is something that makes sense as I would love to put up a PR for you to review.
You can find more details of the change here: grafana#1
The text was updated successfully, but these errors were encountered: