Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add explicit IdP signing key feedback #1791

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add explicit IdP signing key feedback #1791

wants to merge 1 commit into from

Conversation

pablothedude
Copy link
Contributor

An explicit IdP signing key check is added for easier debugging.

The ease of debugging should outweigh the drawbacks of moving the responsibility of the SAML2 library also to EB and the performance penalties for doing this twice.
#1328

@pablothedude pablothedude force-pushed the feature/add-expicit-signing-key-check branch 2 times, most recently from cefd336 to d6f3eac Compare January 28, 2025 09:35
@pablothedude pablothedude marked this pull request as draft January 28, 2025 10:35
@baszoetekouw baszoetekouw linked an issue Jan 30, 2025 that may be closed by this pull request
Explicit check if signing certificate of SAML response is known #1328
Open
@pablothedude pablothedude force-pushed the feature/add-expicit-signing-key-check branch from 718c5e1 to aba490c Compare February 10, 2025 08:46
@pablothedude
Copy link
Contributor Author

I've added a check to prevent more than one certificate because that doesn't seem to occur.

johanib
johanib reviewed Feb 10, 2025
View reviewed changes
baszoetekouw
baszoetekouw requested changes Feb 10, 2025
View reviewed changes
Copy link
Member

@baszoetekouw baszoetekouw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you please also add tests for this case?

@pablothedude
Copy link
Contributor Author

pablothedude commented Feb 11, 2025
edited
Loading

Could you please also add tests for this case?

I will add a unit test.

@pablothedude pablothedude force-pushed the feature/add-expicit-signing-key-check branch 2 times, most recently from ae4f60c to e63680a Compare February 11, 2025 14:49
@pablothedude
Add explicit IdP signing key feedback
86a9e87 
An explicit IdP signing key check is added for easier debugging.

The ease of debugging should outweigh the drawbacks of moving the
responsibility of the SAML2 library also to EB and the performance
penalties for doing this twice.
#1328
@pablothedude pablothedude force-pushed the feature/add-expicit-signing-key-check branch from e63680a to 86a9e87 Compare February 11, 2025 16:52
@pablothedude pablothedude marked this pull request as ready for review February 11, 2025 16:56
@baszoetekouw
Copy link
Member

Apart from the missing test, this looks good to me!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pmeulen pmeulen pmeulen left review comments

@thijskh thijskh thijskh left review comments

@johanib johanib johanib approved these changes

@baszoetekouw baszoetekouw Awaiting requested review from baszoetekouw

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Explicit check if signing certificate of SAML response is known
5 participants
@pablothedude @baszoetekouw @pmeulen @thijskh @johanib