Adding wantAssertionsEncrypted and config form element for setting this property (!53) · Merge requests · project / saml_sp

wjuda requested to merge issue/saml_sp-3387115:4.x into 4.x Jun 05, 2024

We want to have out data from the Shibboleth IDP encrypted the only way currently to add a is by setting the wantNameIdEncrypted which adds this tag to the metadata xml but then causes an error in this causes an error with OneLogin.

OneLogin\Saml2\ValidationError: SAML Response that contains an encrypted Assertion with encrypted nameId is not supported. in OneLogin\Saml2\Response->isValid() (line 401 of /code/vendor/onelogin/php-saml/src/Saml2/Response.php).

There is code in the module to allow wantAssertionsEncrypted to add the tag and allow for encryption of data flow from the IDP.

Adding wantAssertionsEncrypted and config form element for setting this property

Merge request reports