azure-activedirectory-identitymodel-extensions-for-dotnet
azure-activedirectory-identitymodel-extensions-for-dotnet copied to clipboard
AzureAD
Adds ReadReferences method
fixes #1449
Adds a ReadReferences method that is called by ReadSignedInfo. ReadReferences makes the same checks as were done previously in ReadSignedInfo.
@gislikonrad this is a good fix as it will maintain the existing behavior, yet allow for extensibility. I would like to add some tests to see explore behavior with multiple references.
@brentschmaltz You mind if I attempt to add some more enhancements to extendability to this class with backwards compatability in mind?
@gislikonrad i would like to put this in next months release as we will be working on our WsTrust work and I would like to coordinate with this PR.
@brentschmaltz Sounds good. There are a few things I might want to add in the mean time, if I don't run out of time. I'm working on an X509SecurityTokenValidator to be used with my SOAP hosting extension for AspNetCore 2.1 and 3.1. Signatures are a bit different with the BinarySecurityToken than they are in Saml and Saml2.
@brentschmaltz I think the few items I need/want to add should go into the WsTrust project. So, for me at least, this could be merged into dev.
What I want to add is the ability to use a SecurityToken to validate a digital signature. So extending DSigSerializer to read the WS-Security SecurityTokenReference element. Then adding an extension method to Signature named Validate where you can pass it an IEnumerable<SecurityToken>.
@gislikonrad we are looking to release an updated version within a week or so and we would like to get this in. Can you rebase against the current dev branch. Sorry for the extra work as we didn't get this in last release.
@gislikonrad if you can rebase this against current dev, we will get this into the next release.
@gislikonrad i think there is value here and we can get this in. There are some conflicts that need to be resolved.