pysaml2 icon indicating copy to clipboard operation
pysaml2 copied to clipboard
verified publisher icon IdentityPython

Malformed SubjectConfirmationData in Response

Open peppelinux opened this issue 5 years ago • 0 comments

PySAML2 doesn't validate properly SubjectConfirmationData attributes

Recipient

           <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml:SubjectConfirmationData InResponseTo="id-hz5vE07Vp9MWK9Lfq" NotOnOrAfter="2021-01-24T01:35:10Z" Recipient="diversodaassertionconsumerserviceurl"/>
            </saml:SubjectConfirmation>

NotOnAfter not valued or absent

            <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml:SubjectConfirmationData InResponseTo="id-gVE68LCdqjMKCiJdK" NotOnOrAfter="" Recipient="http://sp1.testunical.it:8000/saml2/acs/"/>
            </saml:SubjectConfirmation>

peppelinux avatar Jan 24 '21 01:01 peppelinux