samlify icon indicating copy to clipboard operation
samlify copied to clipboard
verified publisher icon tngan

ERR_FAILED_TO_VERIFY_SIGNATURE when parsing SAML response

Open DrJest opened this issue 4 years ago • 4 comments

Hi, I'm trying to build a SP on top of samlify. Everything works fine until I get the response from the IDP. Then I get ERR_FAILED_TO_VERIFY_SIGNATURE. I tried to verify the signature with the parseLoginResponse and the sig.checkSignature of xml-crypto, but both of them give invalid signature. But, by copy-pasting the response from the console to https://www.samltool.com/validate_response.php I get a valid response. Both the response and the assertion are signed. guess that might be the problem? image image

DrJest avatar Nov 23 '21 10:11 DrJest

@DrJest Here is the example for working with signed message + signed assertion.

If you don't mind to share the response (taking out the sensitive information), and send to [email protected].

https://github.com/tngan/samlify/blob/9a56afda0d3baf0d2f0eac6ae60d88ba3cbc77c9/test/flow.ts#L736-L750

tngan avatar Nov 24 '21 21:11 tngan

Hey @tngan and @DrJest , I have the same problem, could you find a solution? Interesting is that I use the chrome extension SAML-tracer and i'm definitely getting a correct SAML response incl. bearer token back. i just can't use it because the parseLoginResponse fails due to the error.

Sf-Skaylink avatar Mar 21 '23 17:03 Sf-Skaylink