Thank you for sharing this neat little SAML implementation!
It has suddenly stopped working for me ever since my IdP started incorporating MGF elements from the newer xmlenc11 spec. (It still works if I turn off strict, but that doesn't seem like a sustainable approach security-wise.)
Over at PySAML2, this was also addressed recently: IdentityPython/pysaml2#964
Would it be possible to add this new spec and attempt validation against it, if validation against the standard spec fails?
Thank you for sharing this neat little SAML implementation!
It has suddenly stopped working for me ever since my IdP started incorporating
MGFelements from the newerxmlenc11spec. (It still works if I turn offstrict, but that doesn't seem like a sustainable approach security-wise.)Over at PySAML2, this was also addressed recently: IdentityPython/pysaml2#964
Would it be possible to add this new spec and attempt validation against it, if validation against the standard spec fails?