I am using ITfoxtec.Identity.Saml2.MvcCore 4.11.3 in dotnet 8.
I am getting intermittent Signature is invalid. exceptions in ITfoxtec.Identity.Saml2.Saml2Request.ValidateXmlSignature(SignatureValidation documentValidationResult).
It is the SAML response that is failing validation, triggered by my call to binding.Unbind in my SP AssertionConsumerService postback handler.
I don't know what the cause of the invalid signatures is, and the response's Assertion element is signed with the same X509Data public key in both the valid and invalid cases.
The fact that it could fail at all was a surprise, as I have CertificateValidationMode set to None in config. I stepped through the latest github code, without being able to reproduce an exception, and verified that CertificateValidationMode was indeed None at the point it reaches Saml2Request.MustValidateXmlSignature and ValidateXmlSignature.
But this code here in Saml2PostBinding.UnbindInternal
is passing in a hardcoded true for the validate parameter, which causes MustValidateXmlSignature to return true.
Why does it do this, instead of passing false when CertificateValidationMode is None?
How can I disable signature validation, which the project didn't require to be enabled, and so avoid having to troubleshoot the unwanted exceptions that are now happening?
The CertificateValidationMode control rather the certificate it self should be validated, not if the message signature should be validated.
The binding.UnBind method always validate the signature and checks the message. The binding.ReadSamlResponse method only reads the message without validate the signature. If the UnBind method succeed, the message is validated and approved.
The signature is validated with the certificates in saml2Configuration.SignatureValidationCertificates. Downloaded from the IdP like this.