Added support for RSA KeyInfo
In addition to X509 thumbprint, X509 issuer serial, X509 subject, and X509 raw data KeyInfo, Identify now has support for RSA KeyInfo:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" AssertionConsumerServiceURL="..." Destination="https://identify01.identify.safewhere.com/runtime/saml2/issue.idp" ForceAuthn="..." ID="..." IsPassive="..." IssueInstant="..." ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0"> <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">http://localhost:8080/auth/realms/master</saml:Issuer> <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> <dsig:SignedInfo> ... </dsig:SignedInfo> <dsig:SignatureValue>...</dsig:SignatureValue> <dsig:KeyInfo> <dsig:KeyValue> <dsig:RSAKeyValue> <dsig:Modulus>sOUEHzO1FVdQXRXY4TeLcFy/...lfm5kd1Hz9gkW6XMgPU3wi4gMSq1ogxJ8ZVJOdBIQuMafPQ==</dsig:Modulus> <dsig:Exponent>AQAB</dsig:Exponent> </dsig:RSAKeyValue> </dsig:KeyValue> </dsig:KeyInfo> </dsig:Signature> <samlp:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/> </samlp:AuthnRequest> |