Skip to content

SAML: OpenSamlMetadataResolver doesn't include NameID formats in output #9297

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
handcraftedbits opened this issue Dec 18, 2020 · 3 comments
Closed

SAML: OpenSamlMetadataResolver doesn't include NameID formats in output #9297

handcraftedbits opened this issue Dec 18, 2020 · 3 comments
Assignees
@jzheaux
Labels
in: saml2 An issue in SAML2 modules type: enhancement A general enhancement
Milestone
5.7.0-M1

Comments

@handcraftedbits
Copy link

Expected Behavior

OpenSamlMetadataResolver should serialize NameID formats associated with an SP.

Current Behavior

OpenSamlMetadataResolver does not serialize any NameID formats.

Context

It is typical for SP descriptors to include a set of supported NameID formats. OpenSamlMetadataResolver does not even attempt to serialize a default set of them, let alone user-provided ones. This may be partly due to RelyingPartyRegistration not allowing users to define them. At a minimum, OpenSamlMetadataResolver should attempt to include the formats in the urn:oasis:names:tc:SAML:1.1:nameid-format namespace. It might also be helpful for OpenSamlMetadataResolver not to be marked final so users can customize the serizliation.
@handcraftedbits handcraftedbits added status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement labels Dec 18, 2020
@jzheaux
Copy link
Contributor

jzheaux commented Dec 18, 2020

Related to #9115

@jzheaux jzheaux added in: saml2 An issue in SAML2 modules and removed status: waiting-for-triage An issue we've not yet triaged labels Dec 18, 2020
@jzheaux jzheaux mentioned this issue Dec 18, 2020
Closed
@ctmay4
Copy link

ctmay4 commented Mar 21, 2022
edited
Loading

I am having an issue where NameID is not in the SAML response. I wonder if this is the reason? The error I get is misleading:

[subject_not_found] Assertion [_a79ccbf3-6309-4f18-a132-2a4c91653a19] is missing a subject

However when you dig into the code and review the response the reason is the NameID is not returned. Did you ever find a workaround? I see the NameId changes in #9115 are in the 5.7.x branch which is no released yet.

@jzheaux jzheaux self-assigned this Oct 8, 2024
@jzheaux
Copy link
Contributor

jzheaux commented Oct 8, 2024

Closed in a17dfb8

@jzheaux jzheaux closed this as completed Oct 8, 2024
@jzheaux jzheaux added this to the 5.7.0-M1 milestone Oct 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jzheaux jzheaux

Labels
in: saml2 An issue in SAML2 modules type: enhancement A general enhancement
Projects
None yet
Milestone
5.7.0-M1
Development

No branches or pull requests
3 participants
@ctmay4 @jzheaux @handcraftedbits