Skip to content
This repository has been archived by the owner on Jun 6, 2023. It is now read-only.

Verifying response without depending on an external binary #6

Open
wants to merge 2 commits into
base: master
Choose a base branch
from

Conversation

dqminh
Copy link

@dqminh dqminh commented Dec 15, 2015

There are two things in the patch:

  • allow an idp public cert to be embedded rather than reading it from the path. Useful when we not store the cert in the local filesystem.
  • verify response using a small xmlsec library that binds to libxmlsec1. This allow user to verify response without having to write both the cert and the response to a local filesystem and shell out to xmlsec1 binary. There's a cgo dependency here which we cant escape because xmlsec is very complex to implement and there isnt any go library to do that.

This only concerns about verifying, signing will still shell out to xmlsec binary but i dont have an immediate need for that now.

This is useful when we want to load public cert from somewhere other than local
filesystem.
this add xmlsec binding to libxmlsec1 and libxml2 so we can use that instead of
shelling out to an external binary.
mohamedGr pushed a commit to mohamedGr/go-saml that referenced this pull request Jun 29, 2022
Resolves RobotsAndPencils#6.

Signed-off-by: Ranadeep Polavarapu <ranadeep@icloud.com>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant