Skip to content

Commit

Permalink
SPSSODescriptor element is not selected properly
Browse files Browse the repository at this point in the history
  • Loading branch information
@johnnyshields
johnnyshields committed Aug 9, 2021
1 parent a33e9d7 commit b82fc60
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions lib/xml_security.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -161,10 +161,10 @@ def sign_document(private_key, certificate, signature_method = RSA_SHA1, digest_
# add the signature
issuer_element = self.elements["//saml:Issuer"]
if issuer_element
self.root.insert_after issuer_element, signature_element
self.root.insert_after(issuer_element, signature_element)
else
if sp_sso_descriptor = self.elements["/md:EntityDescriptor"]
self.root.insert_before sp_sso_descriptor, signature_element
if sp_sso_descriptor = self.elements["/md:EntityDescriptor/md:SPSSODescriptor"]
self.root.insert_before(sp_sso_descriptor, signature_element)
else
self.root.add_element(signature_element)
end
Expand Down

1 comment on commit b82fc60

@pitbulk
Copy link
Collaborator

@pitbulk pitbulk commented on b82fc60 Aug 12, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Based on the standard: http://www.datypic.com/sc/saml2/e-md_EntityDescriptor.html

It seems the signature could be added inside the md:SPSSODescriptor or inside the md:EntityDescriptor.
I believe we should include it inside the md:EntityDescriptor and not inside md:SPSSODescriptor

I guess the wrong part was with the var names sp_sso_descriptor should be entity_descriptor

Please sign in to comment.