Skip to content

Commit

Permalink
idp: Make signature method configurable
Browse files Browse the repository at this point in the history
  • Loading branch information
@apilloud
apilloud committed Dec 1, 2017
1 parent 5e89d54 commit 2c3fea0
Showing 1 changed file with 13 additions and 2 deletions.
15 changes: 13 additions & 2 deletions identity_provider.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,7 @@ type IdentityProvider struct {
ServiceProviderProvider ServiceProviderProvider
SessionProvider SessionProvider
AssertionMaker AssertionMaker
SignatureMethod string
}

// Metadata returns the metadata structure for this identity provider.
Expand Down Expand Up @@ -671,9 +672,14 @@ func (req *IdpAuthnRequest) MakeAssertionEl() error {
}
keyStore := dsig.TLSCertKeyStore(keyPair)

signatureMethod := req.IDP.SignatureMethod
if signatureMethod == "" {
signatureMethod = dsig.RSASHA1SignatureMethod
}

signingContext := dsig.NewDefaultSigningContext(keyStore)
signingContext.Canonicalizer = dsig.MakeC14N10ExclusiveCanonicalizerWithPrefixList(canonicalizerPrefixList)
if err := signingContext.SetSignatureMethod(dsig.RSASHA1SignatureMethod); err != nil {
if err := signingContext.SetSignatureMethod(signatureMethod); err != nil {
return err
}

Expand Down Expand Up @@ -867,9 +873,14 @@ func (req *IdpAuthnRequest) MakeResponse() error {
}
keyStore := dsig.TLSCertKeyStore(keyPair)

signatureMethod := req.IDP.SignatureMethod
if signatureMethod == "" {
signatureMethod = dsig.RSASHA1SignatureMethod
}

signingContext := dsig.NewDefaultSigningContext(keyStore)
signingContext.Canonicalizer = dsig.MakeC14N10ExclusiveCanonicalizerWithPrefixList(canonicalizerPrefixList)
if err := signingContext.SetSignatureMethod(dsig.RSASHA1SignatureMethod); err != nil {
if err := signingContext.SetSignatureMethod(signatureMethod); err != nil {
return err
}

Expand Down

0 comments on commit 2c3fea0

Please sign in to comment.