samael 0.0.21

A SAML2 library for Rust
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

<?xml version="1.0" encoding="UTF-8"?>
<Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" ID="response">
    <Issuer>https://idp.example.com</Issuer>
    <ds:Signature>
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#element(/1/3)">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>VI1E515fVc0UjEE3xn95znrlbR8GtYEygN9TTcE2e7E=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>IxjoDHQY0B9u4O8GQbtJXcXQo3OQWhQJtc+t01tQqDEARAa8B4o9udWaqVnLvtGs
UPGZZoT6lsO8jPqqQ7oecnWBf4fY5MYl77REEOvBuRW9LoD51bPGFpICnX9nIg5g
mpF7prXj9Y7khRywC/xgDLgcnv9s+hQj+iICDaboHE4=</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:KeyName>signing</ds:KeyName>
        </ds:KeyInfo>
    </ds:Signature>
    <MaliciousAssertion ID="malicious">
        <Subject>attacker@evil.com</Subject>
        <Role>admin</Role>
    </MaliciousAssertion>
    <LegitimateAssertion ID="element(/1/3)">
        <Subject>legitimate@example.com</Subject>
        <Role>user</Role>
    </LegitimateAssertion>
</Response>