Skip to content

Instantly share code, notes, and snippets.

@rkaw92

rkaw92/request.xml Secret

Created December 17, 2019 12:35
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save rkaw92/7b1fd2df4696356dd3843086aa3d32ae to your computer and use it in GitHub Desktop.
Save rkaw92/7b1fd2df4696356dd3843086aa3d32ae to your computer and use it in GitHub Desktop.
Download ZIP
SAML Request that fails signature verification with auth0 but validates with other tools
Raw
request.xml
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_679914d3-2fb5-4526-8fbc-094cd3abb4e0" Version="2.0" IssueInstant="2019-12-17T12:25:21.073Z" Destination="https://dev-osmkmxci.eu.auth0.com/login/callback?connection=Test" InResponseTo="_2d34afd7db50734a27cf882ac66b9bc2"><saml:Issuer>http://idp-test.e-geo.com.pl:3033/metadata.xml</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#_679914d3-2fb5-4526-8fbc-094cd3abb4e0"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>ZIUb+40c95X91WMuGeGpYucWKpA=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>XF4lGaffQpp6OrPf8rV2lusA5i7EnqKdxi5rLr1uadYDEOhqD3el4LARdOJBIRXCr/Tyfn2y5aOJP291O59y1yY2uSGUUI1RhLzhVSjiKT9C6Aubx18rp3lgfjlSBCW0A+fUEmHQeRn+2A11KP3fDPHc+o9laQU7HweqLu+HVT3nR8YBmt7nqSf2BoHaQCFeNVSVKAzbdu/uziNkqiKMZqppj2WgQBukxIzk8nglGmLD7EyRF92ijPoP1d8PZ7ipOkHZrCV0FFLvk+NGUyUmYII2jW8wi5dVFTx7j5T8LTXGOamA5SA3TSnU4WUE+XLmTYy/eiEEgrGgC5HVNAiiVzvLnrVm8I8EntLdDE9zFKiewNSOAXOHCq7QDD9aMR/n/Zz0WguEvjZzyBMXyXcMsOKImERRnUtPcUiQlgD5j10HbO++j9b+Gsk0ktUKgrLtMkR8lY6avBv2UEn89KCWWwVt2zcm4BOUmUygAkPBZGfS9Bieke1u1DBn86mJkKxfRG6nt8aJCbAXykWjDXBqEuYb2/FlFf1IohCIXfx4gGqzyfjcN8Tq/xgTkfz0ObcDXBeRqVs57snxapXjXDz1VE9Ul4v7TNVrdX1KgOUSw7dN075tMSWnw5NGckGSbGWovL6HKh2wQVSv7hsTTc4SzEagMDwo6/ND5dbmx8WB2+w=</ds:SignatureValue><ds:KeyInfo><ds:KeyValue><ds:RSAKeyValue><ds:Modulus>q7efAaHgjJ6Fw3KiZhLpNwnKK/6eHgDovr7Q3HrsChxFe9cEqKRsnQ7C9zgak7uCNjV/C7WgfOa3TCHDocndnhWldXUBQcEpR1bsSeyPdn3mvSkN+WQkMh3LH4IUpETzeOyT3/myroVwGDBqkISFZRFPb/rK4oka8v8dVtgfryBrr3fcDOlFfXfmFmM7eAsoohDesSYvTltd+ywNQWVwT16EcV/lZl9aM1aV+GQn7hqz7/xXiSrTGR6vQIas1ZPI9KHHm4WJQp67qBiqItHz7gw6NIwNjLqKNvKI0umhHebc+of+3s8K97vD8Kz8egZoDSx7Zq18PRO5Zd/7eBJtfikn6KKTQXT2kPOTexj7FC7PrJwUKNbFIXQRak5ToaZaSA2/CKVtk/18iP3LutCp/+zLWldOyKptHypsa9aRSoiAqKZ8dYQCM99d/cPs7IhzoFTqTSEqgzE50VahTF8mIGqV2vFAC8H6q11oVxw31VA15O4Yf1Mtp19OTCLWRgoHAsGlTsbjQ+pQSGRtTrmyp9aG+wV4f9chTkp2EdRbvNIyPU+Z4m6NZUS7D2Iagwv6qZ3WyVOSbe+p0lCSpgpN9EJj3ZRw8xE4FfBBdq14TWhA26trpFKZHFodeGjrIpECaZsg4yW2btnqWRHShy3RMakNhaiECyPFRsM+9hlNrv0=</ds:Modulus><ds:Exponent>AQAB</ds:Exponent></ds:RSAKeyValue></ds:KeyValue><ds:X509Data><ds:X509Certificate>MIIFXDCCA0SgAwIBAgIJAIWkn5OHDsEWMA0GCSqGSIb3DQEBCwUAMEMxCzAJBgNVBAYTAlBMMREwDwYDVQQIDAhXYXJzemF3YTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMB4XDTE5MTIwNjE0NTczMVoXDTIxMTIwNTE0NTczMVowQzELMAkGA1UEBhMCUEwxETAPBgNVBAgMCFdhcnN6YXdhMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCrt58BoeCMnoXDcqJmEuk3Ccor/p4eAOi+vtDceuwKHEV71wSopGydDsL3OBqTu4I2NX8LtaB85rdMIcOhyd2eFaV1dQFBwSlHVuxJ7I92fea9KQ35ZCQyHcsfghSkRPN47JPf+bKuhXAYMGqQhIVlEU9v+sriiRry/x1W2B+vIGuvd9wM6UV9d+YWYzt4CyiiEN6xJi9OW137LA1BZXBPXoRxX+VmX1ozVpX4ZCfuGrPv/FeJKtMZHq9AhqzVk8j0ocebhYlCnruoGKoi0fPuDDo0jA2Muoo28ojS6aEd5tz6h/7ezwr3u8PwrPx6BmgNLHtmrXw9E7ll3/t4Em1+KSfoopNBdPaQ85N7GPsULs+snBQo1sUhdBFqTlOhplpIDb8IpW2T/XyI/cu60Kn/7MtaV07Iqm0fKmxr1pFKiICopnx1hAIz3139w+zsiHOgVOpNISqDMTnRVqFMXyYgapXa8UALwfqrXWhXHDfVUDXk7hh/Uy2nX05MItZGCgcCwaVOxuND6lBIZG1OubKn1ob7BXh/1yFOSnYR1Fu80jI9T5nibo1lRLsPYhqDC/qpndbJU5Jt76nSUJKmCk30QmPdlHDzETgV8EF2rXhNaEDbq2ukUpkcWh14aOsikQJpmyDjJbZu2epZEdKHLdExqQ2FqIQLI8VGwz72GU2u/QIDAQABo1MwUTAdBgNVHQ4EFgQUZJSdX7APKn4D4TY2+CMf9dU75xMwHwYDVR0jBBgwFoAUZJSdX7APKn4D4TY2+CMf9dU75xMwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAI3+iyKaKsmXKKpIw5lcSMUE+Zo0P6isuvc7NJFyz0OPb3nJ5sqcYSmAmKQaLdm5lfEmK/MutYojcPXr8oE1EkgGt7KaIdZT7g2XQ6yThOGmu5/jw7IFMH3sd0oiMktrUmLhDwTxP4ffWNyFhaUbWHFAqFMW/M1QPJQoQvuOcExWyHc60t/G1RaGAQHF9An/eMvnF39tBlEFn1bN3Tx8sUR9xEf974Z9GpQ0gPE9n3l7tkeiUkzj6+ijAcDNK5hzj/fOy+IvUac3kvwar3JhrXHoxIDafPiqplnp0CJNW7RaAxAkp67O6VCg+Ia9Kk8HdaBKJ6BXMT9fhcarr/N7B2ui0qc1rSWrvWrNBZk3xVPiGYGInSHtPRCfOBy1d6HMgozbbgzG5qqmR33MQE51lb8PGXZJaCupHCnU+pOZsojiPLa6BDGHmgWlx7KfDMWiIT5riMsrkKwefjbizlSqdGyRs+CDjp5WfkHoYOgI9A5tVhf4wItpuzlWKdx0K8oCHaq2NNf1dATBhAOW5Cai5dVDrmUqx0GYEDmTQiYoN5Qx51NcX1aFlN8rXEwvgYSlCA2tyHi2O4RGllEnCTAjruZKCPqzg+RUKhFF4VYFTWFyLUDvi3rvv/6RI9QmnHMiEpZoP9ItiPw1zr5dBZCYuMmOHccJKcYTzvYQyQFtz3KY=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status><saml:Assertion xmlns:xs="https://www.w3.org/2001/XMLSchema" xmlns:xsi="https://www.w3.org/2001/XMLSchema-instance" Version="2.0" ID="_354e8fe1-15fd-494c-91a4-932f85ab3f71" IssueInstant="2019-12-17T12:25:21.073Z"><saml:Issuer>http://idp-test.e-geo.com.pl:3033/metadata.xml</saml:Issuer><saml:Subject><saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">test@example.com</saml:NameID><saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml:SubjectConfirmationData NotOnOrAfter="2020-12-16T12:25:21.075Z" Recipient="https://dev-osmkmxci.eu.auth0.com/login/callback?connection=Test" InResponseTo="_2d34afd7db50734a27cf882ac66b9bc2"/></saml:SubjectConfirmation></saml:Subject><saml:Conditions NotBefore="2019-12-17T12:25:21.075Z" NotOnOrAfter="2020-12-16T12:25:21.075Z"><saml:AudienceRestriction><saml:Audience>urn:auth0:dev-osmkmxci:Test</saml:Audience></saml:AudienceRestriction></saml:Conditions><saml:AuthnStatement AuthnInstant="2019-12-17T12:25:21.073Z"><saml:AuthnContext><saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef></saml:AuthnContext></saml:AuthnStatement></saml:Assertion></samlp:Response>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment