Therefore, ds: Key Info MAY be absent." You can verify the signature if the public key has been provided to you through other means, e.g.Resposne seems to be valid (and even without timing issues).I've taken the same decoded and decrypted response inside of One Login_Saml2_Auth using Xdebug and it still passes through when I'm trying to sign in using saml-php it fails giving "Reference validation failed". Script adds "default" to XML so it looks like Obviously as this XML is passed as a string to hash function it will give different hash result. internally php-saml 2.9.1 (will be soon updated to 2.10.0).Any idea if this something on my end or problem with php-saml toolkit ? Any modification on the SAMLResponse, even a simple extra space, will produce a "Reference validation failed".— You are receiving this because you are subscribed to this thread.Reply to this email directly, view it on Git Hub @rmharris157 can you provide the base64 encoded version rather than in plain text?Try to use directly the demo of this php-saml toolkit and see if you experience the same issue, if not, maybe the problem is at lavarel integration or in your environment.
* jquery.0.0.1 - https://github.com/yckart/jquery.* Scroll smooth to any element in your DOM.So this is partially to help someone else in the future who runs into this same issue and partially to figure out why the certificate would be required in the SAML response.Our initial problem is solved, but it has left me wondering why. ~tommy SAML responses do not require including the public key for that signature.In that case response is decrypted correctly in php-saml but fails on signature/digest validation.We’ve recently noticed a trend with a lot of New Zealand sites wanting to implement Single Sign-On (SSO) to combat the proliferation of passwords, including many government services.