Support for EncryptedId

[ArieGato]

Hi,

I know this has been asked several times and I found at least two (closed) PR's for adding support for EncryptedId. I'm working on an interface with an external SP. We receive an EncryptedId in the Saml2 Response. This results in an exception that originates from the Microsoft Saml2Serializer.

Is this somewhere on the roadmap or Is there something I can do to add support for EncryptedId? And if so, what should be included in that PR?

Kind regards,
Arjan

[AndersAbel]

This is something I'd like to get included in v3. I know that development of v3 has been stale, but I think I will have some more time this year to work on it. v3 will not use the Microsoft serializer or token handlar at all, which will give more flexibility to handle encryption and other features that are not available in the MS handler.

[ArieGato]

I really need a solution for this. Would it be a solution to add an IEncryptionHandler interface which can be set as property on SpOptions. Then the ReadEncryptionId can be overridden in the Saml2PSerializer and call a method on that interface. That way we can write our own handler without having to implement it in the Saml library.

[AndersAbel]

All the available unpaid time I can put into the library will go into the dev branch to get a version 3 shipped. Support and feature development target at v2 or v1 is done for paying commercial customers. If you are interested in commercial options to get EncryptedId support implemented, please mail [email protected].

[ArieGato]

I don’t mind doing it. I can create a PR for it.

[AndersAbel]

Even a PR requires time for review and for creating a release. No PRs are accepted to v1 or v2 branches unless covered by commercial support.