I'm using the latest gosaml2 and noticed that my identity provider (Keycloak) does not accept the signed AuthNRequest.
The reason is:
But it seems that the Redirect binding authUrl does not have SigAlg and Signature parameters, even though setting SignAuthnRequests to true and SPKeyStore to my own Keystore.
reference: spring-projects/spring-security#7711
I'm using the latest gosaml2 and noticed that my identity provider (Keycloak) does not accept the signed AuthNRequest.
The reason is:
(e.g. https://idp/?SAMLRequest=...&RelayState=...&SigAlg=...&Signature=...)
But it seems that the Redirect binding authUrl does not have SigAlg and Signature parameters, even though setting SignAuthnRequests to true and SPKeyStore to my own Keystore.
reference: spring-projects/spring-security#7711