saml icon indicating copy to clipboard operation
saml copied to clipboard
verified publisher icon crewjam

Issuer lost in translation

Open niclas-g opened this issue 4 years ago • 0 comments

I'm implementing the Service Provider side of SAML and I'm struggling a bit to figure out the Issuer from the Session.

As far as what I can see, the Issuer does not get transferred from the SAML assertion to the JWTSessionClaim.

Looking at: https://github.com/crewjam/saml/blob/e007e418a04dddb5adf9ecf9abfb25cfbf684e31/samlsp/session_jwt.go#L44-L48

The subject gets copied over to the session, but the Issuer gets taken from DefaultSessionCodec, which for JWTSessionCodec defaults to URL from the Options.

https://github.com/crewjam/saml/blob/e007e418a04dddb5adf9ecf9abfb25cfbf684e31/samlsp/new.go#L32-L43

Is there a good reason that the Issuer from the Assertion does not get carried over to the session? Happy to open a PR but not sure if this is the right way.

niclas-g avatar Jan 19 '22 15:01 niclas-g