Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Add ability to add custom TokenReplayValidator or TokenReplayCache
See original GitHub issueI reviewed the code in Saml2ResponseSecurityTokenHandler.cs although there is a DetectReplayedTokens config setting that gets into the TokenValidationParametes, the default behavior for token replay validation is to bypass the validation if there are no validators and no token replay cache is set.
However there is no way the code lets you set those values, they are not exposed anywhere.
if (TokenValidationParameters.ValidateTokenReplay)
{
ValidateTokenReplay(saml2SecurityToken.Assertion.Conditions.NotBefore, tokenString, TokenValidationParameters);
}
There is no way I could set the Replay cache or validator in the TokenValidationParameters as it is not exposed anywhere. So, the DetectReplayedTokens setting is of not much help.
This method in SAML2Request.cs needs an update?
public static Saml2IdentityConfiguration GetIdentityConfiguration(Saml2Configuration config)
Thanks for your work on the library and any insight into this issue.
Issue Analytics
- State:
- Created 3 years ago
- Comments:5 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
The feature is released in version 4.4.0-beta1. Please let me know if it works for you.
Thank you for your reply and the ITokenReplayCache implementation. Maybe I can use it at some point or someone else.
I’ll release the change sune either in an ordinary version or beta version.