truongnmt · January 22, 2020 07:13
diff --git a/onelogin-sample-response.xml b/onelogin-sample-response.xml
 <samlp:Response Destination="http://localhost:3000/saml/acs"
    ID="R6a89d138da36c2ae5326fa1b182cfbdacae147ce"
    InResponseTo="_5ccbb20771005b0328997e1cd5e468470b247427" IssueInstant="2020-01-22T07:05:25Z"
    Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
    xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer>https://app.onelogin.com/saml/metadata/fed4e0ba-c59b-4098-adfa-17c20814bb57</saml:Issuer>
    <samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status>
    <saml:Assertion ID="pfxedfb003f-4a53-2b9b-6484-da8d76d97531" IssueInstant="2020-01-22T07:05:25Z"
        Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
        xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
        <saml:Issuer>https://app.onelogin.com/saml/metadata/fed4e0ba-c59b-4098-adfa-17c20814bb57</saml:Issuer>
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
                <ds:Reference URI="#pfxedfb003f-4a53-2b9b-6484-da8d76d97531">
                    <ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                    <ds:DigestValue>JKLw8dv8yqYlQrZi7QFEpFDfueT2lyva3MxQFX0beNQ=</ds:DigestValue>
                </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>SgfDtnFgy1rchF/3I5V4XSUaghrBtj9i6uj2XfCFJxxxx==</ds:SignatureValue>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>MIID0jCCArqgAwIBAgIUBz8rP3asIOQnFxxxx==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </ds:Signature>
        <saml:Subject>
            <saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">truong@xxxx</saml:NameID>
            <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml:SubjectConfirmationData InResponseTo="_5ccbb20771005b0328997e1cd5e468470b247427"
                NotOnOrAfter="2020-01-22T07:08:25Z" Recipient="http://localhost:3000/saml/acs"/></saml:SubjectConfirmation>
        </saml:Subject>
        <saml:Conditions NotBefore="2020-01-22T07:02:25Z" NotOnOrAfter="2020-01-22T07:08:25Z">
            <saml:AudienceRestriction>
                <saml:Audience>http://localhost:3000/saml/metadata</saml:Audience>
            </saml:AudienceRestriction>
        </saml:Conditions>
        <saml:AuthnStatement AuthnInstant="2020-01-22T07:05:24Z"
            SessionIndex="_7cfb8720-1f13-0138-a23c-412a3ae0e11e" SessionNotOnOrAfter="2020-01-23T07:05:25Z">
            <saml:AuthnContext>
                <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef>
            </saml:AuthnContext>
        </saml:AuthnStatement>
    </saml:Assertion>
 </samlp:Response>
	<samlp:Response Destination="http://localhost:3000/saml/acs"
	ID="R6a89d138da36c2ae5326fa1b182cfbdacae147ce"
	InResponseTo="_5ccbb20771005b0328997e1cd5e468470b247427" IssueInstant="2020-01-22T07:05:25Z"
	Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
	xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
	<saml:Issuer>https://app.onelogin.com/saml/metadata/fed4e0ba-c59b-4098-adfa-17c20814bb57</saml:Issuer>
	<samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status>
	<saml:Assertion ID="pfxedfb003f-4a53-2b9b-6484-da8d76d97531" IssueInstant="2020-01-22T07:05:25Z"
	Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
	xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
	<saml:Issuer>https://app.onelogin.com/saml/metadata/fed4e0ba-c59b-4098-adfa-17c20814bb57</saml:Issuer>
	<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
	<ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
	<ds:Reference URI="#pfxedfb003f-4a53-2b9b-6484-da8d76d97531">
	<ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
	<ds:DigestValue>JKLw8dv8yqYlQrZi7QFEpFDfueT2lyva3MxQFX0beNQ=</ds:DigestValue>
	</ds:Reference>
	</ds:SignedInfo>
	<ds:SignatureValue>SgfDtnFgy1rchF/3I5V4XSUaghrBtj9i6uj2XfCFJxxxx==</ds:SignatureValue>
	<ds:KeyInfo>
	<ds:X509Data>
	<ds:X509Certificate>MIID0jCCArqgAwIBAgIUBz8rP3asIOQnFxxxx==</ds:X509Certificate>
	</ds:X509Data>
	</ds:KeyInfo>
	</ds:Signature>
	<saml:Subject>
	<saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">truong@xxxx</saml:NameID>
	<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml:SubjectConfirmationData InResponseTo="_5ccbb20771005b0328997e1cd5e468470b247427"
	NotOnOrAfter="2020-01-22T07:08:25Z" Recipient="http://localhost:3000/saml/acs"/></saml:SubjectConfirmation>
	</saml:Subject>
	<saml:Conditions NotBefore="2020-01-22T07:02:25Z" NotOnOrAfter="2020-01-22T07:08:25Z">
	<saml:AudienceRestriction>
	<saml:Audience>http://localhost:3000/saml/metadata</saml:Audience>
	</saml:AudienceRestriction>
	</saml:Conditions>
	<saml:AuthnStatement AuthnInstant="2020-01-22T07:05:24Z"
	SessionIndex="_7cfb8720-1f13-0138-a23c-412a3ae0e11e" SessionNotOnOrAfter="2020-01-23T07:05:25Z">
	<saml:AuthnContext>
	<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef>
	</saml:AuthnContext>
	</saml:AuthnStatement>
	</saml:Assertion>
	</samlp:Response>