ERROR Receiving an SSO response from a partner identity provider has failed

Yashwant.Garad · January 25, 2024, 1:37am

Hi Team ,

I’m getting below exception on method var ssoResult = await _samlServiceProvider.ReceiveSsoAsync() in AssertionConsumerService.
I have SP - > IDP flow and trying to get response and reading the email id of user.
var samlAttribute = ssoResult.Attributes.SingleOrDefault(a => a.Name == ClaimTypes.Email);

In SAML log file i can see below exception - Please guide.

ERROR Receiving an SSO response from a partner identity provider has failed.
ComponentSpace.Saml2.Exceptions.SamlSignatureException: An error occurred attempting to verify the XML signature.
—> System.NullReferenceException: Object reference not set to an instance of an object.
at System.Security.Cryptography.Xml.SignedXml.IsKeyTheCorrectAlgorithm(AsymmetricAlgorithm key, Type expectedType)
at System.Security.Cryptography.Xml.SignedXml.CheckSignedInfo(AsymmetricAlgorithm key)
at System.Security.Cryptography.Xml.SignedXml.CheckSignature(AsymmetricAlgorithm key)
at ComponentSpace.Saml2.XmlSecurity.Signature.XmlSignature.Verify(XmlElement signedElement, AsymmetricAlgorithm verifyingKey, ISignedXmlFactory signedXmlFactory, Boolean clone, Boolean declareAllNamespaces)
at ComponentSpace.Saml2.XmlSecurity.Signature.XmlSignature.Verify(XmlElement signedElement, AsymmetricAlgorithm verifyingKey)
— End of inner exception stack trace —
at ComponentSpace.Saml2.XmlSecurity.Signature.XmlSignature.Verify(XmlElement signedElement, AsymmetricAlgorithm verifyingKey)
at ComponentSpace.Saml2.SamlProvider.VerifyXmlSignatureAsync(XmlElement signedElement, X509Certificate2 x509Certificate)
at ComponentSpace.Saml2.SamlServiceProvider.VerifySamlAssertionSignatureAsync(XmlElement samlAssertionElement, IList x509Certificates)
at ComponentSpace.Saml2.SamlServiceProvider.VerifySamlAssertionSignatureAsync(AssertionListItem assertionListItem)
at ComponentSpace.Saml2.SamlServiceProvider.GetSamlAssertionAsync(SamlResponse samlResponse)
at ComponentSpace.Saml2.SamlServiceProvider.ProcessSamlResponseAsync(XmlElement samlResponseElement, String relayState)
at ComponentSpace.Saml2.SamlServiceProvider.ReceiveSsoAsync()
2024-01-25 15:00:35,460 ERROR An error occurred attempting to verify the XML signature.
2024-01-25 15:00:35,484 ERROR at ComponentSpace.Saml2.XmlSecurity.Signature.XmlSignature.Verify(XmlElement signedElement, AsymmetricAlgorithm verifyingKey)
at ComponentSpace.Saml2.SamlProvider.VerifyXmlSignatureAsync(XmlElement signedElement, X509Certificate2 x509Certificate)
at ComponentSpace.Saml2.SamlServiceProvider.VerifySamlAssertionSignatureAsync(XmlElement samlAssertionElement, IList x509Certificates)
at ComponentSpace.Saml2.SamlServiceProvider.VerifySamlAssertionSignatureAsync(AssertionListItem assertionListItem)
at ComponentSpace.Saml2.SamlServiceProvider.GetSamlAssertionAsync(SamlResponse samlResponse)
at ComponentSpace.Saml2.SamlServiceProvider.ProcessSamlResponseAsync(XmlElement samlResponseElement, String relayState)
at ComponentSpace.Saml2.SamlServiceProvider.ReceiveSsoAsync()
at XCM.Web.Controllers.SSO.SSOController.AssertionConsumerService() in C:\git\xcm\WK.Axcess.Workflow.Web\WK.Workflow.Web\Controllers\SSO\SSOController.cs:line 395

ComponentSpace · January 25, 2024, 4:26pm

I’ll reply to your email.