Spring Security In saml2 LogoutRequest from RP doesn't contain KeyInfo

LogoutRequest initiated from RP doesn't contain KeyInfo section. The same was fixed in #9746 by @fhanik for AuthRequest and merged by @jzheaux in main but there are two versions of OpenSamlSigningUtils

org.springframework.security.saml2.provider.service.authentication.OpenSamlSigningUtils and org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSamlSigningUtils

The first one has signingConfiguration.setKeyInfoGeneratorManager(buildSignatureKeyInfoGeneratorManager()) in resolveSigningParameters but the second hasn't. I checked 5.6.0-RC1.

Just adding the same signingConfiguration.setKeyInfoGeneratorManager(buildSignatureKeyInfoGeneratorManager()) in resolveSigningParameters

and the same

private static NamedKeyInfoGeneratorManager buildSignatureKeyInfoGeneratorManager() { ... }

fixes the issue.

Comment From: jzheaux

Thanks, @surkoff-v, can you contribute a PR, including a test?

Comment From: surkoff-v

Sure , I will prepare PR and test shortly