The EOL SAML version provided a way to sign SP metadata like this:
ExtendedMetadata extendedMetadata = generator.generateExtendedMetadata();
if (!StringUtils.isEmpty(entityAlias)) {
extendedMetadata.setAlias(entityAlias);
}
extendedMetadata.setSignMetadata(true);
I don't find anything of this fashion with the newer saml version (saml2-service-provider 5.8.9), has the support for signing SP metadata dropped? Or am I missing something?
Comment From: jzheaux
Hi, @siddharth-78, no this has not been added yet. Are you able to contribute a PR to add setSignMetadata(boolean) to OpenSamlMetadataResolver? It may be as straightforward as copying OpenSamlSigningUtils and Saml2Utils into the corresponding package and then calling OpenSamlSigningUtils#sign before serializing the value.