TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-12-24 04:36:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(saml): add SignatureMethod config for SAML IDP (#10520)

Browse Source 
# Which Problems Are Solved
When a SAML IDP is created, the signing algorithm defaults to
`RSA-SHA1`.
This PR adds the functionality to configure the signing algorithm while
creating or updating a SAML IDP. When nothing is specified, `RSA-SHA1`
is the default.

Available options:
* RSA_SHA1
* RSA_SHA256
* RSA_SHA512


# How the Problems Are Solved

By introducing a new optional config to specify the Signing Algorithm. 

# Additional Changes
N/A

# Additional Context
- Closes #9842 

An existing bug in the UpdateSAMLProvider API will be fixed as a
followup in a different
[PR](https://github.com/zitadel/zitadel/pull/10557).

---------

Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
This commit is contained in:
Gayathri Vijayan
2025-08-27 11:07:13 +02:00
committed by GitHub
parent 6699a6f966
commit 255d42da65
42 changed files with 413 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
internal/command/instance_idp_model.go
View File

@@ -921,6 +921,7 @@ func (wm *InstanceSAMLIDPWriteModel) NewChangedEvent(
secretCrypto crypto.EncryptionAlgorithm,
binding string,
withSignedRequest bool,
signatureAlgorithm string,
nameIDFormat *domain.SAMLNameIDFormat,
transientMappingAttributeName string,
federatedLogoutEnabled bool,
@@ -934,6 +935,7 @@ func (wm *InstanceSAMLIDPWriteModel) NewChangedEvent(
secretCrypto,
binding,
withSignedRequest,
signatureAlgorithm,
nameIDFormat,
transientMappingAttributeName,
federatedLogoutEnabled,