- android - 多次调用 OnPrimaryClipChangedListener
- android - 无法更新 RecyclerView 中的 TextView 字段
- android.database.CursorIndexOutOfBoundsException : Index 0 requested, 光标大小为 0
- android - 使用 AppCompat 时,我们是否需要明确指定其 UI 组件(Spinner、EditText)颜色
我有一些 XML 签名验证代码,适用于我拥有的所有 SAML XML 示例,除了一个。它失败的那个有多个签名。它在第一个签名上成功,在第二个签名上失败。
然后我想,嘿,如果我交换签名呢?在第一个场景中,签名 A 是第一个,签名 B 是第二个。代码验证签名 A 并在签名 B 上失败。如果我交换它们以使签名 B 在前,代码验证签名 B 但在签名 A 上失败!因此看起来代码能够独立验证两个签名,但当它位于某个位置时失败。
现在我知道这个 saml 响应是有效的,您可以在 samltool.com 上亲自查看。唯一的问题是代码在某些情况下无法验证签名,我不确定为什么。
public static int isValidSignature(string encodedXml, string key)
{
int ret = 0;
string xml = Encoding.UTF8.GetString(Convert.FromBase64String(encodedXml));
XmlDocument xmlDoc = new XmlDocument();
xmlDoc.PreserveWhitespace = true;
xmlDoc.LoadXml(xml);
X509Certificate2 cert = new X509Certificate2(Convert.FromBase64String(key));
SignedXml signedXml = new SignedXml(xmlDoc);
//XmlNodeList nodeList = xmlDoc.GetElementsByTagName("ds:Signature");
NameTable nt = new NameTable();
XmlNamespaceManager nsmgr = new XmlNamespaceManager(nt);
nsmgr.AddNamespace("ds", "http://www.w3.org/2000/09/xmldsig#");
XmlNodeList nodeList = xmlDoc.SelectNodes(".//ds:Signature", nsmgr);
if (nodeList.Count == 0)
{
ret = -1;
}
else
{
foreach (XmlNode node in nodeList) {
signedXml.LoadXml((XmlElement)node);
if (signedXml.CheckSignature(cert, true))
{
ret = 1;
}
else if(ret == 1)
{
ret = -2;
break;
}
}
}
return ret;
}
下面的代码测试了两件事:原始 XML,签名交换后的 XML。我还测试了另外两个东西,但它们不适合这个问题:只有外部签名的 XML(返回 1)和只有内部签名的 XML(返回 0)。
string oktaKey = "MIIDpDCCAoygAwIBAgIGAVyqFlFgMA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxEzARBgNVBAMMCmRldi0zNjM0ODIxHDAaBgkqhkiG9w0BCQEWDWluZm9Ab2t0YS5jb20wHhcNMTcwNjE1MDQ0OTA4WhcNMjcwNjE1MDQ1MDA4WjCBkjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBE9rdGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRMwEQYDVQQDDApkZXYtMzYzNDgyMRwwGgYJKoZIhvcNAQkBFg1pbmZvQG9rdGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiO3YHACAdWkG2pGZQuwtAPTLq7TUOWB0ZgC2vSVBgYWZ5juuUeIji4wh+zfaHMXiZe/wfFgC4l6fPb40Lw7f5Sur39J1vEb8EiF3qUwvMbRIFoxPsFwrgcfDoKYBcTx4VQHU/rig02VS+njzaqBL9e0RnyVoi5Ub1yeWTSq728V7NDHULm3gYHMaLqzN/z7IP64XqqSMpEE2lyeecijt2JdYkSp85al5o3wQR5j8Vr6RcBtd12koggicdLqK9Rbvg4uljSk9gGuFYvNw+2SEP+k7dbuT+uiie8mwLFkwhcOGLZWYDmGPru76ZxTpuSPAenIXMRbeTIujmuGz+qZcCwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBXMN2mKMcVDVxic9zi0LYDJIMzZkR0jQ20ksrKSvo+dFtAmAFsI29vYY2Wva/sdwbVCKHqfHKLS51CIVFwPLxzmqtZeR7WTAac23WeFtJTSl824BvWgW1zr5EYRXr4JvEZFc0kwgCldzQT0NwZG40eWX2Id0nZmjIxfNNuuH7lVXMK6yXCxa8/jF/EuowaE6DS+ZH12/INdl8O8u2Zi2v23tovNrMEs4a7dOINHWqh8vPgxKFkT2Dpcz4ry3vS4ad+9kyFK6yvtFPxM8YqHFT2ojjdVJ3IAJv8OPIi22jwMBu+M/Xl68IbYIJ3PXmxSXsDx904T0iQSnyi+G2klY5l";
string oktaSample = "PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c2FtbDJwOlJlc3BvbnNlIHhtbG5zOnNhbWwycD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9ncmFwZS9zaW1wbGVzYW1sL21vZHVsZS5waHAvc2FtbC9zcC9zYW1sMi1hY3MucGhwL2RlZmF1bHQtc3AiIElEPSJpZDU4OTYwNjQ2MTQ4OTI3MTkxNDQ4MTk0NTU2IiBJblJlc3BvbnNlVG89Il9lM2VmMTkwZjQzOTk5YjZiYzE3NDAzOGIzNTQ1ODA5ZWRhYWI5MzI3YjYiIElzc3VlSW5zdGFudD0iMjAxOC0wNS0wN1QyMTozOToyMy42MTNaIiBWZXJzaW9uPSIyLjAiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSI+PHNhbWwyOklzc3VlciB4bWxuczpzYW1sMj0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6bmFtZWlkLWZvcm1hdDplbnRpdHkiPmh0dHA6Ly93d3cub2t0YS5jb20vZXhrZXhxMmRteVE0c3ptTWgwaDc8L3NhbWwyOklzc3Vlcj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj48ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2Ii8+PGRzOlJlZmVyZW5jZSBVUkk9IiNpZDU4OTYwNjQ2MTQ4OTI3MTkxNDQ4MTk0NTU2Ij48ZHM6VHJhbnNmb3Jtcz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmUiLz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIj48ZWM6SW5jbHVzaXZlTmFtZXNwYWNlcyB4bWxuczplYz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIiBQcmVmaXhMaXN0PSJ4cyIvPjwvZHM6VHJhbnNmb3JtPjwvZHM6VHJhbnNmb3Jtcz48ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjc2hhMjU2Ii8+PGRzOkRpZ2VzdFZhbHVlPlVZMEM3dStaWm1RY1FCZGJmRmZhYmlRd2dTTHVXQjJYby9TVWZrZ3EyNzA9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48L2RzOlNpZ25lZEluZm8+PGRzOlNpZ25hdHVyZVZhbHVlPkZPZW9jUDNJQmh3a1dncklETDRGTjVUbFJNT3NkbjRRVFdJVzd1dTlJeXpxUFdGa3R5MzZtamc0d3dzTmFpVWc5UVV5OEl5TVNud1VMN05Sa3l5T0tqRFZEWnZCazVwVjRNUmdtSXI5K2xhdVVSc09iQy8rODNtdkEzTFBaa01SRGU3YTBET0NibENldU1ESE9lM0VZVWp1cExRSnFhb0xyc0xySlJISGxXVVI1aGZyYTJLb2NCZHhydHRyM2lvNXdNcTBrdkdvdU56ays3a3k3aVUzNEJvZjl0YzBkanRaRTRpalJhaTVQZDMwakloY3hqYlN6cDFXWG5JVit4OU8vY3czamJESFZiM0FsQjIvSjJiMXhqMFZ4YWlFdTlFMFBuem1Gc05MZkFYL3RjMy9DeU1PdkFsQ1g0TldRRjNIUGgrc1hvNEwyOUJpWjJ4MWU0aXBkdz09PC9kczpTaWduYXR1cmVWYWx1ZT48ZHM6S2V5SW5mbz48ZHM6WDUwOURhdGE+PGRzOlg1MDlDZXJ0aWZpY2F0ZT5NSUlEcERDQ0FveWdBd0lCQWdJR0FWeXFGbEZnTUEwR0NTcUdTSWIzRFFFQkN3VUFNSUdTTVFzd0NRWURWUVFHRXdKVlV6RVRNQkVHCkExVUVDQXdLUTJGc2FXWnZjbTVwWVRFV01CUUdBMVVFQnd3TlUyRnVJRVp5WVc1amFYTmpiekVOTUFzR0ExVUVDZ3dFVDJ0MFlURVUKTUJJR0ExVUVDd3dMVTFOUFVISnZkbWxrWlhJeEV6QVJCZ05WQkFNTUNtUmxkaTB6TmpNME9ESXhIREFhQmdrcWhraUc5dzBCQ1FFVwpEV2x1Wm05QWIydDBZUzVqYjIwd0hoY05NVGN3TmpFMU1EUTBPVEE0V2hjTk1qY3dOakUxTURRMU1EQTRXakNCa2pFTE1Ba0dBMVVFCkJoTUNWVk14RXpBUkJnTlZCQWdNQ2tOaGJHbG1iM0p1YVdFeEZqQVVCZ05WQkFjTURWTmhiaUJHY21GdVkybHpZMjh4RFRBTEJnTlYKQkFvTUJFOXJkR0V4RkRBU0JnTlZCQXNNQzFOVFQxQnliM1pwWkdWeU1STXdFUVlEVlFRRERBcGtaWFl0TXpZek5EZ3lNUnd3R2dZSgpLb1pJaHZjTkFRa0JGZzFwYm1adlFHOXJkR0V1WTI5dE1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBCmlPM1lIQUNBZFdrRzJwR1pRdXd0QVBUTHE3VFVPV0IwWmdDMnZTVkJnWVdaNWp1dVVlSWppNHdoK3pmYUhNWGlaZS93ZkZnQzRsNmYKUGI0MEx3N2Y1U3VyMzlKMXZFYjhFaUYzcVV3dk1iUklGb3hQc0Z3cmdjZkRvS1lCY1R4NFZRSFUvcmlnMDJWUytuanphcUJMOWUwUgpueVZvaTVVYjF5ZVdUU3E3MjhWN05ESFVMbTNnWUhNYUxxek4vejdJUDY0WHFxU01wRUUybHllZWNpanQySmRZa1NwODVhbDVvM3dRClI1ajhWcjZSY0J0ZDEya29nZ2ljZExxSzlSYnZnNHVsalNrOWdHdUZZdk53KzJTRVArazdkYnVUK3VpaWU4bXdMRmt3aGNPR0xaV1kKRG1HUHJ1NzZaeFRwdVNQQWVuSVhNUmJlVEl1am11R3orcVpjQ3dJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUUJYTU4ybQpLTWNWRFZ4aWM5emkwTFlESklNelprUjBqUTIwa3NyS1N2bytkRnRBbUFGc0kyOXZZWTJXdmEvc2R3YlZDS0hxZkhLTFM1MUNJVkZ3ClBMeHptcXRaZVI3V1RBYWMyM1dlRnRKVFNsODI0QnZXZ1cxenI1RVlSWHI0SnZFWkZjMGt3Z0NsZHpRVDBOd1pHNDBlV1gySWQwbloKbWpJeGZOTnV1SDdsVlhNSzZ5WEN4YTgvakYvRXVvd2FFNkRTK1pIMTIvSU5kbDhPOHUyWmkydjIzdG92TnJNRXM0YTdkT0lOSFdxaAo4dlBneEtGa1QyRHBjejRyeTN2UzRhZCs5a3lGSzZ5dnRGUHhNOFlxSEZUMm9qamRWSjNJQUp2OE9QSWkyMmp3TUJ1K00vWGw2OEliCllJSjNQWG14U1hzRHg5MDRUMGlRU255aStHMmtsWTVsPC9kczpYNTA5Q2VydGlmaWNhdGU+PC9kczpYNTA5RGF0YT48L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+PHNhbWwycDpTdGF0dXMgeG1sbnM6c2FtbDJwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiPjxzYW1sMnA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1sMnA6U3RhdHVzPjxzYW1sMjpBc3NlcnRpb24geG1sbnM6c2FtbDI9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIElEPSJpZDU4OTYwNjQ2MTQ5MzI0MjY4MTYzMjQ3OTYiIElzc3VlSW5zdGFudD0iMjAxOC0wNS0wN1QyMTozOToyMy42MTNaIiBWZXJzaW9uPSIyLjAiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSI+PHNhbWwyOklzc3VlciBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OmVudGl0eSIgeG1sbnM6c2FtbDI9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPmh0dHA6Ly93d3cub2t0YS5jb20vZXhrZXhxMmRteVE0c3ptTWgwaDc8L3NhbWwyOklzc3Vlcj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj48ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2Ii8+PGRzOlJlZmVyZW5jZSBVUkk9IiNpZDU4OTYwNjQ2MTQ5MzI0MjY4MTYzMjQ3OTYiPjxkczpUcmFuc2Zvcm1zPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiPjxlYzpJbmNsdXNpdmVOYW1lc3BhY2VzIHhtbG5zOmVjPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiIFByZWZpeExpc3Q9InhzIi8+PC9kczpUcmFuc2Zvcm0+PC9kczpUcmFuc2Zvcm1zPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGVuYyNzaGEyNTYiLz48ZHM6RGlnZXN0VmFsdWU+OFN4a1A5MDNhRk5XcUNkUTYxTUJDWGErZVMrelNBM0U3ZVN3NGxoVHRTST08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU+YURtOEx0bHE1VFVFaUJDMnp2eUlzSzREejF0aDZ6KzhNeXdWSEFiWElCNEg0bGIrL0VUd2VCamJJZkxQNytsdUVSbjFGZ1Y4NWpEQkpCNXpBK294c0UvVVZpMnBpdUZqTHdkOVhtTno3SVNhYlZqU09qZEd0Q0o1SGJPM2RIaXEvd0E4OGpTOWlDaHJFS2J5c2V6N2RzRXFEOHMrekJKS2tvY294ajlCUmIrMHJ0L25uaWNuK1dqWVdHRjRWdnZTdGl3V2NHWitGSjZxZ3ZwY1hJUFNrSWt2ZXY3N1g0R2ljWTk5eFNVNHlkTnVGZlg3c2kvMytVRWs3T3BDbzJnQ1poOUpxcEZmTlNxNzFkYWQ1QkRENHMyNTVvaWRhSjIrRTcwWTVLVmI3bWNFNHJmNkVCcUd6ZlpIYUZZZ0xzZnpOS2wxc05CT3lubHFlVXhvMVNDcStBPT08L2RzOlNpZ25hdHVyZVZhbHVlPjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSURwRENDQW95Z0F3SUJBZ0lHQVZ5cUZsRmdNQTBHQ1NxR1NJYjNEUUVCQ3dVQU1JR1NNUXN3Q1FZRFZRUUdFd0pWVXpFVE1CRUcKQTFVRUNBd0tRMkZzYVdadmNtNXBZVEVXTUJRR0ExVUVCd3dOVTJGdUlFWnlZVzVqYVhOamJ6RU5NQXNHQTFVRUNnd0VUMnQwWVRFVQpNQklHQTFVRUN3d0xVMU5QVUhKdmRtbGtaWEl4RXpBUkJnTlZCQU1NQ21SbGRpMHpOak0wT0RJeEhEQWFCZ2txaGtpRzl3MEJDUUVXCkRXbHVabTlBYjJ0MFlTNWpiMjB3SGhjTk1UY3dOakUxTURRME9UQTRXaGNOTWpjd05qRTFNRFExTURBNFdqQ0JrakVMTUFrR0ExVUUKQmhNQ1ZWTXhFekFSQmdOVkJBZ01Da05oYkdsbWIzSnVhV0V4RmpBVUJnTlZCQWNNRFZOaGJpQkdjbUZ1WTJselkyOHhEVEFMQmdOVgpCQW9NQkU5cmRHRXhGREFTQmdOVkJBc01DMU5UVDFCeWIzWnBaR1Z5TVJNd0VRWURWUVFEREFwa1pYWXRNell6TkRneU1Sd3dHZ1lKCktvWklodmNOQVFrQkZnMXBibVp2UUc5cmRHRXVZMjl0TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUEKaU8zWUhBQ0FkV2tHMnBHWlF1d3RBUFRMcTdUVU9XQjBaZ0MydlNWQmdZV1o1anV1VWVJamk0d2gremZhSE1YaVplL3dmRmdDNGw2ZgpQYjQwTHc3ZjVTdXIzOUoxdkViOEVpRjNxVXd2TWJSSUZveFBzRndyZ2NmRG9LWUJjVHg0VlFIVS9yaWcwMlZTK25qemFxQkw5ZTBSCm55Vm9pNVViMXllV1RTcTcyOFY3TkRIVUxtM2dZSE1hTHF6Ti96N0lQNjRYcXFTTXBFRTJseWVlY2lqdDJKZFlrU3A4NWFsNW8zd1EKUjVqOFZyNlJjQnRkMTJrb2dnaWNkTHFLOVJidmc0dWxqU2s5Z0d1Rll2TncrMlNFUCtrN2RidVQrdWlpZThtd0xGa3doY09HTFpXWQpEbUdQcnU3Nlp4VHB1U1BBZW5JWE1SYmVUSXVqbXVHeitxWmNDd0lEQVFBQk1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQlhNTjJtCktNY1ZEVnhpYzl6aTBMWURKSU16WmtSMGpRMjBrc3JLU3ZvK2RGdEFtQUZzSTI5dllZMld2YS9zZHdiVkNLSHFmSEtMUzUxQ0lWRncKUEx4em1xdFplUjdXVEFhYzIzV2VGdEpUU2w4MjRCdldnVzF6cjVFWVJYcjRKdkVaRmMwa3dnQ2xkelFUME53Wkc0MGVXWDJJZDBuWgptakl4Zk5OdXVIN2xWWE1LNnlYQ3hhOC9qRi9FdW93YUU2RFMrWkgxMi9JTmRsOE84dTJaaTJ2MjN0b3ZOck1FczRhN2RPSU5IV3FoCjh2UGd4S0ZrVDJEcGN6NHJ5M3ZTNGFkKzlreUZLNnl2dEZQeE04WXFIRlQyb2pqZFZKM0lBSnY4T1BJaTIyandNQnUrTS9YbDY4SWIKWUlKM1BYbXhTWHNEeDkwNFQwaVFTbnlpK0cya2xZNWw8L2RzOlg1MDlDZXJ0aWZpY2F0ZT48L2RzOlg1MDlEYXRhPjwvZHM6S2V5SW5mbz48L2RzOlNpZ25hdHVyZT48c2FtbDI6U3ViamVjdCB4bWxuczpzYW1sMj0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI+PHNhbWwyOk5hbWVJRCBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OnVuc3BlY2lmaWVkIj5mYWtlQGZha2UubmV0PC9zYW1sMjpOYW1lSUQ+PHNhbWwyOlN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj48c2FtbDI6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgSW5SZXNwb25zZVRvPSJfZTNlZjE5MGY0Mzk5OWI2YmMxNzQwMzhiMzU0NTgwOWVkYWFiOTMyN2I2IiBOb3RPbk9yQWZ0ZXI9IjIwMTgtMDUtMDdUMjE6NDQ6MjMuNjEzWiIgUmVjaXBpZW50PSJodHRwczovL2dyYXBlL3NpbXBsZXNhbWwvbW9kdWxlLnBocC9zYW1sL3NwL3NhbWwyLWFjcy5waHAvZGVmYXVsdC1zcCIvPjwvc2FtbDI6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWwyOlN1YmplY3Q+PHNhbWwyOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDE4LTA1LTA3VDIxOjM0OjIzLjYxM1oiIE5vdE9uT3JBZnRlcj0iMjAxOC0wNS0wN1QyMTo0NDoyMy42MTNaIiB4bWxuczpzYW1sMj0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI+PHNhbWwyOkF1ZGllbmNlUmVzdHJpY3Rpb24+PHNhbWwyOkF1ZGllbmNlPmh0dHBzOi8vZ3JhcGUvc2ltcGxlc2FtbC9tb2R1bGUucGhwL3NhbWwvc3AvbWV0YWRhdGEucGhwL2RlZmF1bHQtc3A8L3NhbWwyOkF1ZGllbmNlPjwvc2FtbDI6QXVkaWVuY2VSZXN0cmljdGlvbj48L3NhbWwyOkNvbmRpdGlvbnM+PHNhbWwyOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxOC0wNS0wN1QyMTozODoyNi4zMzRaIiBTZXNzaW9uSW5kZXg9Il9lM2VmMTkwZjQzOTk5YjZiYzE3NDAzOGIzNTQ1ODA5ZWRhYWI5MzI3YjYiIHhtbG5zOnNhbWwyPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj48c2FtbDI6QXV0aG5Db250ZXh0PjxzYW1sMjpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZFByb3RlY3RlZFRyYW5zcG9ydDwvc2FtbDI6QXV0aG5Db250ZXh0Q2xhc3NSZWY+PC9zYW1sMjpBdXRobkNvbnRleHQ+PC9zYW1sMjpBdXRoblN0YXRlbWVudD48c2FtbDI6QXR0cmlidXRlU3RhdGVtZW50IHhtbG5zOnNhbWwyPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj48c2FtbDI6QXR0cmlidXRlIE5hbWU9IkVtYWlsQWRkcmVzcyIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDp1bnNwZWNpZmllZCI+PHNhbWwyOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+ZmFrZUBmYWtlLm5ldDwvc2FtbDI6QXR0cmlidXRlVmFsdWU+PC9zYW1sMjpBdHRyaWJ1dGU+PC9zYW1sMjpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PC9zYW1sMjpBc3NlcnRpb24+PC9zYW1sMnA6UmVzcG9uc2U+";
string oktaSample2 = "PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c2FtbDJwOlJlc3BvbnNlIHhtbG5zOnNhbWwycD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9ncmFwZS9zaW1wbGVzYW1sL21vZHVsZS5waHAvc2FtbC9zcC9zYW1sMi1hY3MucGhwL2RlZmF1bHQtc3AiIElEPSJpZDU4OTYwNjQ2MTQ4OTI3MTkxNDQ4MTk0NTU2IiBJblJlc3BvbnNlVG89Il9lM2VmMTkwZjQzOTk5YjZiYzE3NDAzOGIzNTQ1ODA5ZWRhYWI5MzI3YjYiIElzc3VlSW5zdGFudD0iMjAxOC0wNS0wN1QyMTozOToyMy42MTNaIiBWZXJzaW9uPSIyLjAiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSI+PHNhbWwyOklzc3VlciB4bWxuczpzYW1sMj0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6bmFtZWlkLWZvcm1hdDplbnRpdHkiPmh0dHA6Ly93d3cub2t0YS5jb20vZXhrZXhxMmRteVE0c3ptTWgwaDc8L3NhbWwyOklzc3Vlcj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj48ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2Ii8+PGRzOlJlZmVyZW5jZSBVUkk9IiNpZDU4OTYwNjQ2MTQ5MzI0MjY4MTYzMjQ3OTYiPjxkczpUcmFuc2Zvcm1zPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiPjxlYzpJbmNsdXNpdmVOYW1lc3BhY2VzIHhtbG5zOmVjPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiIFByZWZpeExpc3Q9InhzIi8+PC9kczpUcmFuc2Zvcm0+PC9kczpUcmFuc2Zvcm1zPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGVuYyNzaGEyNTYiLz48ZHM6RGlnZXN0VmFsdWU+OFN4a1A5MDNhRk5XcUNkUTYxTUJDWGErZVMrelNBM0U3ZVN3NGxoVHRTST08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU+YURtOEx0bHE1VFVFaUJDMnp2eUlzSzREejF0aDZ6KzhNeXdWSEFiWElCNEg0bGIrL0VUd2VCamJJZkxQNytsdUVSbjFGZ1Y4NWpEQkpCNXpBK294c0UvVVZpMnBpdUZqTHdkOVhtTno3SVNhYlZqU09qZEd0Q0o1SGJPM2RIaXEvd0E4OGpTOWlDaHJFS2J5c2V6N2RzRXFEOHMrekJKS2tvY294ajlCUmIrMHJ0L25uaWNuK1dqWVdHRjRWdnZTdGl3V2NHWitGSjZxZ3ZwY1hJUFNrSWt2ZXY3N1g0R2ljWTk5eFNVNHlkTnVGZlg3c2kvMytVRWs3T3BDbzJnQ1poOUpxcEZmTlNxNzFkYWQ1QkRENHMyNTVvaWRhSjIrRTcwWTVLVmI3bWNFNHJmNkVCcUd6ZlpIYUZZZ0xzZnpOS2wxc05CT3lubHFlVXhvMVNDcStBPT08L2RzOlNpZ25hdHVyZVZhbHVlPjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSURwRENDQW95Z0F3SUJBZ0lHQVZ5cUZsRmdNQTBHQ1NxR1NJYjNEUUVCQ3dVQU1JR1NNUXN3Q1FZRFZRUUdFd0pWVXpFVE1CRUcNCkExVUVDQXdLUTJGc2FXWnZjbTVwWVRFV01CUUdBMVVFQnd3TlUyRnVJRVp5WVc1amFYTmpiekVOTUFzR0ExVUVDZ3dFVDJ0MFlURVUNCk1CSUdBMVVFQ3d3TFUxTlBVSEp2ZG1sa1pYSXhFekFSQmdOVkJBTU1DbVJsZGkwek5qTTBPREl4SERBYUJna3Foa2lHOXcwQkNRRVcNCkRXbHVabTlBYjJ0MFlTNWpiMjB3SGhjTk1UY3dOakUxTURRME9UQTRXaGNOTWpjd05qRTFNRFExTURBNFdqQ0JrakVMTUFrR0ExVUUNCkJoTUNWVk14RXpBUkJnTlZCQWdNQ2tOaGJHbG1iM0p1YVdFeEZqQVVCZ05WQkFjTURWTmhiaUJHY21GdVkybHpZMjh4RFRBTEJnTlYNCkJBb01CRTlyZEdFeEZEQVNCZ05WQkFzTUMxTlRUMUJ5YjNacFpHVnlNUk13RVFZRFZRUUREQXBrWlhZdE16WXpORGd5TVJ3d0dnWUoNCktvWklodmNOQVFrQkZnMXBibVp2UUc5cmRHRXVZMjl0TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUENCmlPM1lIQUNBZFdrRzJwR1pRdXd0QVBUTHE3VFVPV0IwWmdDMnZTVkJnWVdaNWp1dVVlSWppNHdoK3pmYUhNWGlaZS93ZkZnQzRsNmYNClBiNDBMdzdmNVN1cjM5SjF2RWI4RWlGM3FVd3ZNYlJJRm94UHNGd3JnY2ZEb0tZQmNUeDRWUUhVL3JpZzAyVlMrbmp6YXFCTDllMFINCm55Vm9pNVViMXllV1RTcTcyOFY3TkRIVUxtM2dZSE1hTHF6Ti96N0lQNjRYcXFTTXBFRTJseWVlY2lqdDJKZFlrU3A4NWFsNW8zd1ENClI1ajhWcjZSY0J0ZDEya29nZ2ljZExxSzlSYnZnNHVsalNrOWdHdUZZdk53KzJTRVArazdkYnVUK3VpaWU4bXdMRmt3aGNPR0xaV1kNCkRtR1BydTc2WnhUcHVTUEFlbklYTVJiZVRJdWptdUd6K3FaY0N3SURBUUFCTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFCWE1OMm0NCktNY1ZEVnhpYzl6aTBMWURKSU16WmtSMGpRMjBrc3JLU3ZvK2RGdEFtQUZzSTI5dllZMld2YS9zZHdiVkNLSHFmSEtMUzUxQ0lWRncNClBMeHptcXRaZVI3V1RBYWMyM1dlRnRKVFNsODI0QnZXZ1cxenI1RVlSWHI0SnZFWkZjMGt3Z0NsZHpRVDBOd1pHNDBlV1gySWQwbloNCm1qSXhmTk51dUg3bFZYTUs2eVhDeGE4L2pGL0V1b3dhRTZEUytaSDEyL0lOZGw4Tzh1MlppMnYyM3Rvdk5yTUVzNGE3ZE9JTkhXcWgNCjh2UGd4S0ZrVDJEcGN6NHJ5M3ZTNGFkKzlreUZLNnl2dEZQeE04WXFIRlQyb2pqZFZKM0lBSnY4T1BJaTIyandNQnUrTS9YbDY4SWINCllJSjNQWG14U1hzRHg5MDRUMGlRU255aStHMmtsWTVsPC9kczpYNTA5Q2VydGlmaWNhdGU+PC9kczpYNTA5RGF0YT48L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+PHNhbWwycDpTdGF0dXMgeG1sbnM6c2FtbDJwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiPjxzYW1sMnA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1sMnA6U3RhdHVzPjxzYW1sMjpBc3NlcnRpb24geG1sbnM6c2FtbDI9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIElEPSJpZDU4OTYwNjQ2MTQ5MzI0MjY4MTYzMjQ3OTYiIElzc3VlSW5zdGFudD0iMjAxOC0wNS0wN1QyMTozOToyMy42MTNaIiBWZXJzaW9uPSIyLjAiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSI+PHNhbWwyOklzc3VlciBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OmVudGl0eSIgeG1sbnM6c2FtbDI9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPmh0dHA6Ly93d3cub2t0YS5jb20vZXhrZXhxMmRteVE0c3ptTWgwaDc8L3NhbWwyOklzc3Vlcj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj48ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2Ii8+PGRzOlJlZmVyZW5jZSBVUkk9IiNpZDU4OTYwNjQ2MTQ4OTI3MTkxNDQ4MTk0NTU2Ij48ZHM6VHJhbnNmb3Jtcz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmUiLz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIj48ZWM6SW5jbHVzaXZlTmFtZXNwYWNlcyB4bWxuczplYz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIiBQcmVmaXhMaXN0PSJ4cyIvPjwvZHM6VHJhbnNmb3JtPjwvZHM6VHJhbnNmb3Jtcz48ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjc2hhMjU2Ii8+PGRzOkRpZ2VzdFZhbHVlPlVZMEM3dStaWm1RY1FCZGJmRmZhYmlRd2dTTHVXQjJYby9TVWZrZ3EyNzA9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48L2RzOlNpZ25lZEluZm8+PGRzOlNpZ25hdHVyZVZhbHVlPkZPZW9jUDNJQmh3a1dncklETDRGTjVUbFJNT3NkbjRRVFdJVzd1dTlJeXpxUFdGa3R5MzZtamc0d3dzTmFpVWc5UVV5OEl5TVNud1VMN05Sa3l5T0tqRFZEWnZCazVwVjRNUmdtSXI5K2xhdVVSc09iQy8rODNtdkEzTFBaa01SRGU3YTBET0NibENldU1ESE9lM0VZVWp1cExRSnFhb0xyc0xySlJISGxXVVI1aGZyYTJLb2NCZHhydHRyM2lvNXdNcTBrdkdvdU56ays3a3k3aVUzNEJvZjl0YzBkanRaRTRpalJhaTVQZDMwakloY3hqYlN6cDFXWG5JVit4OU8vY3czamJESFZiM0FsQjIvSjJiMXhqMFZ4YWlFdTlFMFBuem1Gc05MZkFYL3RjMy9DeU1PdkFsQ1g0TldRRjNIUGgrc1hvNEwyOUJpWjJ4MWU0aXBkdz09PC9kczpTaWduYXR1cmVWYWx1ZT48ZHM6S2V5SW5mbz48ZHM6WDUwOURhdGE+PGRzOlg1MDlDZXJ0aWZpY2F0ZT5NSUlEcERDQ0FveWdBd0lCQWdJR0FWeXFGbEZnTUEwR0NTcUdTSWIzRFFFQkN3VUFNSUdTTVFzd0NRWURWUVFHRXdKVlV6RVRNQkVHDQpBMVVFQ0F3S1EyRnNhV1p2Y201cFlURVdNQlFHQTFVRUJ3d05VMkZ1SUVaeVlXNWphWE5qYnpFTk1Bc0dBMVVFQ2d3RVQydDBZVEVVDQpNQklHQTFVRUN3d0xVMU5QVUhKdmRtbGtaWEl4RXpBUkJnTlZCQU1NQ21SbGRpMHpOak0wT0RJeEhEQWFCZ2txaGtpRzl3MEJDUUVXDQpEV2x1Wm05QWIydDBZUzVqYjIwd0hoY05NVGN3TmpFMU1EUTBPVEE0V2hjTk1qY3dOakUxTURRMU1EQTRXakNCa2pFTE1Ba0dBMVVFDQpCaE1DVlZNeEV6QVJCZ05WQkFnTUNrTmhiR2xtYjNKdWFXRXhGakFVQmdOVkJBY01EVk5oYmlCR2NtRnVZMmx6WTI4eERUQUxCZ05WDQpCQW9NQkU5cmRHRXhGREFTQmdOVkJBc01DMU5UVDFCeWIzWnBaR1Z5TVJNd0VRWURWUVFEREFwa1pYWXRNell6TkRneU1Sd3dHZ1lKDQpLb1pJaHZjTkFRa0JGZzFwYm1adlFHOXJkR0V1WTI5dE1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBDQppTzNZSEFDQWRXa0cycEdaUXV3dEFQVExxN1RVT1dCMFpnQzJ2U1ZCZ1lXWjVqdXVVZUlqaTR3aCt6ZmFITVhpWmUvd2ZGZ0M0bDZmDQpQYjQwTHc3ZjVTdXIzOUoxdkViOEVpRjNxVXd2TWJSSUZveFBzRndyZ2NmRG9LWUJjVHg0VlFIVS9yaWcwMlZTK25qemFxQkw5ZTBSDQpueVZvaTVVYjF5ZVdUU3E3MjhWN05ESFVMbTNnWUhNYUxxek4vejdJUDY0WHFxU01wRUUybHllZWNpanQySmRZa1NwODVhbDVvM3dRDQpSNWo4VnI2UmNCdGQxMmtvZ2dpY2RMcUs5UmJ2ZzR1bGpTazlnR3VGWXZOdysyU0VQK2s3ZGJ1VCt1aWllOG13TEZrd2hjT0dMWldZDQpEbUdQcnU3Nlp4VHB1U1BBZW5JWE1SYmVUSXVqbXVHeitxWmNDd0lEQVFBQk1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQlhNTjJtDQpLTWNWRFZ4aWM5emkwTFlESklNelprUjBqUTIwa3NyS1N2bytkRnRBbUFGc0kyOXZZWTJXdmEvc2R3YlZDS0hxZkhLTFM1MUNJVkZ3DQpQTHh6bXF0WmVSN1dUQWFjMjNXZUZ0SlRTbDgyNEJ2V2dXMXpyNUVZUlhyNEp2RVpGYzBrd2dDbGR6UVQwTndaRzQwZVdYMklkMG5aDQptakl4Zk5OdXVIN2xWWE1LNnlYQ3hhOC9qRi9FdW93YUU2RFMrWkgxMi9JTmRsOE84dTJaaTJ2MjN0b3ZOck1FczRhN2RPSU5IV3FoDQo4dlBneEtGa1QyRHBjejRyeTN2UzRhZCs5a3lGSzZ5dnRGUHhNOFlxSEZUMm9qamRWSjNJQUp2OE9QSWkyMmp3TUJ1K00vWGw2OEliDQpZSUozUFhteFNYc0R4OTA0VDBpUVNueWkrRzJrbFk1bDwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjwvZHM6U2lnbmF0dXJlPjxzYW1sMjpTdWJqZWN0IHhtbG5zOnNhbWwyPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj48c2FtbDI6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6dW5zcGVjaWZpZWQiPmZha2VAZmFrZS5uZXQ8L3NhbWwyOk5hbWVJRD48c2FtbDI6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sMjpTdWJqZWN0Q29uZmlybWF0aW9uRGF0YSBJblJlc3BvbnNlVG89Il9lM2VmMTkwZjQzOTk5YjZiYzE3NDAzOGIzNTQ1ODA5ZWRhYWI5MzI3YjYiIE5vdE9uT3JBZnRlcj0iMjAxOC0wNS0wN1QyMTo0NDoyMy42MTNaIiBSZWNpcGllbnQ9Imh0dHBzOi8vZ3JhcGUvc2ltcGxlc2FtbC9tb2R1bGUucGhwL3NhbWwvc3Avc2FtbDItYWNzLnBocC9kZWZhdWx0LXNwIi8+PC9zYW1sMjpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDI6U3ViamVjdD48c2FtbDI6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTgtMDUtMDdUMjE6MzQ6MjMuNjEzWiIgTm90T25PckFmdGVyPSIyMDE4LTA1LTA3VDIxOjQ0OjIzLjYxM1oiIHhtbG5zOnNhbWwyPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj48c2FtbDI6QXVkaWVuY2VSZXN0cmljdGlvbj48c2FtbDI6QXVkaWVuY2U+aHR0cHM6Ly9ncmFwZS9zaW1wbGVzYW1sL21vZHVsZS5waHAvc2FtbC9zcC9tZXRhZGF0YS5waHAvZGVmYXVsdC1zcDwvc2FtbDI6QXVkaWVuY2U+PC9zYW1sMjpBdWRpZW5jZVJlc3RyaWN0aW9uPjwvc2FtbDI6Q29uZGl0aW9ucz48c2FtbDI6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDE4LTA1LTA3VDIxOjM4OjI2LjMzNFoiIFNlc3Npb25JbmRleD0iX2UzZWYxOTBmNDM5OTliNmJjMTc0MDM4YjM1NDU4MDllZGFhYjkzMjdiNiIgeG1sbnM6c2FtbDI9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPjxzYW1sMjpBdXRobkNvbnRleHQ+PHNhbWwyOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkUHJvdGVjdGVkVHJhbnNwb3J0PC9zYW1sMjpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWwyOkF1dGhuQ29udGV4dD48L3NhbWwyOkF1dGhuU3RhdGVtZW50PjxzYW1sMjpBdHRyaWJ1dGVTdGF0ZW1lbnQgeG1sbnM6c2FtbDI9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPjxzYW1sMjpBdHRyaWJ1dGUgTmFtZT0iRW1haWxBZGRyZXNzIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OnVuc3BlY2lmaWVkIj48c2FtbDI6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5mYWtlQGZha2UubmV0PC9zYW1sMjpBdHRyaWJ1dGVWYWx1ZT48L3NhbWwyOkF0dHJpYnV0ZT48L3NhbWwyOkF0dHJpYnV0ZVN0YXRlbWVudD48L3NhbWwyOkFzc2VydGlvbj48L3NhbWwycDpSZXNwb25zZT4=";
Debug.WriteLine(MyXml2.isValidSignature(oktaSample, oktaKey)); // prints -2
Debug.WriteLine(MyXml2.isValidSignature(oktaSample2, oktaKey)); // prints -2
最佳答案
安德鲁!我肯定会回答你的很多问题。
好的,首先,第二个示例将无法运行,因为您以签名不匹配的方式修改了 XML。
因此,根据有关调试此代码的谷歌搜索提示,我偶然发现了 this page其中描述了如何查看 SignedXml 的日志记录。关键是将其添加到标签下的 App.config 中:
<system.diagnostics>
<sources>
<source name="System.Security.Cryptography.Xml.SignedXml" switchName="XmlDsigLogSwitch">
<listeners>
<add name="logFile" />
</listeners>
</source>
</sources>
<switches>
<add name="XmlDsigLogSwitch" value="Verbose" />
</switches>
<sharedListeners>
<add name="logFile" type="System.Diagnostics.TextWriterTraceListener" initializeData="XmlDsigLog.txt"/>
</sharedListeners>
<trace autoflush="true">
<listeners>
<add name="logFile" />
</listeners>
</trace>
</system.diagnostics>
从这个和您的代码中,我能够推断出第二个签名的规范化工作不正常。具体来说,它无法删除签名标签本身。这对于验证签名很重要,因为签名本身不是签名信息的一部分。如果是的话,你会在这里直到太阳熄灭,试图找到一个包含它自己的签名。
现在我相信这是 C# 实现中的错误,但我不像编写 C# 的人那么聪明,所以我可能是错的。但这里有一个解决方法。我添加了我自己的扩展 XmlDsigExcC14NTransform 的类,这是几个 Google 结果建议的,但问题略有不同。在该类的 LoadInput 方法中,我删除了该节点。从那里开始,一切顺利!
public class SigKillXmlDsigExcC14NTransform : XmlDsigExcC14NTransform
{
public SigKillXmlDsigExcC14NTransform() { }
public override void LoadInput(Object obj)
{
XmlElement root = ((XmlDocument)obj).DocumentElement;
NameTable nt = new NameTable();
XmlNamespaceManager nsmgr = new XmlNamespaceManager(nt);
nsmgr.AddNamespace("ds", "http://www.w3.org/2000/09/xmldsig#");
XmlNodeList childSignatures = root.SelectNodes("./ds:Signature", nsmgr);
// Sometimes C# fails to remove the child node. Let's hold his hand and do it for him.
foreach (XmlNode oneChild in childSignatures)
{
oneChild.ParentNode.RemoveChild(oneChild);
}
base.LoadInput(obj);
}
}
从那里向原始代码添加一行,其余部分保持不变。
CryptoConfig.AddAlgorithm(typeof(SigKillXmlDsigExcC14NTransform), "http://www.w3.org/2001/10/xml-exc-c14n#");
现在第一个例子成功了!
关于c# - 使用多个签名在 C# 中验证签名的 XML,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/50256810/
在 JSF2 应用程序中遇到验证属性的问题时,有两种主要方法。 使用 Annotation 在 ManagedBean 上定义验证 @ManagedBean public class MyBean {
我想实现一个不常见的功能,我认为 jquery 验证插件将是最好的方法(如果您在没有插件的情况下建议和回答,我们也会欢迎)。我想在用户在输入字段中输入正确的单词后立即隐藏表单。我试过这个: $("
我有几个下拉菜单(类名为month_dropdown),并且下拉菜单的数量不是恒定的。我怎样才能为它们实现 NotEqual 验证。我正在使用 jQuery 验证插件。 这就是我写的 - jQuery
我设法制作了这个网址验证代码并且它起作用了。但我面临着一个问题。我认为 stackoverflow 是获得解决方案的最佳场所。 function url_followers(){ var url=do
我目前正在使用后端服务,该服务允许用户在客户端应用程序上使用 Google Games 库登录。 用户可以通过他们的 gplay ID 向我们发送信息,以便登录或恢复旧帐户。用户向我们发送以下内容,包
我正在尝试验证输入以查看它是否是有效的 IP 地址(可能是部分地址)。 可接受的输入:172、172.112、172.112.113、172.112.113.114 Not Acceptable 输入
我从 Mongoose 验证中得到这条消息: 'Validator failed for path phone with value ``' 这不应该发生,因为不需要电话。 这是我的模型架构: var
我一直在尝试使用Python-LDAP (版本 2.4.19)在 MacOS X 10.9.5 和 Python 2.7.9 下 我想在调用 .start_tls_s() 后验证与给定 LDAP 服务
我正在处理一个仅与 IE6 兼容的旧 javascript 项目(抱歉...),我想仅在 VS 2017 中禁用此项目的 ESLint/CSLint/Javascript 验证/CSS 验证。 我知道
我正在寻找一种方法来验证 Spring 命令 bean 中的 java.lang.Double 字段的最大值和最小值(一个值必须位于给定的值范围之间),例如, public final class W
我正在尝试在 springfuse(JavaEE 6 + Spring Framework (针对 Jetty、Tomcat、JBoss 等)) 和 maven 的帮助下构建我的 webapps 工作
我试图在我们的项目中使用 scalaz 验证,但遇到了以下情况: def rate(username: String, params: Map[String, String]): Validation
我有一个像这样的 Yaml 文件 name: hhh_aaa_bbb arguments: - !argument name: inputsss des
我有一个表单,人们可以单击并向表单添加字段,并且我需要让它在单击时验证这些字段中的值。 假设我单击它两次并获取 2 个独立的字段集,我需要旋转 % 以确保它在保存时等于 100。 我已放入此函数以使其
在我的页面中有一个选项可以创建新的日期字段输入框。用户可以根据需要创建尽可能多的“截止日期”和“起始日期”框。就像, 日期_to1 || date_from1 日期到2 ||日期_from2 date
我有一个像这样的 Yaml 文件 name: hhh_aaa_bbb arguments: - !argument name: inputsss des
有没有办法在动态字段上使用 jquery 验证表单。 我想将其设置为必填字段 我正在使用 Jsp 动态创建表单字段。 喜欢 等等...... 我想使用必需的表单字段验证此表单字段。 最佳答
嗨,任何人都可以通过提供 JavaScript 代码来帮助我验证用户名文本框不应包含数字,它只能包含一个字符。 最佳答案 使用正则表达式: (\d)+ 如果找到匹配项,则字符串中就有一个数字。 关于J
我有两个输入字段holidayDate和Description(id=tags) $(document).ready(function() {
我遇到了这个问题,这些验证从电子邮件验证部分开始就停止工作。 我只是不明白为什么即使经过几天的观察,只是想知道是否有人可以在这里指出我的错误? Javascript部分: function valid
我是一名优秀的程序员,十分优秀!