(no title)

We patched the gosaml2 (and other go saml libraries), by ensuring only the authenticated bytes are processed (not the original XML document). You can see the patches here: https://github.com/russellhaering/goxmldsig/commit/e1c8a5b89... https://github.com/russellhaering/gosaml2/commit/99574489327...

> I just wrote my own for my SAML.

Curious to see your implementation for SAML and XML Signatures.

[1]: https://bsky.app/profile/filippo.abyssdomain.expert/post/3le...