Signature error with xmlsec on Windows

[senenpalanca97]

I am working with django_saml2_auth to set up a SSO Login on Django. I have installed the xmlsec library from this link and everything seems correct but when testing the endpoint with Azure it throws this error:

check_sig: ['C:\\Users\\user\\code\\project-backend\\env\\Scripts\\xmlsec.exe', '--verify', '--enabled-reference-uris', 'empty,same-doc', '--enabled-key-data', 'raw-x509-cert', '--pubkey-cert-pem', 'C:\\Users\\user\\AppData\\Local\\Temp\\tmpg9oixidy.pem', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'xxxxxxx', '--output', 'C:\\Users\\user\\AppData\\Local\\Temp\\tmp4q_a_mb0.xml', 'C:\\Users\\user\\AppData\\Local\\Temp\\tmpybj2a3vf.xml']
correctly_signed_response: Failed to verify signature
Signature Error: Failed to verify signature
XML parse error: Failed to verify signature
Internal Server Error: /sso/acs/
Internal Server Error: /sso/acs/

I've tried it on a Unix system and It works fine.

[natehawkboss]

My guess is that this is an underlying issue with pysaml2 that has been outstanding since 2020. It has to do with the use of NamedTemporaryFile. See this PR for a proposed fix that has not been implemented as far as I can tell.

Here is the fork with the fix https://github.com/theunraveler/pysaml2/tree/windows_namedtemporaryfile. I can't guarantee that it is fixed.