Add possibility to check the SAML signing cert's fingerprint (!5) · Merge requests · Center for Research Data Management / CRDM SATOSA Setup

Moser, Maximilian requested to merge mm/updates into main Apr 03, 2024

this introduces another layer of security, especially for when the signing key is fetched from a URL
adapted from the suggestion made by Peter Brand
abort if the fingerprint is defined and doesn't match the calculated value
complain if no fingerprint is specified and the certificate is fetched from a URL (but keep quiet if it's a local file)

Add possibility to check the SAML signing cert's fingerprint