Okta PySAML2示例：如何解决“ SignatureError：无法验证签名”？

Question

我正在Windows 10和Python 2.7.8上尝试使用此示例（https://developer.okta.com/code/python/pysaml2）。

我遇到了很多问题，并且解决了很多问题，但是我对如何解决这个问题一无所知。

在Okta登录表单上输入电子邮件地址和密码后，出现“ _check_signature提高SignatureError（“验证签名失败”）“错误。

有人提到PySAML2无法找到xmlsec1。我正在使用https://www.zlatkovic.com/pub/libxml/中的Windows二进制文件（libxmlsec-1.2.18.win32）。 get_xmlsec_binary（）返回正确的路径和文件名-xmlsec.exe。我猜这部分没问题，因为它找到了正确的二进制文件。

但是，我在示例中注意到path.sh文件。看起来该文件用于设置LD_LIBRARY_PATH和PATH。我正在设置PATH值，以包括已经具有xmlsec.exe文件的目录。我也应该设置LD_LIBRARY_PATH吗？如果有必要，我需要设置什么值？另外，在Windows环境中进行设置的最合适方法是什么？

我在这里很失落，任何人都可以看到这个吗？

下面是错误消息。

ERROR:saml2.sigver:check_sig: 
ERROR:saml2.entity:Signature Error: Failed to verify signature
ERROR:saml2.client_base:XML parse error: Failed to verify signature
INFO:werkzeug:127.0.0.1 - - [11/Dec/2018 19:37:03] "POST /saml/sso/example-okta-com HTTP/1.1" 500 -
Traceback (most recent call last):
  File "D:\PyProj\Okta_Study\Okta_V\lib\site-packages\flask\app.py", line 2309, in __ call __
    return self.wsgi_app(environ, start_response)

  File "D:\PyProj\Okta_Study\Okta_V\lib\site-packages\flask\app.py", line 2295, in wsgi_app
    response = self.handle_exception(e)

  File "D:\PyProj\Okta_Study\Okta_V\lib\site-packages\flask\app.py", line 1741, in handle_exception
    reraise(exc_type, exc_value, tb)

  File "D:\PyProj\Okta_Study\Okta_V\lib\site-packages\flask\app.py", line 2292, in wsgi_app
    response = self.full_dispatch_request()

  File "D:\PyProj\Okta_Study\Okta_V\lib\site-packages\flask\app.py", line 1815, in full_dispatch_request
    rv = self.handle_user_exception(e)

  File "D:\PyProj\Okta_Study\Okta_V\lib\site-packages\flask\app.py", line 1718, in handle_user_exception
    reraise(exc_type, exc_value, tb)

  File "D:\PyProj\Okta_Study\Okta_V\lib\site-packages\flask\app.py", line 1813, in full_dispatch_request
    rv = self.dispatch_request()

  File "D:\PyProj\Okta_Study\Okta_V\lib\site-packages\flask\app.py", line 1799, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)

  File "D:\PyProj\Okta_Study\okta-pysaml2-example-master\app.py", line 166, in idp_initiated
    entity.BINDING_HTTP_POST)

  File "D:\PyProj\Okta_Study\Okta_V\lib\site-packages\saml2\client_base.py", line 599, in parse_authn_request_response
    binding, **kwargs)

  File "D:\PyProj\Okta_Study\Okta_V\lib\site-packages\saml2\entity.py", line 1137, in _parse_response
    response = response.loads(xmlstr, False, origxml=origxml)

  File "D:\PyProj\Okta_Study\Okta_V\lib\site-packages\saml2\response.py", line 510, in loads
    self._loads(xmldata, decode, origxml)

  File "D:\PyProj\Okta_Study\Okta_V\lib\site-packages\saml2\response.py", line 335, in _loads
    **args)

  File "D:\PyProj\Okta_Study\Okta_V\lib\site-packages\saml2\sigver.py", line 1743, in correctly_signed_response
    class_name(response), origdoc)

  File "D:\PyProj\Okta_Study\Okta_V\lib\site-packages\saml2\sigver.py", line 1558, in _check_signature
    raise SignatureError("Failed to verify signature")

SignatureError: Failed to verify signature

INFO:werkzeug:127.0.0.1 - - [11/Dec/2018 19:37:03] "GET /saml/sso/example-okta-com?__ debugger __=yes&cmd=resource&f=style.css HTTP/1.1" 200 -

INFO:werkzeug:127.0.0.1 - - [11/Dec/2018 19:37:03] "GET /saml/sso/example-okta-com?__ debugger __=yes&cmd=resource&f=jquery.js HTTP/1.1" 200 -

INFO:werkzeug:127.0.0.1 - - [11/Dec/2018 19:37:03] "GET /saml/sso/example-okta-com?__ debugger __=yes&cmd=resource&f=debugger.js HTTP/1.1" 200 -

INFO:werkzeug:127.0.0.1 - - [11/Dec/2018 19:37:04] "GET /saml/sso/example-okta-com?__ debugger __=yes&cmd=resource&f=ubuntu.ttf HTTP/1.1" 200 -

INFO:werkzeug:127.0.0.1 - - [11/Dec/2018 19:37:04] "GET /saml/sso/example-okta-com?__ debugger __=yes&cmd=resource&f=console.png HTTP/1.1" 200 -