ITfoxtec.Identity.Saml2 library - is there a way to ignore invalid SAML signatures?

I'm using the ITfoxtec.Identity.Saml2 library to add SSO to a service.

I have a use-case where I'd like to ignore errors caused by expired certificates when accepting SAML requests. At the moment I get an exception, "Signature is invalid".

Is this possible? If so, how? I've had a look through the library's source and can see there are some signature-checking methods that take a "bool validate" parameter, but I've not been able to figure out if it's ultimately possible to do what I want via the API.

Solution

The signature is not validated on read where the "bool validate" parameter is used. The signature validation can not be disabled or changed. Unless you make some code changes.

SAML response signatures are always validated
How do you transform SAML 2 claims to readable values?
Getting part of a SAML object in c#
Require NSIS High in Authn Request
Tracing a call to a controller in .NET
AADSTS900235: SAML authentication request's RequestedAuthenticationContext Comparison value must be 'exact'. Received value: 'Minimum'
Why can't I get my ASP.NET web app to work with IT FoxTec SAML?
How can I watch a package called ITFoxTec and figure out how it's being called?
ITfoxtec.Identity.Saml2 library - is there a way to ignore invalid SAML signatures?
ITfoxtec.Identity.Saml2 Saml2LogoutRequest - NameQualifier and SPNameQualifier come up empty
ITfoxtec.Identity.Saml2 library hanging when fetching IdP metadata
Using multiple Id providers with ITfoxtec Identity SAML 2 library
SAML SSO: Avoid the "Pick an account" dialog
"A certificate chain could not be built to a trusted root authority." after upgrade to .NET 8
Metadata generation to include Organization details
itfoxtec-identity-saml2 Assertion Consumer Service Exception
Use ITfoxtec.Identity.Saml2 to login user
Is there a sample using ITfoxtec.Identity.Saml2 that implements integration with NemLog-in with logging and back-channel single logout?
Parsing Same Key Multi Value SAML2 claims using ITfoxtec.Identity.Saml2
What is required for Single Log Out with Okta using ITFoxtec.Identity.Saml2?
ArtifactResolve signed twice
Not HTTP POST Method in SingleLogOut Request
Can ITfoxtec SAML2 supprot multiple IdPs?
ITfoxtec SAML 4.8.8: Completely ignore validation of AuthnContext
AuthnRequest not being signed
There is no NameId in User Claims for performing Single Logout
ITfoxtec SAML 2.0 - Single Logout
SP Tried to perform SingleLogout received an error "HTTP Form does not contain SAMLRequest"
Is there a way to force my SAML service provider WebApp to use HTTP-POST instead of a Redirect?
Unable to use a crt certificate with itfoxtec saml2