I am using spring boot (3.3.0) to configuring SAML based SSO using Azure AD. After successful login, I want to know whether the SAML Response is validated using the certificates which is configured in Azure. Below is my sample code,

Or , Let me know how to validate Base64 certificate that was configured in Azure AD App.

@Bean SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {

    http
    .authorizeHttpRequests(authorize -> 
         authorize.anyRequest().authenticated()
    ).saml2Login(saml2Login ->
    {
        try {
            saml2Login.relyingPartyRegistrationRepository(relyingPartyRegistrationRepository())
            .authenticationRequestUri("/demo/{registrationId}")
            .loginProcessingUrl("/demo/demoRedirect")
            .successHandler(customSAMLAuthenticationHandler)
            ;
        } catch (Exception e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
    }
);
    
    RelyingPartyRegistrationResolver relyingPartyRegistrationResolver = new DefaultRelyingPartyRegistrationResolver(relyingPartyRegistrationRepository());
    Saml2MetadataFilter filter = new Saml2MetadataFilter(relyingPartyRegistrationResolver, new OpenSamlMetadataResolver());
    http.addFilterBefore(filter, Saml2WebSsoAuthenticationFilter.class);

    return http.build();
}

@Bean
RelyingPartyRegistrationRepository relyingPartyRegistrationRepository() throws CertificateException {
    
    RelyingPartyRegistration registration = RelyingPartyRegistrations
            .fromMetadataLocation("<App Federation Metadata Url>")
            .registrationId("demosso")
            .assertionConsumerServiceLocation(";)
            .entityId("demo.sso.saml")
            .build();
    return new InMemoryRelyingPartyRegistrationRepository(registration);
}