private static void VerifySignature(Saml2Response response)
{
if (response.IsSigned && !response.VerifySignature())
{
throw new InvalidOperationException(string.Format(
"SAML 2 response signature for '{0}' failed to verify.",
response.IssuerNameIdentifier));
}
}