As per the SAML specification, the InResponseTo field is only present for SP-initiated SSO. We automatically include it with the value set to the ID of the previously received SAML authn request.
This field should not be present for IdP-initiated SSO as there's no previously received authn request.
If the service provider is expecting an InResponseTo for IdP-initiated SSO, they're misunderstanding the SAML specification.
If this is SP-initiated SSO, we include the InResponseTo field automatically. You don't need to do this in OnSAMLResponseCreated.