SAML OK with artifact + SOAP SLO (#595)
This commit is contained in:
parent
e09eb9c237
commit
10d4f39511
|
@ -356,7 +356,7 @@ t/26-AuthRemote.t
|
||||||
t/27-AuthProxy.t
|
t/27-AuthProxy.t
|
||||||
t/28-AuthChoice.t
|
t/28-AuthChoice.t
|
||||||
t/29-AuthSSL.t
|
t/29-AuthSSL.t
|
||||||
t/30-Auth-and-issuer-SAML-Artifact-IdP-initiated.t
|
t/30-Auth-and-issuer-SAML-Artifact-soap-slo-IdP-initiated.t
|
||||||
t/30-Auth-and-issuer-SAML-Artifact-soap-slo.t
|
t/30-Auth-and-issuer-SAML-Artifact-soap-slo.t
|
||||||
t/30-Auth-and-issuer-SAML-POST-IdP-initiated.t
|
t/30-Auth-and-issuer-SAML-POST-IdP-initiated.t
|
||||||
t/30-Auth-and-issuer-SAML-POST.t
|
t/30-Auth-and-issuer-SAML-POST.t
|
||||||
|
|
|
@ -764,7 +764,11 @@ sub run {
|
||||||
|
|
||||||
# Artifact
|
# Artifact
|
||||||
# Choose method
|
# Choose method
|
||||||
if ($artifact) {
|
if ( $artifact
|
||||||
|
or $protocolProfile ==
|
||||||
|
Lasso::Constants::LOGIN_PROTOCOL_PROFILE_BRWS_ART )
|
||||||
|
{
|
||||||
|
$artifact = 1;
|
||||||
if ( $method == $self->getHttpMethod("post")
|
if ( $method == $self->getHttpMethod("post")
|
||||||
|| $method == $self->getHttpMethod("artifact-post") )
|
|| $method == $self->getHttpMethod("artifact-post") )
|
||||||
{
|
{
|
||||||
|
|
|
@ -56,7 +56,6 @@ SKIP: {
|
||||||
ok( $res = $sp->_get( $url, query => $query, accept => 'test/html' ),
|
ok( $res = $sp->_get( $url, query => $query, accept => 'test/html' ),
|
||||||
'Give artifact to SP' );
|
'Give artifact to SP' );
|
||||||
expectRedirection( $res, 'http://auth.sp.com' );
|
expectRedirection( $res, 'http://auth.sp.com' );
|
||||||
my $spId = expectCookie($res);
|
|
||||||
|
|
||||||
# Verify authentication on SP
|
# Verify authentication on SP
|
||||||
my $spId = expectCookie($res);
|
my $spId = expectCookie($res);
|
||||||
|
@ -485,8 +484,8 @@ sub sp {
|
||||||
samlIDPMetaDataOptions => {
|
samlIDPMetaDataOptions => {
|
||||||
idp => {
|
idp => {
|
||||||
samlIDPMetaDataOptionsEncryptionMode => 'none',
|
samlIDPMetaDataOptionsEncryptionMode => 'none',
|
||||||
samlIDPMetaDataOptionsSSOBinding => 'Artifact',
|
samlIDPMetaDataOptionsSSOBinding => 'artifact-get',
|
||||||
samlIDPMetaDataOptionsSLOBinding => 'Artifact',
|
samlIDPMetaDataOptionsSLOBinding => 'http-soap',
|
||||||
samlIDPMetaDataOptionsSignSSOMessage => 1,
|
samlIDPMetaDataOptionsSignSSOMessage => 1,
|
||||||
samlIDPMetaDataOptionsSignSLOMessage => 1,
|
samlIDPMetaDataOptionsSignSLOMessage => 1,
|
||||||
samlIDPMetaDataOptionsCheckSSOMessageSignature => 1,
|
samlIDPMetaDataOptionsCheckSSOMessageSignature => 1,
|
|
@ -365,7 +365,12 @@ entityID="http://auth.sp.com/saml/metadata">
|
||||||
<ArtifactResolutionService isDefault="true" index="0"
|
<ArtifactResolutionService isDefault="true" index="0"
|
||||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
|
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
|
||||||
Location="http://auth.sp.com/saml/artifact" />
|
Location="http://auth.sp.com/saml/artifact" />
|
||||||
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
|
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
|
||||||
|
Location="http://auth.sp.com/saml/singleLogoutSOAP" />
|
||||||
|
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
|
||||||
|
Location="http://auth.sp.com/saml/singleLogout"
|
||||||
|
ResponseLocation="http://auth.sp.com/saml/singleLogoutReturn" />
|
||||||
|
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
|
||||||
Location="http://auth.sp.com/saml/singleLogout"
|
Location="http://auth.sp.com/saml/singleLogout"
|
||||||
ResponseLocation="http://auth.sp.com/saml/singleLogoutReturn" />
|
ResponseLocation="http://auth.sp.com/saml/singleLogoutReturn" />
|
||||||
<NameIDFormat>
|
<NameIDFormat>
|
||||||
|
@ -420,7 +425,12 @@ entityID="http://auth.sp.com/saml/metadata">
|
||||||
<ArtifactResolutionService isDefault="true" index="0"
|
<ArtifactResolutionService isDefault="true" index="0"
|
||||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
|
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
|
||||||
Location="http://auth.sp.com/saml/artifact" />
|
Location="http://auth.sp.com/saml/artifact" />
|
||||||
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
|
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
|
||||||
|
Location="http://auth.sp.com/saml/proxySingleLogoutSOAP" />
|
||||||
|
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
|
||||||
|
Location="http://auth.sp.com/saml/proxySingleLogout"
|
||||||
|
ResponseLocation="http://auth.sp.com/saml/proxySingleLogoutReturn" />
|
||||||
|
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
|
||||||
Location="http://auth.sp.com/saml/proxySingleLogout"
|
Location="http://auth.sp.com/saml/proxySingleLogout"
|
||||||
ResponseLocation="http://auth.sp.com/saml/proxySingleLogoutReturn" />
|
ResponseLocation="http://auth.sp.com/saml/proxySingleLogoutReturn" />
|
||||||
<NameIDFormat>
|
<NameIDFormat>
|
||||||
|
|
Loading…
Reference in New Issue
Block a user