remote provider ID is available only after request parsing (#208)

2013-11-26 14:35:58 +00:00 · 2013-11-26 14:35:58 +00:00 · 122836e820
commit 122836e820
parent 19fc68d927
2 changed files with 22 additions and 20 deletions
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBSAML.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBSAML.pm
@ -11,7 +11,7 @@ use Lemonldap::NG::Portal::Simple;
 use Lemonldap::NG::Portal::_SAML;
 our @ISA = qw(Lemonldap::NG::Portal::_SAML);

-our $VERSION = '1.3.2';
+our $VERSION = '1.4.0';

 ## @method void issuerDBInit()
 # Load and check SAML configuration
@ -1180,28 +1180,13 @@ sub issuerForAuthUser {
                $self->lmLog( "Lasso Identity loaded", 'debug' );
            }

-            # Get SP entityID
-            my $sp =
-              $request ? $login->remote_providerID() : $self->param("sp");
-
-            $self->lmLog( "Found entityID $sp in SAML message", 'debug' );
-
-            # SP conf key
-            my $spConfKey = $self->{_spList}->{$sp}->{confKey};
-
-            unless ($spConfKey) {
-                $self->lmLog( "$sp do not match any SP in configuration",
-                    'error' );
-                return PE_SAML_UNKNOWN_ENTITY;
-            }
-
-            $self->lmLog( "$sp match $spConfKey SP in configuration", 'debug' );
-
            my $result;

            # Create fake request if IDP initiated mode
            if ($idp_initiated) {
-                $result = $self->initIdpInitiatedAuthnRequest( $login, $sp );
+                $result =
+                  $self->initIdpInitiatedAuthnRequest( $login,
+                    $self->param("sp") );
                unless ($result) {
                    $self->lmLog(
 "SSO: Fail to init IDP Initiated authentication request",
@ -1225,6 +1210,23 @@ sub issuerForAuthUser {
                return PE_SAML_SSO_ERROR;
            }

+            # Get SP entityID
+            my $sp =
+              $request ? $login->remote_providerID() : $self->param("sp");
+
+            $self->lmLog( "Found entityID $sp in SAML message", 'debug' );
+
+            # SP conf key
+            my $spConfKey = $self->{_spList}->{$sp}->{confKey};
+
+            unless ($spConfKey) {
+                $self->lmLog( "$sp do not match any SP in configuration",
+                    'error' );
+                return PE_SAML_UNKNOWN_ENTITY;
+            }
+
+            $self->lmLog( "$sp match $spConfKey SP in configuration", 'debug' );
+
            # Do we check signature?
            my $checkSSOMessageSignature =
              $self->{samlSPMetaDataOptions}->{$spConfKey}
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_SAML.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_SAML.pm
@ -21,7 +21,7 @@ use URI;                   # Get metadata URL path
 #inherits Lemonldap::NG::Common::Conf::SAML::Metadata protected service_metadata

 our @ISA     = (qw(Lemonldap::NG::Portal::_Browser));
-our $VERSION = '1.3.2';
+our $VERSION = '1.4.0';
 our $samlCache;
 our $initGlibDone;