remote provider ID is available only after request parsing (#208)
This commit is contained in:
parent
19fc68d927
commit
122836e820
|
@ -11,7 +11,7 @@ use Lemonldap::NG::Portal::Simple;
|
||||||
use Lemonldap::NG::Portal::_SAML;
|
use Lemonldap::NG::Portal::_SAML;
|
||||||
our @ISA = qw(Lemonldap::NG::Portal::_SAML);
|
our @ISA = qw(Lemonldap::NG::Portal::_SAML);
|
||||||
|
|
||||||
our $VERSION = '1.3.2';
|
our $VERSION = '1.4.0';
|
||||||
|
|
||||||
## @method void issuerDBInit()
|
## @method void issuerDBInit()
|
||||||
# Load and check SAML configuration
|
# Load and check SAML configuration
|
||||||
|
@ -1180,28 +1180,13 @@ sub issuerForAuthUser {
|
||||||
$self->lmLog( "Lasso Identity loaded", 'debug' );
|
$self->lmLog( "Lasso Identity loaded", 'debug' );
|
||||||
}
|
}
|
||||||
|
|
||||||
# Get SP entityID
|
|
||||||
my $sp =
|
|
||||||
$request ? $login->remote_providerID() : $self->param("sp");
|
|
||||||
|
|
||||||
$self->lmLog( "Found entityID $sp in SAML message", 'debug' );
|
|
||||||
|
|
||||||
# SP conf key
|
|
||||||
my $spConfKey = $self->{_spList}->{$sp}->{confKey};
|
|
||||||
|
|
||||||
unless ($spConfKey) {
|
|
||||||
$self->lmLog( "$sp do not match any SP in configuration",
|
|
||||||
'error' );
|
|
||||||
return PE_SAML_UNKNOWN_ENTITY;
|
|
||||||
}
|
|
||||||
|
|
||||||
$self->lmLog( "$sp match $spConfKey SP in configuration", 'debug' );
|
|
||||||
|
|
||||||
my $result;
|
my $result;
|
||||||
|
|
||||||
# Create fake request if IDP initiated mode
|
# Create fake request if IDP initiated mode
|
||||||
if ($idp_initiated) {
|
if ($idp_initiated) {
|
||||||
$result = $self->initIdpInitiatedAuthnRequest( $login, $sp );
|
$result =
|
||||||
|
$self->initIdpInitiatedAuthnRequest( $login,
|
||||||
|
$self->param("sp") );
|
||||||
unless ($result) {
|
unless ($result) {
|
||||||
$self->lmLog(
|
$self->lmLog(
|
||||||
"SSO: Fail to init IDP Initiated authentication request",
|
"SSO: Fail to init IDP Initiated authentication request",
|
||||||
|
@ -1225,6 +1210,23 @@ sub issuerForAuthUser {
|
||||||
return PE_SAML_SSO_ERROR;
|
return PE_SAML_SSO_ERROR;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Get SP entityID
|
||||||
|
my $sp =
|
||||||
|
$request ? $login->remote_providerID() : $self->param("sp");
|
||||||
|
|
||||||
|
$self->lmLog( "Found entityID $sp in SAML message", 'debug' );
|
||||||
|
|
||||||
|
# SP conf key
|
||||||
|
my $spConfKey = $self->{_spList}->{$sp}->{confKey};
|
||||||
|
|
||||||
|
unless ($spConfKey) {
|
||||||
|
$self->lmLog( "$sp do not match any SP in configuration",
|
||||||
|
'error' );
|
||||||
|
return PE_SAML_UNKNOWN_ENTITY;
|
||||||
|
}
|
||||||
|
|
||||||
|
$self->lmLog( "$sp match $spConfKey SP in configuration", 'debug' );
|
||||||
|
|
||||||
# Do we check signature?
|
# Do we check signature?
|
||||||
my $checkSSOMessageSignature =
|
my $checkSSOMessageSignature =
|
||||||
$self->{samlSPMetaDataOptions}->{$spConfKey}
|
$self->{samlSPMetaDataOptions}->{$spConfKey}
|
||||||
|
|
|
@ -21,7 +21,7 @@ use URI; # Get metadata URL path
|
||||||
#inherits Lemonldap::NG::Common::Conf::SAML::Metadata protected service_metadata
|
#inherits Lemonldap::NG::Common::Conf::SAML::Metadata protected service_metadata
|
||||||
|
|
||||||
our @ISA = (qw(Lemonldap::NG::Portal::_Browser));
|
our @ISA = (qw(Lemonldap::NG::Portal::_Browser));
|
||||||
our $VERSION = '1.3.2';
|
our $VERSION = '1.4.0';
|
||||||
our $samlCache;
|
our $samlCache;
|
||||||
our $initGlibDone;
|
our $initGlibDone;
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user