Possibility to force session key use to fill NameID (#657)
This commit is contained in:
parent
36f79f4e40
commit
2ee3f6d5a6
@ -201,12 +201,14 @@ sub cstruct {
|
|||||||
|
|
||||||
samlSPMetaDataOptionsAuthnResponse => {
|
samlSPMetaDataOptionsAuthnResponse => {
|
||||||
_nodes => [
|
_nodes => [
|
||||||
qw(samlSPMetaDataOptionsNameIDFormat samlSPMetaDataOptionsOneTimeUse)
|
qw(samlSPMetaDataOptionsNameIDFormat samlSPMetaDataOptionsNameIDSessionKey samlSPMetaDataOptionsOneTimeUse)
|
||||||
],
|
],
|
||||||
|
|
||||||
samlSPMetaDataOptionsNameIDFormat =>
|
samlSPMetaDataOptionsNameIDFormat =>
|
||||||
"text:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsNameIDFormat"
|
"text:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsNameIDFormat"
|
||||||
. ":samlSPOptions:nameIdFormatParams",
|
. ":samlSPOptions:nameIdFormatParams",
|
||||||
|
samlSPMetaDataOptionsNameIDSessionKey =>
|
||||||
|
"text:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsNameIDSessionKey",
|
||||||
samlSPMetaDataOptionsOneTimeUse =>
|
samlSPMetaDataOptionsOneTimeUse =>
|
||||||
"bool:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsOneTimeUse",
|
"bool:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsOneTimeUse",
|
||||||
},
|
},
|
||||||
|
@ -454,6 +454,7 @@ sub en {
|
|||||||
samlSPMetaDataOptionsSecurity => 'Security',
|
samlSPMetaDataOptionsSecurity => 'Security',
|
||||||
samlSPMetaDataOptionsEnableIDPInitiatedURL =>
|
samlSPMetaDataOptionsEnableIDPInitiatedURL =>
|
||||||
'Enable use of IDP initiated URL',
|
'Enable use of IDP initiated URL',
|
||||||
|
samlSPMetaDataOptionsNameIDSessionKey => 'Force NameID session key',
|
||||||
samlServiceMetaData => 'SAML 2 Service',
|
samlServiceMetaData => 'SAML 2 Service',
|
||||||
samlEntityID => 'Entity Identifier',
|
samlEntityID => 'Entity Identifier',
|
||||||
samlOrganization => 'Organization',
|
samlOrganization => 'Organization',
|
||||||
@ -941,6 +942,8 @@ sub fr {
|
|||||||
samlSPMetaDataOptionsSecurity => 'Sécurité',
|
samlSPMetaDataOptionsSecurity => 'Sécurité',
|
||||||
samlSPMetaDataOptionsEnableIDPInitiatedURL =>
|
samlSPMetaDataOptionsEnableIDPInitiatedURL =>
|
||||||
'Enable use of IDP initiated URL',
|
'Enable use of IDP initiated URL',
|
||||||
|
samlSPMetaDataOptionsNameIDSessionKey =>
|
||||||
|
"Forcer la clé de session NameID",
|
||||||
samlServiceMetaData => 'Service SAML 2',
|
samlServiceMetaData => 'Service SAML 2',
|
||||||
samlEntityID => 'Identifiant d\'entité',
|
samlEntityID => 'Identifiant d\'entité',
|
||||||
samlOrganization => 'Organisation',
|
samlOrganization => 'Organisation',
|
||||||
|
@ -1521,6 +1521,15 @@ sub issuerForAuthUser {
|
|||||||
my $nameIDSessionKey =
|
my $nameIDSessionKey =
|
||||||
$self->{ $nameIDFormatConfiguration->{$nameIDFormat} };
|
$self->{ $nameIDFormatConfiguration->{$nameIDFormat} };
|
||||||
|
|
||||||
|
# Override default NameID Mapping
|
||||||
|
if ( $self->{samlSPMetaDataOptions}->{$spConfKey}
|
||||||
|
->{samlSPMetaDataOptionsNameIDSessionKey} )
|
||||||
|
{
|
||||||
|
$nameIDSessionKey =
|
||||||
|
$self->{samlSPMetaDataOptions}->{$spConfKey}
|
||||||
|
->{samlSPMetaDataOptionsNameIDSessionKey};
|
||||||
|
}
|
||||||
|
|
||||||
my $nameIDContent;
|
my $nameIDContent;
|
||||||
if ( defined $self->{sessionInfo}->{$nameIDSessionKey} ) {
|
if ( defined $self->{sessionInfo}->{$nameIDSessionKey} ) {
|
||||||
$nameIDContent =
|
$nameIDContent =
|
||||||
|
Loading…
Reference in New Issue
Block a user