Return error when SAML authentication is refused by user (#132)
This commit is contained in:
parent
2ec7297695
commit
6781054397
@ -771,9 +771,18 @@ sub extractFormInfo {
|
|||||||
# Get confirmation flag
|
# Get confirmation flag
|
||||||
my $confirm_flag = $self->param("confirm");
|
my $confirm_flag = $self->param("confirm");
|
||||||
|
|
||||||
# If confirmation is -1, or IDP was not resolve, let the user choose its IDP
|
# If confirmation is -1 from IDP list,
|
||||||
|
# return error to get next authentication method
|
||||||
|
# with AuthMulti
|
||||||
|
if ( $confirm_flag == -1 and $self->param("idplist") ) {
|
||||||
|
$self->lmLog( "SAML authentication refused by user", 'error' );
|
||||||
|
return PE_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
# If confirmation is -1 from resolved IDP screen,
|
||||||
|
# or IDP was not resolve, let the user choose its IDP
|
||||||
if ( $confirm_flag == -1 or !$idp ) {
|
if ( $confirm_flag == -1 or !$idp ) {
|
||||||
$self->lmLog( "No IDP found, redirecting user to IDP list", 'debug' );
|
$self->lmLog( "Redirecting user to IDP list", 'debug' );
|
||||||
|
|
||||||
# Control url parameter
|
# Control url parameter
|
||||||
my $urlcheck = $self->controlUrlOrigin();
|
my $urlcheck = $self->controlUrlOrigin();
|
||||||
@ -804,6 +813,9 @@ sub extractFormInfo {
|
|||||||
. '<input type="hidden" name="url" value="'
|
. '<input type="hidden" name="url" value="'
|
||||||
. $self->param("url") . '" />'
|
. $self->param("url") . '" />'
|
||||||
|
|
||||||
|
# IDP list flag
|
||||||
|
. '<input type="hidden" name="idplist" value="1" />'
|
||||||
|
|
||||||
# Script to autoselect first choice
|
# Script to autoselect first choice
|
||||||
. '<script>$("[type=radio]:first").attr("checked","checked");</script>';
|
. '<script>$("[type=radio]:first").attr("checked","checked");</script>';
|
||||||
|
|
||||||
@ -1195,11 +1207,11 @@ sub getIDP {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$self->lmLog( 'No IdP found', 'debug' ) unless ($idp);
|
$self->lmLog( 'No IDP found', 'debug' ) unless ($idp);
|
||||||
}
|
}
|
||||||
|
|
||||||
# Alert when selected IdP is unknown
|
# Alert when selected IDP is unknown
|
||||||
unless ( exists $self->{_idpList}->{$idp} ) {
|
if ( $idp and !exists $self->{_idpList}->{$idp} ) {
|
||||||
$self->_sub( 'userError', "Required IDP $idp does not exists" );
|
$self->_sub( 'userError', "Required IDP $idp does not exists" );
|
||||||
$idp = undef;
|
$idp = undef;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user