Apply patch on new Portal files in trunk (#1088)

2016-10-04 09:18:27 +00:00 · 2016-10-04 09:18:27 +00:00 · 95036d6acb
commit 95036d6acb
parent 72cc77aab4
2 changed files with 33 additions and 20 deletions
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm
@ -213,8 +213,12 @@ sub extractFormInfo {
                return PE_SAML_CONDITIONS_ERROR;
            }

+            my $relayStateURL =
+              $self->conf->{samlIDPMetaDataOptions}->{$idpConfKey}
+              ->{samlIDPMetaDataOptionsRelayStateURL};
+
            #  Extract RelayState information
-            if ( $self->extractRelayState($relaystate) ) {
+            if ( $self->extractRelayState( $relaystate, $relayStateURL ) ) {
                $self->lmLog( "RelayState $relaystate extracted", 'debug' );
            }

--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm
@ -1102,33 +1102,42 @@ sub storeRelayState {
    return $relaystate_id;
 }

-## @method boolean extractRelayState(string relaystate)
+## @method boolean extractRelayState(string relaystate, boolean relayStateURL)
 # Extract RelayState information into $self
 # @param relaystate Relay state value
+# @param relayStateURL Allow Relay state value to be the redirection URL
 # @return result
 sub extractRelayState {
-    my ( $self, $req, $relaystate ) = @_;
+    my ( $self, $req, $relaystate, $relayStateURL ) = @_;

    return 0 unless $relaystate;
-
-    # Open relaystate session
-    my $samlSessionInfo = $self->getSamlSession($relaystate);
-
-    return 0 unless $samlSessionInfo;
-
-    # Push values in $self
-    foreach ( keys %{ $samlSessionInfo->data } ) {
-        next if $_ =~ /(type|_session_id|_utime)/;
-        $req->{$_} = $samlSessionInfo->data->{$_};
-    }
-
-    # delete relaystate session
-    if ( $samlSessionInfo->remove ) {
-        $self->lmLog( "Relaystate $relaystate was deleted", 'debug' );
+    if ( $relayStateURL and $relaystate =~ /^https?:\/\// ) {
+        $self->lmLog( "RelayState is a redirection URL: $relaystate", 'debug' );
+        $req->{urldc} = $relaystate;
+        return 1;
    }
    else {
-        $self->lmLog( "Unable to delete relaystate $relaystate", 'error' );
-        $self->lmLog( $samlSessionInfo->error,                   'error' );
+
+        # Open relaystate session
+        my $samlSessionInfo = $self->getSamlSession($relaystate);
+
+        return 0 unless $samlSessionInfo;
+
+        # Push values in $self
+        foreach ( keys %{ $samlSessionInfo->data } ) {
+            next if $_ =~ /(type|_session_id|_utime)/;
+            $req->{$_} = $samlSessionInfo->data->{$_};
+        }
+
+        # delete relaystate session
+        if ( $samlSessionInfo->remove ) {
+            $self->lmLog( "Relaystate $relaystate was deleted", 'debug' );
+        }
+        else {
+            $self->lmLog( "Unable to delete relaystate $relaystate", 'error' );
+            $self->lmLog( $samlSessionInfo->error,                   'error' );
+        }
+
    }

    return 1;