Restore relayState (#595)
This commit is contained in:
parent
60796fa6a1
commit
d0467f0802
|
@ -129,7 +129,7 @@
|
|||
.\" ========================================================================
|
||||
.\"
|
||||
.IX Title "llng-fastcgi-server 1"
|
||||
.TH llng-fastcgi-server 1 "2017-03-16" "perl v5.24.1" "User Contributed Perl Documentation"
|
||||
.TH llng-fastcgi-server 1 "2017-03-20" "perl v5.24.1" "User Contributed Perl Documentation"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
|
||||
.\" way too many mistakes in technical documents.
|
||||
.if n .ad l
|
||||
|
|
|
@ -228,7 +228,8 @@ sub extractFormInfo {
|
|||
->{samlIDPMetaDataOptionsRelayStateURL};
|
||||
|
||||
# Extract RelayState information
|
||||
if ( $self->extractRelayState( $relaystate, $relayStateURL ) ) {
|
||||
if ( $self->extractRelayState( $req, $relaystate, $relayStateURL ) )
|
||||
{
|
||||
$self->logger->debug("RelayState $relaystate extracted");
|
||||
}
|
||||
|
||||
|
@ -346,6 +347,16 @@ sub extractFormInfo {
|
|||
$req->datas->{_proxiedArtifact} =
|
||||
$samlSessionInfo->data->{Artifact};
|
||||
|
||||
# Save values in hidden fields in case of other user interactions
|
||||
$self->p->setHiddenFormValue( $req, 'SAMLRequest',
|
||||
$self->{_proxiedRequest} );
|
||||
$self->p->setHiddenFormValue( $req, 'Method',
|
||||
$self->{_proxiedMethod} );
|
||||
$self->p->setHiddenFormValue( $req, 'RelayState',
|
||||
$self->{_proxiedRelayState} );
|
||||
$self->p->setHiddenFormValue( $req, 'SAMLart',
|
||||
$self->{_proxiedArtifact} );
|
||||
|
||||
# Delete session
|
||||
$samlSessionInfo->remove();
|
||||
}
|
||||
|
@ -456,7 +467,7 @@ sub extractFormInfo {
|
|||
}
|
||||
|
||||
# If URL in RelayState, different from portal, redirect user
|
||||
if ( $self->extractRelayState($relaystate) ) {
|
||||
if ( $self->extractRelayState( $req, $relaystate ) ) {
|
||||
$self->logger->debug("RelayState $relaystate extracted");
|
||||
$self->logger->debug(
|
||||
"URL " . $req->urldc . " found in RelayState" );
|
||||
|
|
|
@ -8,7 +8,7 @@ BEGIN {
|
|||
require 't/saml-lib.pm';
|
||||
}
|
||||
|
||||
my $maintests = 22;
|
||||
my $maintests = 20;
|
||||
my $debug = 'error';
|
||||
my ( $issuer, $sp, $res );
|
||||
my %handlerOR = ( issuer => [], sp => [] );
|
||||
|
@ -95,44 +95,36 @@ SKIP: {
|
|||
( $body =~ /<input type="hidden".+?name="(.+?)".+?value="(.*?)"/sg );
|
||||
$fields{user} = $fields{password} = 'french';
|
||||
use URI::Escape;
|
||||
my $s = join( '&', map { "$_=" . uri_escape( $fields{$_} ) } keys %fields );
|
||||
$query =
|
||||
join( '&', map { "$_=" . uri_escape( $fields{$_} ) } keys %fields );
|
||||
ok(
|
||||
$res = $issuer->_post(
|
||||
$url,
|
||||
IO::String->new($s),
|
||||
IO::String->new($query),
|
||||
accept => 'text/html',
|
||||
length => length($s),
|
||||
length => length($query),
|
||||
),
|
||||
'Post authentication'
|
||||
);
|
||||
expectOK($res);
|
||||
my $idpId = expectCookie($res);
|
||||
( $host, $url, $query ) =
|
||||
expectForm( $res, 'auth.sp.com', '/saml/proxySingleSignOnPost',
|
||||
'SAMLResponse', 'RelayState' );
|
||||
|
||||
# Post SAML response to SP
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
m#<form.+?action="http://auth.sp.com(.*?)".+?method="post"#,
|
||||
'Form method is POST'
|
||||
);
|
||||
$url = $1;
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
/<input type="hidden".+?name="SAMLResponse".+?value="(.+?)"/s,
|
||||
'Found SAML response'
|
||||
);
|
||||
$s = "SAMLResponse=$1";
|
||||
switch ('sp');
|
||||
ok(
|
||||
$res = $sp->_post(
|
||||
$url, IO::String->new($s),
|
||||
$url, IO::String->new($query),
|
||||
accept => 'text/html',
|
||||
length => length($s),
|
||||
length => length($query),
|
||||
cookie => 'lemonldapidp=http://auth.idp.com/saml/metadata',
|
||||
),
|
||||
'Post SAML response to SP'
|
||||
);
|
||||
my $spId = expectCookie($res);
|
||||
expectRedirection( $res, 'http://auth.sp.com' );
|
||||
expectRedirection( $res, 'http://test1.example.com/' );
|
||||
|
||||
ok( $res = $sp->_get( '/', cookie => "lemonldap=$spId" ), 'Get / on SP' );
|
||||
expectOK($res);
|
||||
|
|
Loading…
Reference in New Issue
Block a user