SAML: get SessionIndex before validating SLO request (closes #64)
This commit is contained in:
parent
ef3faf7d3e
commit
fdc84aac52
@ -829,6 +829,10 @@ sub issuerForAuthUser {
|
||||
# Do we check signature?
|
||||
# TODO
|
||||
|
||||
# Get session index
|
||||
my $session_index;
|
||||
eval { $session_index = $logout->request()->SessionIndex; };
|
||||
|
||||
# Proceed to logout on all others SP
|
||||
my $logout_dump = $logout->dump;
|
||||
my $provider_nb =
|
||||
@ -851,10 +855,6 @@ sub issuerForAuthUser {
|
||||
$self->lmLog( "Set $relaystate in RelayState", 'debug' );
|
||||
}
|
||||
|
||||
# Get session index
|
||||
my $session_index;
|
||||
eval { $session_index = $logout->request()->SessionIndex; };
|
||||
|
||||
# SLO requests without session index are not accepted
|
||||
if ( $@ or !defined $session_index ) {
|
||||
$self->lmLog(
|
||||
|
Loading…
Reference in New Issue
Block a user