New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
sp_request_initiation_protocol #2073
sp_request_initiation_protocol #2073
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ioigoume It is looking pretty good. I'll test it out in our of our environments.
I ran some tests in our dev environment and things behaved like I expected. Thank you @ioigoume |
3111e54
to
56a57a3
Compare
Hi @tvdijen, Thank you, |
440f4ab
to
edcc508
Compare
56a57a3
to
4f272ef
Compare
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## simplesamlphp-2.3 #2073 +/- ##
=======================================================
+ Coverage 44.71% 44.86% +0.14%
- Complexity 3849 3865 +16
=======================================================
Files 162 162
Lines 12876 12902 +26
=======================================================
+ Hits 5758 5788 +30
+ Misses 7118 7114 -4 |
I should probably also include a link here to the previous PR #2046 |
One thing I notice is that in general this will accept From my reading it seems RelayState might be a deep pointer the SP wants mirrored back from the IdP. Does the RelayState have potential other semantics with SP Request Initiation Protocol interactions? It may also make sense to hint to the reader that they might like to investigate the |
6f1438c
to
b51c532
Compare
According to the SAML specification
and
Based on above descriptions from the specification, the RelayState is just a pointer that the Service Provider will use to find out the final TARGET or ReturnTo URL.
According to the protocol if the
I added a sentence in the md file |
I am happy with the RelayState being used for the |
Actually that seems ok in general. The returnto is coming from the request first in both the old and new code and only from the sp metadata as a fallback in the PR. There isn't any call facing change here and if the sp->md has a relaystate it should come from the configuration and so be chosen by the admin anyway. --- $returnTo = $request->query->get('ReturnTo'); |
It also helps the review that this has been tested in a dev environment as well :) |
e5930e6
to
075cd62
Compare
Addresses issue #174