luisgulo/BookStack
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Added sessionindex to SAML2 single logout request to idp

Browse source 
related to  #3936
This commit is contained in:
Dan Brown 2023-04-28 13:54:51 +01:00
parent f64ce71afc
commit 8c738aedee
No known key found for this signature in database
GPG key ID: 46D9F943C24A2EF9
2 changed files with 12 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
app/Auth/Access/Saml2Service.php
View file

@ -67,7 +67,7 @@ class Saml2Service
$returnRoute, $returnRoute,
[], [],
$user->email, $user->email,
null, session()->get('saml2_session_index'),
true, true,
Constants::NAMEID_EMAIL_ADDRESS Constants::NAMEID_EMAIL_ADDRESS
); );
@ -118,6 +118,7 @@ class Saml2Service
$attrs = $toolkit->getAttributes(); $attrs = $toolkit->getAttributes();
$id = $toolkit->getNameId(); $id = $toolkit->getNameId();
session()->put('saml2_session_index', $toolkit->getSessionIndex());
return $this->processLoginCallback($id, $attrs); return $this->processLoginCallback($id, $attrs);
} }

12
tests/Auth/Saml2Test.php
View file

@ -193,6 +193,9 @@ class Saml2Test extends TestCase
$req = $this->post('/saml2/logout'); $req = $this->post('/saml2/logout');
$redirect = $req->headers->get('location'); $redirect = $req->headers->get('location');
$this->assertStringStartsWith('http://saml.local/saml2/idp/SingleLogoutService.php', $redirect); $this->assertStringStartsWith('http://saml.local/saml2/idp/SingleLogoutService.php', $redirect);
$sloData = $this->parseSamlDataFromUrl($redirect, 'SAMLRequest');
$this->assertStringContainsString('<samlp:SessionIndex>_4fe7c0d1572d64b27f930aa6f236a6f42e930901cc</samlp:SessionIndex>', $sloData);
$this->withGet(['SAMLResponse' => $this->sloResponseData], $handleLogoutResponse); $this->withGet(['SAMLResponse' => $this->sloResponseData], $handleLogoutResponse);
} }
@ -379,11 +382,16 @@ class Saml2Test extends TestCase
{ {
$req = $this->post('/saml2/login'); $req = $this->post('/saml2/login');
$location = $req->headers->get('Location'); $location = $req->headers->get('Location');
$query = explode('?', $location)[1]; return $this->parseSamlDataFromUrl($location, 'SAMLRequest');
}
protected function parseSamlDataFromUrl(string $url, string $paramName): string
{
$query = explode('?', $url)[1];
$params = []; $params = [];
parse_str($query, $params); parse_str($query, $params);
return gzinflate(base64_decode($params['SAMLRequest'])); return gzinflate(base64_decode($params[$paramName]));
} }
protected function withGet(array $options, callable $callback) protected function withGet(array $options, callable $callback)