From ebb37248923f85e6e1f186c721f4714bcc0168d4 Mon Sep 17 00:00:00 2001
From: Dan Brown <ssddanbrown@googlemail.com>
Date: Sun, 17 Nov 2019 17:00:42 +0000
Subject: [PATCH] Added onelogin attribution and tweaks after testing saml with
 onelogin

---
 app/Auth/Access/Saml2Service.php | 16 +++++++---------
 readme.md                        |  3 ++-
 2 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/app/Auth/Access/Saml2Service.php b/app/Auth/Access/Saml2Service.php
index a9441dc40..c1038e730 100644
--- a/app/Auth/Access/Saml2Service.php
+++ b/app/Auth/Access/Saml2Service.php
@@ -83,10 +83,6 @@ class Saml2Service extends ExternalAuthService
      */
     public function processAcsResponse(?string $requestId): ?User
     {
-        if (is_null($requestId)) {
-            throw new SamlException(trans('errors.saml_invalid_response_id'));
-        }
-
         $toolkit = $this->getToolkit();
         $toolkit->processResponse($requestId);
         $errors = $toolkit->getErrors();
@@ -251,17 +247,14 @@ class Saml2Service extends ExternalAuthService
 
     /**
      * Extract the details of a user from a SAML response.
-     * @throws SamlException
      */
     public function getUserDetails(string $samlID, $samlAttributes): array
     {
         $emailAttr = $this->config['email_attribute'];
         $externalId = $this->getExternalId($samlAttributes, $samlID);
-        $email = $this->getSamlResponseAttribute($samlAttributes, $emailAttr, null);
 
-        if ($email === null) {
-            throw new SamlException(trans('errors.saml_no_email_address'));
-        }
+        $defaultEmail = filter_var($samlID, FILTER_VALIDATE_EMAIL) ? $samlID : null;
+        $email = $this->getSamlResponseAttribute($samlAttributes, $emailAttr, $defaultEmail);
 
         return [
             'external_id' => $externalId,
@@ -372,11 +365,16 @@ class Saml2Service extends ExternalAuthService
 
         if ($this->config['dump_user_details']) {
             throw new JsonDebugException([
+                'id_from_idp' => $samlID,
                 'attrs_from_idp' => $samlAttributes,
                 'attrs_after_parsing' => $userDetails,
             ]);
         }
 
+        if ($userDetails['email'] === null) {
+            throw new SamlException(trans('errors.saml_no_email_address'));
+        }
+
         if ($isLoggedIn) {
             throw new SamlException(trans('errors.saml_already_logged_in'), '/login');
         }
diff --git a/readme.md b/readme.md
index ca90be305..f86e661ea 100644
--- a/readme.md
+++ b/readme.md
@@ -174,4 +174,5 @@ These are the great open-source projects used to help build BookStack:
     * [Laravel IDE helper](https://github.com/barryvdh/laravel-ide-helper)
 * [WKHTMLtoPDF](http://wkhtmltopdf.org/index.html)
 * [Draw.io](https://github.com/jgraph/drawio)
-* [Laravel Stats](https://github.com/stefanzweifel/laravel-stats)
\ No newline at end of file
+* [Laravel Stats](https://github.com/stefanzweifel/laravel-stats)
+* [OneLogin's SAML PHP Toolkit](https://github.com/onelogin/php-saml)
\ No newline at end of file