You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Set the ACS base URL (including domain) correctly
As a work-around for a problem where ACS was read as e.g. domain/acs
instead of domain/path/acs, explicitly setting the path (via the base
url) was done. But we need the domain to match the actual loaded domain,
not the service provider entity ID.
It is important since there is already another major version of this
saml module that no changes that would require existing users to make
changes to their code be introduced (requiring a major version). This is
the reason we're now relying on Director::absoluteBaseUrl instead of
letting the SAML library do what it does (in cases where the workaround
is not needed).
When using Director::absoluteBaseUrl instead of letting the SAML library
build it's own interpretation, the use of other Util class options become
redundant - they're not used anyway, so there is no point in having any
further/alternative options. A hook point is introduced to further
manipulate things like that should anyone have the need.
Don't use singleton for getForm
When using Injector to create a singleton constructor arguments are
ignored. This causes getForm to fail as SAMLLoginForm requires
constructor arguments.
Fix BackURL redirect with strict or lax session cookie security.
See #55 PR for more context.
This is merely a cherry pick / copy of that commit but for the 2 branch so in theory should work in SS 4.x
Don't use singleton for getForm
When using Injector to create a singleton constructor arguments are
ignored. This causes getForm to fail as SAMLLoginForm requires
constructor arguments.