Commit 14ac79ef authored by Clément OUDOT's avatar Clément OUDOT
Browse files

Force NameID Format and AllowCreate in IDP initiated request (#1101)

parent 5cc0e1ba
......@@ -214,6 +214,17 @@ sub run {
);
return PE_SAML_SSO_ERROR;
}
# Force NameID Format
my $nameIDFormatKey =
$self->conf->{samlSPMetaDataOptions}
->{$idp_initiated_spConfKey}
->{samlSPMetaDataOptionsNameIDFormat} || "email";
$login->request()->NameIDPolicy()
->Format( $self->getNameIDFormat($nameIDFormatKey) );
# Force AllowCreate to TRUE
$login->request()->NameIDPolicy()->AllowCreate(1);
}
# Process authentication request
......
......@@ -1272,6 +1272,16 @@ sub issuerForAuthUser {
);
return PE_SAML_SSO_ERROR;
}
# Force NameID Format
my $nameIDFormatKey =
$self->{samlSPMetaDataOptions}->{$idp_initiated_spConfKey}
->{samlSPMetaDataOptionsNameIDFormat} || "email";
$login->request()->NameIDPolicy()
->Format( $self->getNameIDFormat($nameIDFormatKey) );
# Force AllowCreate to TRUE
$login->request()->NameIDPolicy()->AllowCreate(1);
}
# Process authentication request
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment