Commit 2ee3f6d5 authored by Clément OUDOT's avatar Clément OUDOT

Possibility to force session key use to fill NameID (#657)

parent 36f79f4e
......@@ -201,12 +201,14 @@ sub cstruct {
samlSPMetaDataOptionsAuthnResponse => {
_nodes => [
qw(samlSPMetaDataOptionsNameIDFormat samlSPMetaDataOptionsOneTimeUse)
qw(samlSPMetaDataOptionsNameIDFormat samlSPMetaDataOptionsNameIDSessionKey samlSPMetaDataOptionsOneTimeUse)
],
samlSPMetaDataOptionsNameIDFormat =>
"text:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsNameIDFormat"
. ":samlSPOptions:nameIdFormatParams",
samlSPMetaDataOptionsNameIDSessionKey =>
"text:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsNameIDSessionKey",
samlSPMetaDataOptionsOneTimeUse =>
"bool:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsOneTimeUse",
},
......
......@@ -454,13 +454,14 @@ sub en {
samlSPMetaDataOptionsSecurity => 'Security',
samlSPMetaDataOptionsEnableIDPInitiatedURL =>
'Enable use of IDP initiated URL',
samlServiceMetaData => 'SAML 2 Service',
samlEntityID => 'Entity Identifier',
samlOrganization => 'Organization',
samlOrganizationDisplayName => 'Display Name',
samlOrganizationName => 'Name',
samlOrganizationURL => 'URL',
samlSPSSODescriptor => 'Service Provider',
samlSPMetaDataOptionsNameIDSessionKey => 'Force NameID session key',
samlServiceMetaData => 'SAML 2 Service',
samlEntityID => 'Entity Identifier',
samlOrganization => 'Organization',
samlOrganizationDisplayName => 'Display Name',
samlOrganizationName => 'Name',
samlOrganizationURL => 'URL',
samlSPSSODescriptor => 'Service Provider',
samlSPSSODescriptorAuthnRequestsSigned =>
'Signed Authentication Request',
samlSPSSODescriptorWantAssertionsSigned => 'Want Assertions Signed',
......@@ -941,6 +942,8 @@ sub fr {
samlSPMetaDataOptionsSecurity => 'Sécurité',
samlSPMetaDataOptionsEnableIDPInitiatedURL =>
'Enable use of IDP initiated URL',
samlSPMetaDataOptionsNameIDSessionKey =>
"Forcer la clé de session NameID",
samlServiceMetaData => 'Service SAML 2',
samlEntityID => 'Identifiant d\'entité',
samlOrganization => 'Organisation',
......
......@@ -1521,6 +1521,15 @@ sub issuerForAuthUser {
my $nameIDSessionKey =
$self->{ $nameIDFormatConfiguration->{$nameIDFormat} };
# Override default NameID Mapping
if ( $self->{samlSPMetaDataOptions}->{$spConfKey}
->{samlSPMetaDataOptionsNameIDSessionKey} )
{
$nameIDSessionKey =
$self->{samlSPMetaDataOptions}->{$spConfKey}
->{samlSPMetaDataOptionsNameIDSessionKey};
}
my $nameIDContent;
if ( defined $self->{sessionInfo}->{$nameIDSessionKey} ) {
$nameIDContent =
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment