Fix entityID sent to discovery service.
We assumed that the SP entityID was always the endpoint path followed by "metadata". This does not need to be the case. This patch changes it to fetch the SP entityID from the SP metadata. git-svn-id: https://modmellon.googlecode.com/svn/trunk/mod_mellon2@146 a716ebb1-153a-0410-b759-cfb97c6a1b53
This commit is contained in:
parent
3ebab79c16
commit
d08bab7148
|
@ -2507,11 +2507,20 @@ static int am_auth_new_ticket(request_rec *r)
|
|||
/* Check if IdP discovery is in use and no IdP was selected yet */
|
||||
if ((cfg->discovery_url != NULL) &&
|
||||
(am_extract_query_parameter(r->pool, r->args, "IdP") == NULL)) {
|
||||
LassoServer *server;
|
||||
const char *sp_entity_id;
|
||||
char *discovery_url;
|
||||
char *return_url;
|
||||
char *endpoint = am_get_endpoint_url(r);
|
||||
char *sep;
|
||||
|
||||
server = am_get_lasso_server(r);
|
||||
if(server == NULL) {
|
||||
return HTTP_INTERNAL_SERVER_ERROR;
|
||||
}
|
||||
|
||||
sp_entity_id = LASSO_PROVIDER(server)->ProviderID;
|
||||
|
||||
/* If discovery URL already has a ? we append a & */
|
||||
sep = (strchr(cfg->discovery_url, '?')) ? "&" : "?";
|
||||
|
||||
|
@ -2520,10 +2529,10 @@ static int am_auth_new_ticket(request_rec *r)
|
|||
am_urlencode(r->pool, relay_state));
|
||||
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
|
||||
"return_url = %s", return_url);
|
||||
discovery_url = apr_psprintf(r->pool, "%s%sentityID=%smetadata&"
|
||||
discovery_url = apr_psprintf(r->pool, "%s%sentityID=%s&"
|
||||
"return=%s&returnIDParam=IdP",
|
||||
cfg->discovery_url, sep,
|
||||
am_urlencode(r->pool, endpoint),
|
||||
am_urlencode(r->pool, sp_entity_id),
|
||||
am_urlencode(r->pool, return_url));
|
||||
|
||||
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
|
||||
|
|
Loading…
Reference in New Issue