saml2/login: fix role of providers in process_authn_request() and idp_initiated_authn_request()
It is necessary for endpoint resolution to know the role of providers.
This commit is contained in:
parent
53f6f5c5ef
commit
9adc9bfaad
|
@ -260,6 +260,7 @@ lasso_saml20_login_process_authn_request_msg(LassoLogin *login, const char *auth
|
|||
LassoSamlp2StatusResponse *response = NULL;
|
||||
LassoSamlp2AuthnRequest *authn_request = NULL;
|
||||
LassoProvider *remote_provider = NULL;
|
||||
LassoServer *server = NULL;
|
||||
const gchar *protocol_binding = NULL;
|
||||
const char *status1 = LASSO_SAML2_STATUS_CODE_RESPONDER;
|
||||
const char *status2 = NULL;
|
||||
|
@ -298,6 +299,10 @@ lasso_saml20_login_process_authn_request_msg(LassoLogin *login, const char *auth
|
|||
rc = LASSO_PROFILE_ERROR_UNKNOWN_PROVIDER;
|
||||
goto cleanup;
|
||||
}
|
||||
lasso_extract_node_or_fail(server, lasso_profile_get_server(&login->parent), SERVER,
|
||||
LASSO_PROFILE_ERROR_MISSING_SERVER);
|
||||
remote_provider->role = LASSO_PROVIDER_ROLE_SP;
|
||||
server->parent.role = LASSO_PROVIDER_ROLE_IDP;
|
||||
|
||||
/* all those attributes are mutually exclusive */
|
||||
if (((authn_request->ProtocolBinding != NULL) ||
|
||||
|
@ -1501,6 +1506,10 @@ lasso_saml20_login_init_idp_initiated_authn_request(LassoLogin *login,
|
|||
if (! LASSO_IS_PROVIDER(provider))
|
||||
return LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND;
|
||||
|
||||
/* fix roles */
|
||||
server->parent.role = LASSO_PROVIDER_ROLE_IDP;
|
||||
provider->role = LASSO_PROVIDER_ROLE_SP;
|
||||
|
||||
lasso_assign_string(profile->remote_providerID, remote_providerID);
|
||||
lasso_assign_new_gobject(profile->request, lasso_samlp2_authn_request_new());
|
||||
lasso_assign_new_gobject(LASSO_SAMLP2_AUTHN_REQUEST(profile->request)->NameIDPolicy,
|
||||
|
|
Loading…
Reference in New Issue