[KEYCLOAK-987] - IdP should respect the protocol binding when processing AuthnRequest.
This commit is contained in:
parent
da240b2b36
commit
d1f38a4236
1 changed files with 15 additions and 1 deletions
|
@ -220,7 +220,7 @@ public class SamlService {
|
|||
clientSession.setRedirectUri(redirect);
|
||||
clientSession.setAction(ClientSessionModel.Action.AUTHENTICATE);
|
||||
clientSession.setNote(ClientSessionCode.ACTION_KEY, KeycloakModelUtils.generateCodeSecret());
|
||||
clientSession.setNote(SamlProtocol.SAML_BINDING, getBindingType());
|
||||
clientSession.setNote(SamlProtocol.SAML_BINDING, getBindingType(requestAbstractType));
|
||||
clientSession.setNote(GeneralConstants.RELAY_STATE, relayState);
|
||||
clientSession.setNote(SamlProtocol.SAML_REQUEST_ID, requestAbstractType.getID());
|
||||
|
||||
|
@ -258,6 +258,20 @@ public class SamlService {
|
|||
return forms.createLogin();
|
||||
}
|
||||
|
||||
private String getBindingType(AuthnRequestType requestAbstractType) {
|
||||
URI requestedProtocolBinding = requestAbstractType.getProtocolBinding();
|
||||
|
||||
if (requestedProtocolBinding != null) {
|
||||
if (JBossSAMLURIConstants.SAML_HTTP_POST_BINDING.get().equals(requestedProtocolBinding.toString())) {
|
||||
return SamlProtocol.SAML_POST_BINDING;
|
||||
} else {
|
||||
return SamlProtocol.SAML_GET_BINDING;
|
||||
}
|
||||
}
|
||||
|
||||
return getBindingType();
|
||||
}
|
||||
|
||||
private boolean isSupportedNameIdFormat(String nameIdFormat) {
|
||||
if (nameIdFormat.equals(JBossSAMLURIConstants.NAMEID_FORMAT_EMAIL.get()) ||
|
||||
nameIdFormat.equals(JBossSAMLURIConstants.NAMEID_FORMAT_TRANSIENT.get()) ||
|
||||
|
|
Loading…
Reference in a new issue