webapp/bookstack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-08-09 10:22:51 +03:00
Code Activity

Added sessionindex to SAML2 single logout request to idp

Browse Source 
related to  #3936
This commit is contained in:
Dan Brown
2023-04-28 13:54:51 +01:00
parent f64ce71afc
commit 8c738aedee
2 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
tests/Auth/Saml2Test.php
View File

@@ -193,6 +193,9 @@ class Saml2Test extends TestCase
$req = $this->post('/saml2/logout');
$redirect = $req->headers->get('location');
$this->assertStringStartsWith('http://saml.local/saml2/idp/SingleLogoutService.php', $redirect);
$sloData = $this->parseSamlDataFromUrl($redirect, 'SAMLRequest');
$this->assertStringContainsString('<samlp:SessionIndex>_4fe7c0d1572d64b27f930aa6f236a6f42e930901cc</samlp:SessionIndex>', $sloData);
$this->withGet(['SAMLResponse' => $this->sloResponseData], $handleLogoutResponse);
}
@@ -379,11 +382,16 @@ class Saml2Test extends TestCase
{
$req = $this->post('/saml2/login');
$location = $req->headers->get('Location');
$query = explode('?', $location)[1];
return $this->parseSamlDataFromUrl($location, 'SAMLRequest');
}
protected function parseSamlDataFromUrl(string $url, string $paramName): string
{
$query = explode('?', $url)[1];
$params = [];
parse_str($query, $params);
return gzinflate(base64_decode($params['SAMLRequest']));
return gzinflate(base64_decode($params[$paramName]));
}
protected function withGet(array $options, callable $callback)