diff --git a/composer.json b/composer.json
index 351fbbd276c4633cb5aed62be7ffdcfe4defa0b0..7913dab507f5ff647162f31976228e67eeb335c7 100644
--- a/composer.json
+++ b/composer.json
@@ -60,7 +60,7 @@
"gettext/translator": "^1.0.1",
"phpmailer/phpmailer": "^6.5",
"simplesamlphp/assert": "^0.2.11",
- "simplesamlphp/saml2": "^4.5",
+ "simplesamlphp/saml2": "^4.6",
"symfony/cache": "^5.4",
"symfony/config": "^5.4",
"symfony/console": "^5.4",
diff --git a/composer.lock b/composer.lock
index bf545f4734e526047652774b3090fd37ef84b25e..95a2501320c9e880adadf879054cb88ac6d730ba 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
- "content-hash": "628d965ff7eff1289f11a49069eb444a",
+ "content-hash": "75291382c13b5ddc539af6b2c03fbbc1",
"packages": [
{
"name": "composer/ca-bundle",
@@ -1407,16 +1407,16 @@
},
{
"name": "simplesamlphp/saml2",
- "version": "v4.6.1",
+ "version": "v4.6.2",
"source": {
"type": "git",
"url": "https://github.com/simplesamlphp/saml2.git",
- "reference": "5e46819fdb76657f13e05a8f264d06efd9163c3d"
+ "reference": "22e06ef0081de210e2a7b45b563fd3cccb9feee6"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/simplesamlphp/saml2/zipball/5e46819fdb76657f13e05a8f264d06efd9163c3d",
- "reference": "5e46819fdb76657f13e05a8f264d06efd9163c3d",
+ "url": "https://api.github.com/repos/simplesamlphp/saml2/zipball/22e06ef0081de210e2a7b45b563fd3cccb9feee6",
+ "reference": "22e06ef0081de210e2a7b45b563fd3cccb9feee6",
"shasum": ""
},
"require": {
@@ -1424,7 +1424,7 @@
"ext-openssl": "*",
"ext-zlib": "*",
"php": ">=7.1 || ^8.0",
- "psr/log": "~1.1",
+ "psr/log": "~1.1 || ^2.0 || ^3.0",
"robrichards/xmlseclibs": "^3.1.1",
"webmozart/assert": "^1.9"
},
@@ -1459,9 +1459,9 @@
"description": "SAML2 PHP library from SimpleSAMLphp",
"support": {
"issues": "https://github.com/simplesamlphp/saml2/issues",
- "source": "https://github.com/simplesamlphp/saml2/tree/v4.6.1"
+ "source": "https://github.com/simplesamlphp/saml2/tree/v4.6.2"
},
- "time": "2022-05-23T20:49:55+00:00"
+ "time": "2022-06-11T19:47:27+00:00"
},
{
"name": "symfony/cache",
diff --git a/modules/admin/src/Controller/Federation.php b/modules/admin/src/Controller/Federation.php
index 6b8e08a15ea84bc316d18a7df34c5b89257fd183..64fd8254b21f82ebeafd78a50b16b6c2b55976de 100644
--- a/modules/admin/src/Controller/Federation.php
+++ b/modules/admin/src/Controller/Federation.php
@@ -5,6 +5,7 @@ declare(strict_types=1);
namespace SimpleSAML\Module\admin\Controller;
use Exception;
+use SAML2\Constants as C;
use SimpleSAML\Assert\Assert;
use SimpleSAML\Auth;
use SimpleSAML\Configuration;
@@ -195,7 +196,7 @@ class Federation
$idps = $this->mdHandler->getList('saml20-idp-hosted');
$saml2entities = [];
$httpUtils = new Utils\HTTP();
- $metadataBase = $httpUtils->getBaseURL() . 'saml2/idp/metadata.php';
+ $metadataBase = Module::getModuleURL('saml/idp/metadata');
if (count($idps) > 1) {
foreach ($idps as $index => $idp) {
$idp['url'] = $metadataBase . '?idpentityid=' . urlencode($idp['entityid']);
@@ -213,6 +214,9 @@ class Federation
}
foreach ($saml2entities as $index => $entity) {
+ Assert::stringNotEmpty($entity['entityid'], 'The entityID must be a non-empty string.');
+ Assert::maxLength($entity['entityid'], C::ENTITYID_MAX_LENGTH, 'The entityID cannot be longer than 1024 characters.');
+
$builder = new SAMLBuilder($entity['entityid']);
$builder->addMetadataIdP20($entity['metadata_array']);
$builder->addOrganizationInfo($entity['metadata_array']);
@@ -252,6 +256,9 @@ class Federation
}
foreach ($adfsentities as $index => $entity) {
+ Assert::stringNotEmpty($entity['entityid'], 'The entityID must be a non-empty string.');
+ Assert::maxLength($entity['entityid'], C::ENTITYID_MAX_LENGTH, 'The entityID cannot be longer than 1024 characters.');
+
$builder = new SAMLBuilder($entity['entityid']);
$builder->addSecurityTokenServiceType($entity['metadata_array']);
$builder->addOrganizationInfo($entity['metadata_array']);