From 3b2f4e773e969922ea6ff1000ebb07826c783659 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Fri, 25 Sep 2009 07:53:50 +0000
Subject: [PATCH] saml: Use RelayState to save return URL for unsoliced
 response.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1786 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/saml/lib/Auth/Source/SP.php | 10 +++++++++-
 modules/saml/www/sp/saml2-acs.php   |  1 +
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/modules/saml/lib/Auth/Source/SP.php b/modules/saml/lib/Auth/Source/SP.php
index b14fbaa2c..5acba8bd5 100644
--- a/modules/saml/lib/Auth/Source/SP.php
+++ b/modules/saml/lib/Auth/Source/SP.php
@@ -170,6 +170,10 @@ class sspmod_saml_Auth_Source_SP extends SimpleSAML_Auth_Source {
 		$ar->setAssertionConsumerServiceURL(SimpleSAML_Module::getModuleURL('saml/sp/saml2-acs.php/' . $this->authId));
 		$ar->setProtocolBinding(SAML2_Const::BINDING_HTTP_POST);
 
+		if (isset($state['SimpleSAML_Auth_Default.ReturnURL'])) {
+			$ar->setRelayState($state['SimpleSAML_Auth_Default.ReturnURL']);
+		}
+
 		$id = SimpleSAML_Auth_State::saveState($state, 'saml:sp:ssosent-saml2');
 		$ar->setId($id);
 
@@ -386,7 +390,11 @@ class sspmod_saml_Auth_Source_SP extends SimpleSAML_Auth_Source {
 		$state['Attributes'] = $authProcState['Attributes'];
 
 		if (isset($state['saml:sp:isUnsoliced']) && (bool)$state['saml:sp:isUnsoliced']) {
-			$redirectTo = $source->getMetadata()->getString('RelayState', '/');
+			if (isset($state['saml:sp:RelayState'])) {
+				$redirectTo = $state['saml:sp:RelayState'];
+			} else {
+				$redirectTo = $source->getMetadata()->getString('RelayState', '/');
+			}
 			SimpleSAML_Auth_Default::handleUnsolicedAuth($sourceId, $state, $redirectTo);
 		}
 
diff --git a/modules/saml/www/sp/saml2-acs.php b/modules/saml/www/sp/saml2-acs.php
index 3b99b0138..494709305 100644
--- a/modules/saml/www/sp/saml2-acs.php
+++ b/modules/saml/www/sp/saml2-acs.php
@@ -28,6 +28,7 @@ if (!empty($stateId)) {
 	$state = array(
 		'saml:sp:isUnsoliced' => TRUE,
 		'saml:sp:AuthId' => $sourceId,
+		'saml:sp:RelayState' => $response->getRelayState(),
 	);
 }
 
-- 
GitLab