Skip to content
Snippets Groups Projects
Commit 3cec8eea authored by Jaime Perez's avatar Jaime Perez Committed by Jaime Perez Crespo
Browse files

modules/saml: proper error message in SAML1.1/2.0 ACS when auth source ID is missing.

parent 21b787d5
No related branches found
No related tags found
No related merge requests found
...@@ -8,6 +8,10 @@ if (!array_key_exists('TARGET', $_REQUEST)) { ...@@ -8,6 +8,10 @@ if (!array_key_exists('TARGET', $_REQUEST)) {
throw new SimpleSAML_Error_BadRequest('Missing TARGET parameter.'); throw new SimpleSAML_Error_BadRequest('Missing TARGET parameter.');
} }
if (!array_key_exists('PATH_INFO', $_SERVER)) {
throw new SimpleSAML_Error_BadRequest('Missing authentication source ID in assertion consumer service URL');
}
$sourceId = $_SERVER['PATH_INFO']; $sourceId = $_SERVER['PATH_INFO'];
$end = strpos($sourceId, '/', 1); $end = strpos($sourceId, '/', 1);
if ($end === FALSE) { if ($end === FALSE) {
......
...@@ -4,6 +4,10 @@ ...@@ -4,6 +4,10 @@
* Assertion consumer service handler for SAML 2.0 SP authentication client. * Assertion consumer service handler for SAML 2.0 SP authentication client.
*/ */
if (!array_key_exists('PATH_INFO', $_SERVER)) {
throw new SimpleSAML_Error_BadRequest('Missing authentication source ID in assertion consumer service URL');
}
$sourceId = substr($_SERVER['PATH_INFO'], 1); $sourceId = substr($_SERVER['PATH_INFO'], 1);
$source = SimpleSAML_Auth_Source::getById($sourceId, 'sspmod_saml_Auth_Source_SP'); $source = SimpleSAML_Auth_Source::getById($sourceId, 'sspmod_saml_Auth_Source_SP');
$spMetadata = $source->getMetadata(); $spMetadata = $source->getMetadata();
......
...@@ -7,7 +7,7 @@ ...@@ -7,7 +7,7 @@
*/ */
if (!array_key_exists('PATH_INFO', $_SERVER)) { if (!array_key_exists('PATH_INFO', $_SERVER)) {
throw new SimpleSAML_Error_BadRequest('Missing authentication source id in logout URL'); throw new SimpleSAML_Error_BadRequest('Missing authentication source ID in logout URL');
} }
$sourceId = substr($_SERVER['PATH_INFO'], 1); $sourceId = substr($_SERVER['PATH_INFO'], 1);
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment