From 538bdde238f59dd22360dd4ad0aa0629e4fc77b9 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Wed, 2 Dec 2009 11:52:24 +0000
Subject: [PATCH] saml2/SSOService: Detect missing cookie.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2016 44740490-163a-0410-bde0-09ae8108e29a
---
 www/saml2/idp/SSOService.php | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/www/saml2/idp/SSOService.php b/www/saml2/idp/SSOService.php
index fbec7c011..7d664c9fc 100644
--- a/www/saml2/idp/SSOService.php
+++ b/www/saml2/idp/SSOService.php
@@ -271,7 +271,18 @@ if (isset($_REQUEST['SAMLRequest'])) {
  * If the spentityid parameter is provided, we will fallback to a unsolited response to the SP.
  */
 } elseif(array_key_exists('spentityid', $_GET)) {
-	
+
+	if (isset($_REQUEST['cookieTime'])) {
+		$cookieTime = (int)$_REQUEST['cookieTime'];
+		if ($cookieTime + 3 > time()) {
+			/*
+			 * Less than three seconds has passed since we were
+			 * here the last time. Cookies are probably disabled.
+			 */
+			SimpleSAML_Utilities::checkCookie(SimpleSAML_Utilities::selfURL());
+		}
+	}
+
 	/* Creating a request cache, even though there was no request, and adding the
 	 * information that is neccessary to be able to respond with an unsolited response
 	 */
@@ -342,6 +353,7 @@ if($needAuth && !$isPassive) {
 		 */
 		$sessionLostParams = array(
 			'spentityid' => $requestcache['Issuer'],
+			'cookieTime' => time(),
 			);
 		if (isset($requestcache['RelayState'])) {
 			$sessionLostParams['RelayState'] = $requestcache['RelayState'];
-- 
GitLab