From 809260a537ebc0c2a50b9afaa5046ac7e9ee251a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sim=C3=A3o=20Martins?= <Lasering@users.noreply.github.com>
Date: Sun, 30 Aug 2020 13:09:15 +0100
Subject: [PATCH] Support saml:Extensions inside Authsources.php (#1349)

---
 modules/saml/lib/Auth/Source/SP.php | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/modules/saml/lib/Auth/Source/SP.php b/modules/saml/lib/Auth/Source/SP.php
index 689d1927b..6f111198a 100644
--- a/modules/saml/lib/Auth/Source/SP.php
+++ b/modules/saml/lib/Auth/Source/SP.php
@@ -586,15 +586,20 @@ class SP extends \SimpleSAML\Auth\Source
 
         $ar->setRequesterID($requesterID);
 
-        if (isset($state['saml:Extensions'])) {
+        // If the downstream SP has set extensions then use them.
+        // Otherwise use extensions that might be defined in the local SP (only makes sense in a proxy scenario)
+        if (isset($state['saml:Extensions']) && count($state['saml:Extensions']) > 0) {
             $ar->setExtensions($state['saml:Extensions']);
+        } else if ($this->metadata->getArray('saml:Extensions', null) !== null) {
+            $ar->setExtensions($this->metadata->getArray('saml:Extensions'));
         }
-        
+
         $providerName = $this->metadata->getString("ProviderName", null);
         if ($providerName !== null) {
             $ar->setProviderName($providerName);
         }
 
+
         // save IdP entity ID as part of the state
         $state['ExpectedIssuer'] = $idpMetadata->getString('entityid');
 
-- 
GitLab