Skip to content
Snippets Groups Projects
Commit 96b18557 authored by peter's avatar peter
Browse files

PasswordProtectedTransport authncontext when HTTPS 

Following up on the idea mentioned in #937: If the transport is secure fall back to the `PasswordProtectedTransport` authn context class ref, otherwise keep the current default of `Password`.

Requires a version of the SAML2 library with simplesamlphp/saml2#129 merged due to the reference on a newly defined Constant.
parent 71100b3c
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
modules/saml/lib/IdP/SAML2.php
+ 2
0
View file @ 96b18557
...@@ -897,6 +897,8 @@ class SAML2 ...@@ -897,6 +897,8 @@ class SAML2
if (isset($state['saml:AuthnContextClassRef'])) { if (isset($state['saml:AuthnContextClassRef'])) {
$a->setAuthnContextClassRef($state['saml:AuthnContextClassRef']); $a->setAuthnContextClassRef($state['saml:AuthnContextClassRef']);
} elseif (\SimpleSAML\Utils\HTTP::isHTTPS()) {
$a->setAuthnContextClassRef(\SAML2\Constants::AC_PASSWORD_PROTECTED_TRANSPORT);
} else { } else {
$a->setAuthnContextClassRef(\SAML2\Constants::AC_PASSWORD); $a->setAuthnContextClassRef(\SAML2\Constants::AC_PASSWORD);
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment