From c695a53245360d6269376b8e5b5c73d89c0e7e2e Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Fri, 25 Sep 2009 07:53:39 +0000
Subject: [PATCH] saml: Change to use InResponseTo for the state id.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1785 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/saml/lib/Auth/Source/SP.php | 2 +-
 modules/saml/www/sp/saml2-acs.php   | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/modules/saml/lib/Auth/Source/SP.php b/modules/saml/lib/Auth/Source/SP.php
index 605b3c426..b14fbaa2c 100644
--- a/modules/saml/lib/Auth/Source/SP.php
+++ b/modules/saml/lib/Auth/Source/SP.php
@@ -171,7 +171,7 @@ class sspmod_saml_Auth_Source_SP extends SimpleSAML_Auth_Source {
 		$ar->setProtocolBinding(SAML2_Const::BINDING_HTTP_POST);
 
 		$id = SimpleSAML_Auth_State::saveState($state, 'saml:sp:ssosent-saml2');
-		$ar->setRelayState($id);
+		$ar->setId($id);
 
 		$b = new SAML2_HTTPRedirect();
 		$b->setDestination(sspmod_SAML2_Message::getDebugDestination());
diff --git a/modules/saml/www/sp/saml2-acs.php b/modules/saml/www/sp/saml2-acs.php
index 8b28d504c..3b99b0138 100644
--- a/modules/saml/www/sp/saml2-acs.php
+++ b/modules/saml/www/sp/saml2-acs.php
@@ -13,10 +13,10 @@ if (!($response instanceof SAML2_Response)) {
 	throw new SimpleSAML_Error_BadRequest('Invalid message received to AssertionConsumerService endpoint.');
 }
 
-$relayState = $response->getRelayState();
-if (!empty($relayState)) {
+$stateId = $response->getInResponseTo();
+if (!empty($stateId)) {
 	/* This is a response to a request we sent earlier. */
-	$state = SimpleSAML_Auth_State::loadState($relayState, 'saml:sp:ssosent-saml2');
+	$state = SimpleSAML_Auth_State::loadState($stateId, 'saml:sp:ssosent-saml2');
 
 	/* Check that the authentication source is correct. */
 	assert('array_key_exists("saml:sp:AuthId", $state)');
-- 
GitLab