saml: Change to use InResponseTo for the state id.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1785 44740490-163a-0410-bde0-09ae8108e29a

modules/saml/lib/Auth/Source/SP.php

@@ -171,7 +171,7 @@ class sspmod_saml_Auth_Source_SP extends SimpleSAML_Auth_Source {
 		$ar->setProtocolBinding(SAML2_Const::BINDING_HTTP_POST);
 
 		$id = SimpleSAML_Auth_State::saveState($state, 'saml:sp:ssosent-saml2');
-		$ar->setRelayState($id);
+		$ar->setId($id);
 
 		$b = new SAML2_HTTPRedirect();
 		$b->setDestination(sspmod_SAML2_Message::getDebugDestination());

modules/saml/www/sp/saml2-acs.php

@@ -13,10 +13,10 @@ if (!($response instanceof SAML2_Response)) {
 	throw new SimpleSAML_Error_BadRequest('Invalid message received to AssertionConsumerService endpoint.');
 }
 
-$relayState = $response->getRelayState();
-if (!empty($relayState)) {
+$stateId = $response->getInResponseTo();
+if (!empty($stateId)) {
 	/* This is a response to a request we sent earlier. */
-	$state = SimpleSAML_Auth_State::loadState($relayState, 'saml:sp:ssosent-saml2');
+	$state = SimpleSAML_Auth_State::loadState($stateId, 'saml:sp:ssosent-saml2');
 
 	/* Check that the authentication source is correct. */
 	assert('array_key_exists("saml:sp:AuthId", $state)');