]> BookStack Code Mirror - bookstack/commit
projects / bookstack / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4c0b7f3)
SAML2: Fixed non-spec point of logout, Improved redirect location
authorDan Brown <redacted>
Fri, 8 Dec 2023 18:38:52 +0000 (18:38 +0000)
committerDan Brown <redacted>
Fri, 8 Dec 2023 18:42:13 +0000 (18:42 +0000)
commit8cbaa3e27c7eb038f010638d3b4b91f3a1a5a644
tree9ac4ad8cdc6aa5c16ee62ef5ece04d84b48fe736tree | snapshot
parent4c0b7f31236f05d86cc576d4899916144e4f49f0commit | diff
SAML2: Fixed non-spec point of logout, Improved redirect location

This changes the point-of-logout to be within the initial part of the
SAML logout flow, as per 5.3.2 of the SAML spec, processing step 2.
This also improves the logout redirect handling to use the global
redirect suggestion so that auto-login handling is properly taken into
account.

Added tests to cover.
Manual testing performed against keycloak.
For #4713
app/Access/Controllers/Saml2Controller.php diff | blob | history
app/Access/Saml2Service.php diff | blob | history
tests/Auth/Saml2Test.php diff | blob | history
The core source code for the BookStack project.
Morty Proxy This is a proxified and sanitized view of the page, visit original site.