Skip to content

Add Ability to define logout_endpoint and its binding in order to generate a proper metadata file #159

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Add Ability to define logout_endpoint and its binding in order to generate a proper metadata file #159

wants to merge 3 commits into from

Conversation

@miguelfreitas93
Copy link

@miguelfreitas93 miguelfreitas93 commented Dec 13, 2018

In the previous version the SingleLogoutService Location is the same as Assertion Location, which is wrong because both can be different. Also it was added the ability to choose the binding of SingleLogoutService which can be "HTTP-POST" and "HTTP-Redirect"

@gabegorelick gabegorelick mentioned this pull request Aug 9, 2019
Closed
@marcusforsberg marcusforsberg mentioned this pull request Jan 10, 2020
Open
mcab
mcab requested changes Feb 3, 2021
View reviewed changes
Copy link
Member

@mcab mcab left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good!

Changing the default behavior of create_metadata seems like test cases might break.

saml2/test/saml2.coffee

Lines 65 to 70 in 9395913

METADATA =
saml2.create_metadata(
'https://sp.example.com/metadata.xml',
'https://sp.example.com/assert',
[CERT_1],
[CERT_1, CERT_2])

Is it possible to fix those cases and add ones to test the changing of Binding and Location?

@mcab mcab self-assigned this Feb 3, 2021
@miguelfreitas93 @mcab
Update README.md
edc1aab 
Co-authored-by: Mark Cabanero <[email protected]>
@mcab mcab mentioned this pull request Feb 3, 2021
Open
miguelfreitas93
miguelfreitas93 commented Feb 3, 2021
View reviewed changes
lib/saml2.coffee
'md:SingleLogoutService':
'@Binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'
'@Location': assert_endpoint
'@Binding': 'urn:oasis:names:tc:SAML:2.0:bindings:' + logout_binding
Copy link
Author

@miguelfreitas93 miguelfreitas93 Feb 3, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

logout_binding should be validated with a whitelist

miguelfreitas93
miguelfreitas93 commented Feb 3, 2021
View reviewed changes
lib/saml2.coffee
'@Binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'
'@Location': assert_endpoint
'@Binding': 'urn:oasis:names:tc:SAML:2.0:bindings:' + logout_binding
'@Location': logout_endpoint
Copy link
Author

@miguelfreitas93 miguelfreitas93 Feb 3, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

logout_endpoint should be validated if it is a valid URL

@enterstudio enterstudio mentioned this pull request Mar 11, 2021
Open
@mcab mcab removed their assignment Nov 10, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mcab mcab mcab requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@miguelfreitas93 @mcab @miguelfreitascheckmarx