fix AzureAD IdP string

Angle · Aug 2, 2023 · 11c3186 · 11c3186
1 parent ec40234
commit 11c3186
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 3 deletions.
diff --git a/DependencyInjection/AngleOneLoginAzureSamlExtension.php b/DependencyInjection/AngleOneLoginAzureSamlExtension.php
@@ -28,11 +28,12 @@ public function load(array $configs, ContainerBuilder $container): void
         $appBaseUrl     = $config['app_base_url'];
         $appTrustProxy  = $config['app_trust_proxy'];
 
+        $azureAdIdp = 'https://sts.windows.net/' . $azureAppId . '/';
         $azureSamlUrl = 'https://login.microsoftonline.com/' . $azureAppId . '/saml2';
 
         $samlSettings = [
             'idp' => [
-                'entityId' => $azureSamlUrl,
+                'entityId' => $azureAdIdp,
                 'singleSignOnService' => [
                     'url' => $azureSamlUrl,
                     'binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',

diff --git a/DependencyInjection/Configuration.php b/DependencyInjection/Configuration.php
@@ -177,7 +177,7 @@ public function getConfigTreeBuilder(): TreeBuilder
                 ->scalarNode('azure_app_id')->end()
                 ->scalarNode('azure_x509_cert')->end()
                 ->scalarNode('app_base_url')->end()
-                ->scalarNode('app_trust_proxy')->defaultFalse()->end()
+                ->booleanNode('app_trust_proxy')->defaultFalse()->end()
         ;
 
         return $treeBuilder;

diff --git a/Tests/DependencyInjection/Fixtures/angle_azure.yaml b/Tests/DependencyInjection/Fixtures/angle_azure.yaml
@@ -3,4 +3,4 @@ angle_one_login_azure_saml:
     azure_x509_cert: 'xxxXXXxxxXXXxxxXXXxxxXXXxxxXXXxxxXXXxxxXXXxxxXXX'
     # include protocol (http/https), but do NOT include a trailing slash
     app_base_url: 'https://myapp.com'
-    app_trust_proxy: false
+    app_trust_proxy: true