Skip to content

Commit

Permalink
fix: change handling of responses without url to respond to
Browse files Browse the repository at this point in the history
  • Loading branch information
@stebenz
stebenz committed Nov 16, 2023
1 parent 45a75c4 commit 7ae5510
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 4 deletions.
2 changes: 1 addition & 1 deletion pkg/provider/logout.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ func (p *IdentityProvider) logoutHandleFunc(w http.ResponseWriter, r *http.Reque
return nil
},
func() {
response.sendBackLogoutResponse(w, response.makeUnsupportedlLogoutResponse(fmt.Errorf("failed to decode request: %w", err).Error(), p.timeFormat))
http.Error(w, fmt.Errorf("failed to decode request: %w", err).Error(), http.StatusInternalServerError)
},
)

Expand Down
11 changes: 8 additions & 3 deletions pkg/provider/logout_response.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import (
"bytes"
"encoding/base64"
"encoding/xml"
"fmt"
"html/template"
"net/http"
"time"
Expand Down Expand Up @@ -52,14 +53,18 @@ func (r *LogoutResponse) sendBackLogoutResponse(w http.ResponseWriter, resp *sam
r.ErrorFunc(err)
return
}

samlMessage := base64.StdEncoding.EncodeToString(xmlbuff.Bytes())
samlMessageBytes := xmlbuff.Bytes()

data := LogoutResponseForm{
RelayState: r.RelayState,
SAMLResponse: samlMessage,
SAMLResponse: base64.StdEncoding.EncodeToString(samlMessageBytes),
LogoutURL: r.LogoutURL,
}
if data.LogoutURL == "" {
w.Write(samlMessageBytes)
http.Error(w, fmt.Errorf("failed to find logout url").Error(), http.StatusInternalServerError)
return
}

if err := r.LogoutTemplate.Execute(w, data); err != nil {
r.ErrorFunc(err)
Expand Down
5 changes: 5 additions & 0 deletions pkg/provider/response.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,11 @@ func (r *Response) doResponse(request *http.Request, w http.ResponseWriter, resp
r.AcsUrl,
}

if data.AssertionConsumerServiceURL == "" {
w.Write([]byte(response))
http.Error(w, fmt.Errorf("failed to find AssertionConsumerServiceURL").Error(), http.StatusInternalServerError)
return
}
if err := r.PostTemplate.Execute(w, data); err != nil {
r.ErrorFunc(err)
return
Expand Down

0 comments on commit 7ae5510

Please sign in to comment.