diff --git a/Sustainsys.Saml2.Owin/Saml2AuthenticationHandler.cs b/Sustainsys.Saml2.Owin/Saml2AuthenticationHandler.cs index 7e604325c..a65a61282 100644 --- a/Sustainsys.Saml2.Owin/Saml2AuthenticationHandler.cs +++ b/Sustainsys.Saml2.Owin/Saml2AuthenticationHandler.cs @@ -60,16 +60,7 @@ protected async override Task AuthenticateCoreAsync() [System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "ReturnUrl")] private AuthenticationTicket CreateErrorAuthenticationTicket(HttpRequestData httpRequestData, Exception ex) { - AuthenticationProperties authProperties = null; - if (httpRequestData.StoredRequestState?.RelayData != null) - { - authProperties = new AuthenticationProperties( - httpRequestData.StoredRequestState.RelayData); - } - else - { - authProperties = new AuthenticationProperties(); - } + var authProperties = new AuthenticationProperties(); if (httpRequestData.StoredRequestState?.ReturnUrl != null) { diff --git a/Tests/Owin.Tests/Saml2AuthenticationMiddlewareTests.cs b/Tests/Owin.Tests/Saml2AuthenticationMiddlewareTests.cs index 158e34fd7..82ac9a6e7 100644 --- a/Tests/Owin.Tests/Saml2AuthenticationMiddlewareTests.cs +++ b/Tests/Owin.Tests/Saml2AuthenticationMiddlewareTests.cs @@ -985,7 +985,6 @@ public async Task Saml2AuthenticationMiddleware_AcsRedirectsToAuthProps_StoredRe context.Request.Method = "POST"; var authProps = new AuthenticationProperties(); - authProps.Dictionary.Add("key1", "value1"); var state = new StoredRequestState(new EntityId("https://idp.example.com"), null, @@ -1051,78 +1050,6 @@ public async Task Saml2AuthenticationMiddleware_AcsRedirectsToAuthProps_StoredRe context.Authentication.AuthenticationResponseGrant.Should().BeNull(); } - [TestMethod] - public async Task Saml2AuthenticationMiddleware_AcsRedirectsToAuthProps_StoredRequestStateWithNoRelayData() - { - var context = OwinTestHelpers.CreateOwinContext(); - context.Request.Method = "POST"; - - var authProps = new AuthenticationProperties(); - - var state = new StoredRequestState(new EntityId("https://idp.example.com"), - new Uri("http://localhost/PathInRequestState?value=42"), - new Saml2Id("InResponseToId"), - null); - - var relayState = SecureKeyGenerator.CreateRelayState(); - - var cookieData = HttpRequestData.ConvertBinaryData( - CreateAppBuilder().CreateDataProtector( - typeof(Saml2AuthenticationMiddleware).FullName) - .Protect(state.Serialize())); - - context.Request.Headers["Cookie"] = $"{StoredRequestState.CookieNameBase}{relayState}={cookieData}"; - - var response = - @" - - https://idp.example.com - - - - - - https://idp.example.com - - SomeUser - - - - - "; - - // No signature, that's an error. - var bodyData = new KeyValuePair[] { - new KeyValuePair("SAMLResponse", - Convert.ToBase64String(Encoding.UTF8.GetBytes(response))), - new KeyValuePair("RelayState",relayState) - }; - - var encodedBodyData = new FormUrlEncodedContent(bodyData); - - context.Request.Body = encodedBodyData.ReadAsStreamAsync().Result; - context.Request.ContentType = encodedBodyData.Headers.ContentType.ToString(); - context.Request.Host = new HostString("localhost"); - context.Request.Path = new PathString("/Saml2/Acs"); - - var middleware = new Saml2AuthenticationMiddleware(null, CreateAppBuilder(), - new Saml2AuthenticationOptions(true) - { - SignInAsAuthenticationType = "AuthType" - }); - - await middleware.Invoke(context); - - context.Response.StatusCode.Should().Be(302); - context.Response.Headers["Location"].Should().Be("http://localhost/PathInRequestState?value=42&error=access_denied"); - context.Authentication.AuthenticationResponseGrant.Should().BeNull(); - } - [TestMethod] public async Task Saml2AuthenticationMiddleware_AcsWorks() {