-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for POST AuthnRequest initialisation requests #62
Comments
I think that this feature can be done asap, |
@mauromol it's something that could done in while, just a purpose here
If yes, I'd add only
|
In theory, a POST request may have both a body AND query string parameters. It's an unusual scenario, but it's possible. Even when we talk about application/x-www-form-urlencoded body contents, depending on how the server processes the request, it may expect some parameters to be passed necessarily as query string parameters, some other as being part of the body. Also, if you plan to support e.g. JSON payloads for such POST requests, you of course need to specify the body. And perhaps a third parameter (like |
Done here |
Right now, with:
I'm telling spid_sp_test to make a GET request to http://localhost:8000/spid/login/?idp=https://localhost:8080 in order to simulate the user browser and get the
AuthnRequest
aimed to be forwarded to the IdP.In my environment this request should be made in POST instead. After all, the https://github.com/italia/spid-sp-access-button is offered in two different flavours, GET and POST. So I'm requesting whether this scenario could also be supported in spid-sp-test.
The most straightforward solution that comes into my mind: add two parameters like these:
That is: add a command line parameter to specify the request type (POST/GET... possibly even PUT?) and another parameter to specify the request body as a string (in this case I'm using a application/x-www-form-urlencoded body, but I could write a JSON string or whatever...).
As a plus, perhaps having also a
--authn-body-file=path/to/some/file
that reads the body contents from a file instead of from the CLI would be nice to have.The text was updated successfully, but these errors were encountered: