NameID format is hardcoded (AuthnRequest) #54
Comments
|
Fixed with this code in controller before AuthnRequest generation // Weird LightSAML event system (Doesn't work with Symfony events)
$this->get('lightsaml.system.event_dispatcher')->addListener(
Events::BEFORE_ENCRYPT,
function (GenericEvent $event) {
/** @var ContextInterface $context */
$context = $event->getSubject();
// Add NameIDFormat to AuthnRequest
if (
$context instanceof ProfileContext &&
$context->getProfileId() === 'sso_sp_send_authn_req'
) {
$nameIdFormat = SamlConstants::NAME_ID_FORMAT_PERSISTENT;
/** @var AuthnRequest $authnRequest */
$authnRequest = $context->getOutboundContext()->getMessage();
$authnRequest->setNameIDPolicy(new NameIDPolicy($nameIdFormat, false));
$authnRequest->getIssuer()->setFormat($nameIdFormat);
}
}
); |
How to trigger LightSaml events on Symfony event disptacherSet in light_saml_symfony_bridge:
...
system:
# dispatch LightSaml events on Symfony event dispatcher instead of separate dispatcher
event_dispatcher: 'event_dispatcher'So the above event can be hooked as usual use LightSaml\Event\Events;
public static function getSubscribedEvents()
{
return [
Events::BEFORE_ENCRYPT => 'onSamlBeforeEncrypt',
];
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
https://github.com/lightSAML/lightSAML/blob/d0253368b7eba88e867545ab3590cbcc7fa8b04d/src/LightSaml/Action/Profile/Outbound/Message/CreateMessageIssuerAction.php#L36
The text was updated successfully, but these errors were encountered: