Working around 'SubjectConfirmation was not found' issue due to inval…

…id URL parsing, documented here: SAML-Toolkits/php-saml#175 (comment)
patricknelson · Aug 18, 2017 · 3532565 · 3532565
1 parent e3ddc42
commit 3532565
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/code/control/SAMLController.php b/code/control/SAMLController.php
@@ -35,6 +35,10 @@ public function acs()
     {
         /** @var OneLogin_Saml2_Auth $auth */
         $auth = Injector::inst()->get('SAMLHelper')->getSAMLAuth();
+
+        // Required to workaround a *possible* bug/regression caused by php-saml package: https://github.com/onelogin/php-saml/pull/175#issuecomment-323235699
+        $auth->getSettings()->setBaseURL('');
+
         $auth->processResponse();
 
         $error = $auth->getLastErrorReason();
@@ -51,6 +55,7 @@ public function acs()
             return $this->getRedirect();
         }
 
+
         $decodedNameId = base64_decode($auth->getNameId());
         // check that the NameID is a binary string (which signals that it is a guid
         if (ctype_print($decodedNameId)) {
@@ -97,7 +102,7 @@ public function acs()
 
             $member->$field = $attributes[$claim][0];
         }
-        
+
         $member->SAMLSessionIndex = $auth->getSessionIndex();
 
         // This will trigger LDAP update through LDAPMemberExtension::memberLoggedIn.