diff --git a/TUTORIAL.md b/TUTORIAL.md index 0d68651b..ca16159f 100644 --- a/TUTORIAL.md +++ b/TUTORIAL.md @@ -452,8 +452,6 @@ The following is from Foswiki's SamlLoginContrib function:  my $idp = Net::SAML2::IdP->new_from_url(  url => $this->{Saml}{metadata},  cacert => $this->{Saml}{cacert}, - sls_force_lcase_url_encoding => $this->{Saml}{sls_force_lcase_url_encoding}, - sls_double_encoded_response => $this->{Saml}{sls_double_encoded_response}  ); my $redirect = Net::SAML2::Binding::Redirect->new( @@ -461,8 +459,6 @@ The following is from Foswiki's SamlLoginContrib function: key => $this->{Saml}{sp_signing_key}, cert => $idp->cert('signing'), param => 'SAMLResponse', - sls_force_lcase_url_encoding => $this->{Saml}{sls_force_lcase_url_encoding}, - sls_double_encoded_response => $this->{Saml}{sls_double_encoded_response} ); my ($response, $relaystate) = $redirect->verify($uri); @@ -498,7 +494,7 @@ The SP needs to create the Net::SAML2::IdP object as is done above (in this case ); ``` -Create the Net::SAML2::Binding::Redirect object. Note the sls_force_lcase_url_encoding is used if the IdP sends a URL that has meen URL encoded with lower case characters %2f instead of %2F. +Create the Net::SAML2::Binding::Redirect object. ``` my $redirect = Net::SAML2::Binding::Redirect->new( @@ -508,7 +504,6 @@ Create the Net::SAML2::Binding::Redirect object. Note the sls_force_lcase_url_e param => 'SAMLRequest', # The ssl_url destination for redirect url => $idp->sso_url('urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'), - #sls_force_lcase_url_encoding => 1, ); ``` Verify signature on the URL, decode the request and retrieve the XML request and RelayState. diff --git a/lib/Net/SAML2/Binding/Redirect.pm b/lib/Net/SAML2/Binding/Redirect.pm index 5890b535..fb782e53 100644 --- a/lib/Net/SAML2/Binding/Redirect.pm +++ b/lib/Net/SAML2/Binding/Redirect.pm @@ -79,18 +79,6 @@ sha1, sha224, sha256, sha384, sha512 Defaults to C. -=item B - -Specifies that the IdP requires the encoding of a URL to be in lowercase. -Necessary for a HTTP-Redirect of a LogoutResponse from Azure in particular. -True (1) or False (0). Some web frameworks and underlying http requests assume -that the encoding should be in the standard uppercase (%2F not %2f) - -=item B - -Specifies that the IdP response sent to the HTTP-Redirect is double encoded. -The double encoding requires it to be decoded prior to processing. - =item B Output extra debugging information @@ -117,20 +105,6 @@ has 'sig_hash' => ( default => 'sha1' ); -has 'sls_force_lcase_url_encoding' => ( - isa => 'Bool', - is => 'ro', - required => 0, - default => 0 -); - -has 'sls_double_encoded_response' => ( - isa => 'Bool', - is => 'ro', - required => 0, - default => 0 -); - has debug => ( is => 'ro', isa => 'Bool', diff --git a/lib/Net/SAML2/IdP.pm b/lib/Net/SAML2/IdP.pm index 64cd1310..67ae831c 100644 --- a/lib/Net/SAML2/IdP.pm +++ b/lib/Net/SAML2/IdP.pm @@ -45,18 +45,6 @@ Constructor =item B -=item B - -Specifies that the IdP requires the encoding of a URL to be in lowercase. -Necessary for a HTTP-Redirect of a LogoutResponse from Azure in particular. -True (1) or False (0). Some web frameworks and underlying http requests assume -that the encoding should be in the standard uppercase (%2F not %2f) - -=item B - -Specifies that the IdP response sent to the HTTP-Redirect is double encoded. -The double encoding requires it to be decoded prior to processing. - =back =cut @@ -67,8 +55,6 @@ has 'sso_urls' => (isa => 'HashRef[Str]', is => 'ro', required => 1); has 'slo_urls' => (isa => 'Maybe[HashRef[Str]]', is => 'ro'); has 'art_urls' => (isa => 'Maybe[HashRef[Str]]', is => 'ro'); has 'certs' => (isa => 'HashRef[ArrayRef[Str]]', is => 'ro', required => 1); -has 'sls_force_lcase_url_encoding' => (isa => 'Bool', is => 'ro', required => 0); -has 'sls_double_encoded_response' => (isa => 'Bool', is => 'ro', required => 0); has 'formats' => ( isa => 'HashRef[Str]', @@ -114,8 +100,6 @@ sub new_from_url { return $class->new_from_xml( xml => $xml, cacert => $args{cacert}, - sls_force_lcase_url_encoding => $args{sls_force_lcase_url_encoding}, - sls_double_encoded_response => $args{sls_double_encoded_response}, ); } @@ -224,8 +208,6 @@ sub new_from_xml { art_urls => $data->{Art} || {}, certs => \@certs, cacert => $args{cacert}, - sls_force_lcase_url_encoding => $args{sls_force_lcase_url_encoding}, - sls_double_encoded_response => $args{sls_double_encoded_response}, $data->{DefaultFormat} ? ( default_format => $data->{DefaultFormat}, diff --git a/lib/Net/SAML2/SP.pm b/lib/Net/SAML2/SP.pm index 32b169d4..660e7da7 100644 --- a/lib/Net/SAML2/SP.pm +++ b/lib/Net/SAML2/SP.pm @@ -399,8 +399,6 @@ sub slo_redirect_binding { cert => $idp->cert('signing'), key => $self->key, param => $param, - sls_force_lcase_url_encoding => $idp->{sls_force_lcase_url_encoding}, - sls_double_encoded_response => $idp->{sls_double_encoded_response}, ); return $redirect; } diff --git a/xt/testapp/config.yml b/xt/testapp/config.yml index 6217da14..f35e5aa7 100644 --- a/xt/testapp/config.yml +++ b/xt/testapp/config.yml @@ -16,5 +16,3 @@ org_name: "Net::SAML2 Saml2Test" org_display_name: "Saml2Test app for Net::SAML2" org_contact: "saml2test@example.com" error_url: "/error" -sls_force_lcase_url_encoding: "0" -sls_double_encoded_response: "0" diff --git a/xt/testapp/lib/Saml2Test.pm b/xt/testapp/lib/Saml2Test.pm index 733d3aa0..29e746fc 100644 --- a/xt/testapp/lib/Saml2Test.pm +++ b/xt/testapp/lib/Saml2Test.pm @@ -267,8 +267,6 @@ sub _idp { my $idp = Net::SAML2::IdP->new_from_url( url => config->{idp}, cacert => config->{cacert}, - sls_force_lcase_url_encoding => config->{sls_force_lcase_url_encoding}, - sls_double_encoded_response => config->{sls_double_encoded_response} ); return $idp; }