Add relyingPartyRegistrationId to AbstractSaml2AuthenticationRequest #11195
Labels
in: saml2
An issue in SAML2 modules
status: ideal-for-contribution
An issue that we actively are looking for someone to help us with
type: enhancement
A general enhancement
Milestone
It would be nice if implementations of
AbstractSaml2AuthenticationRequest
stored therelyingPartyRegistrationId
.One benefit is it introduces the ability to look up the registration id during login. Currently, the only way to do this is by path or by implementing a custom
RelyingPartyRegistrationResolver
.The needed changes are as follows:
AbstractSaml2AuthenticationRequest
(seeSaml2LogoutRequest
andSaml2LogoutResponse
for examples).withRelyingPartyRegistration
static methodsSaml2AuthenticationTokenConverter
to determine the registration id, passing that to the configuredrelyingPartyRegistrationResolver
Note that these changes should be made in such a way that receiving an unsolicited SAML response still works (e.g. there is no stored AuthnRequest).
The text was updated successfully, but these errors were encountered: