tweak(SSO saml2) allow rp to configure name id format

tine-groupware · Mar 25, 2024 · 4680966 · 4680966
1 parent 1897586
commit 4680966
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 2 deletions.
diff --git a/tine20/SSO/Controller.php b/tine20/SSO/Controller.php
@@ -634,8 +634,13 @@ protected static function getLoginPage($request)
             ['field' => 'name', 'operator' => 'equals', 'value' => $samlRequest->getIssuer()->getValue()]
         ]))->getFirstRecord();
 
-        $data = $request->getQueryParams();
-        $data['SAMLRequest'] = base64_encode(gzinflate(base64_decode($data['SAMLRequest'])));
+        /** @var \Psr\Http\Message\ServerRequestInterface $request */
+        if ($request->getQueryParams()['SAMLRequest'] ?? false) {
+            $data = $request->getQueryParams();
+        } else {
+            $data = $request->getParsedBody();
+        }
+        $data['SAMLRequest'] = base64_encode(gzinflate($decode = base64_decode($data['SAMLRequest'])) ?: $decode);
 
         return static::renderLoginPage($rp, $data);
     }

diff --git a/tine20/SSO/Model/Saml2RPConfig.php b/tine20/SSO/Model/Saml2RPConfig.php
@@ -30,6 +30,7 @@ class SSO_Model_Saml2RPConfig extends Tinebase_Record_NewAbstract implements SSO
     public const FLD_SINGLE_LOGOUT_SERVICE_BINDING = 'singleLogoutServiceBinding';
     public const FLD_ATTRIBUTE_MAPPING = 'attributeMapping';
     public const FLD_CUSTOM_HOOKS = 'customHooks';
+    public const FLD_NAME_ID_FORMAT = 'nameIdFormat';
 
     /**
      * holds the configuration object (must be declared in the concrete class)
@@ -118,6 +119,10 @@ class SSO_Model_Saml2RPConfig extends Tinebase_Record_NewAbstract implements SSO
             self::FLD_CUSTOM_HOOKS        => [
                 self::TYPE                  => self::TYPE_JSON,
             ],
+            self::FLD_NAME_ID_FORMAT      => [
+                self::TYPE                  => self::TYPE_STRING,
+                self::LENGTH                => 255,
+            ],
         ]
     ];
 
@@ -136,6 +141,9 @@ public function getSaml2Array(): array
             self::FLD_CUSTOM_HOOKS => $this->{self::FLD_CUSTOM_HOOKS},
         ];
 
+        if (!empty($this->{self::FLD_NAME_ID_FORMAT})) {
+            $result['NameIDFormat'] = $this->{self::FLD_NAME_ID_FORMAT};
+        }
         if (!empty($this->{self::FLD_ASSERTION_CONSUMER_SERVICE_LOCATION})) {
             $result['AssertionConsumerService']['Location'] = $this->{self::FLD_ASSERTION_CONSUMER_SERVICE_LOCATION};
         }