Skip to content

start to allow adfs metadata in the admin ui again #2067

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
tvdijen merged 1 commit into from
Apr 29, 2024
Merged

start to allow adfs metadata in the admin ui again #2067

tvdijen merged 1 commit into from
Apr 29, 2024

Conversation

@monkeyiq
Copy link
Contributor

@monkeyiq monkeyiq commented Apr 29, 2024

This goes hand in hand with simplesamlphp/simplesamlphp-module-adfs#18

With these and simplesamlphp/simplesamlphp-module-adfs#18 I can again see the ADFS metadata in the admin/federation page.

The next logical move is getting getSecurityTokenService to work again too. Perhaps phase one might be to directly reach out to it and then move to using a hook to call the function.

@tvdijen tvdijen merged commit 7392928 into simplesamlphp:saml2v5_metadata Apr 29, 2024
tvdijen pushed a commit that referenced this pull request Apr 29, 2024
@monkeyiq @tvdijen
start to allow adfs metadata in the admin ui again (#2067)
60b2c64
tvdijen pushed a commit that referenced this pull request Apr 29, 2024
@monkeyiq @tvdijen
start to allow adfs metadata in the admin ui again (#2067)
d4f8ce4
tvdijen pushed a commit that referenced this pull request Apr 29, 2024
@monkeyiq @tvdijen
start to allow adfs metadata in the admin ui again (#2067)
e0b429d
tvdijen pushed a commit that referenced this pull request Apr 29, 2024
@monkeyiq @tvdijen
start to allow adfs metadata in the admin ui again (#2067)
ab9195e
tvdijen
tvdijen reviewed Apr 29, 2024
View reviewed changes
src/SimpleSAML/Metadata/MetaDataStorageHandler.php
case 'SingleLogoutServiceBinding':
return C::BINDING_HTTP_REDIRECT;
}
} elseif ($set == 'adfs-idp-hosted') {
Copy link
Member

@tvdijen tvdijen Apr 29, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ideally the adfs-module should provide this (so we don't have any references to adfs anywhere).
Now that I'm looking at this a second time, I think there's a bug here, because a SingleSignOnService of value $baseurl is not going to work.. I think in this case it should be the prp-endpoint from the adfs-module.

@monkeyiq
Copy link
Contributor Author

monkeyiq commented May 1, 2024

There are likely to be issues as I go along. I am still coming up to speed with SAML itself and didn't know about ADFS until very recently. That said my first move was to try to get something in the admin / federation page and then start working to refine things to be as expected.

I will dig into an update for $baseurl to prp-endpoint as suggested.

I will also look at how to shift all code that references adfs out of src/SimpleSAML/Metadata (and src/SimpleSAML/*) and into the adfs module as a follow up.

@monkeyiq monkeyiq mentioned this pull request Jun 28, 2024
Closed
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jul 30, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@tvdijen tvdijen tvdijen left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@monkeyiq @tvdijen