Add POST binding for AuthNRequest #239
Conversation
|
Adding this opens the door to support the ability to generate LogoutRequest/LogoutResponses via HTTP-POST as well as be able to process them, so at the end, some extra complexity to the toolkit. |
…gin_Saml2_Auth.login. Otherwise this broke backwards compatibility.
flupzor
force-pushed
the
pr-post-binding-rebased
branch
from
5537390 to
639d326
Compare
|
I accidentally included the commit 'Add the ability to change the ProtocolBinding in the authn request.' in this PR, while it should've been part of #237 I moved it to there. |
|
@pitbulk I can appreciate keeping the project simple. I'm not entirely sure how often the POST-binding is used for the AuthNRequest. The modification I made to get_request is something that would be useful to have (but I could even work around that by doing a reverse of deflate/base64). Otherwise I could also implement this by extending the OneLogin_Saml2_Auth class. For the Artifact binding I actually needed some changes, which I could only do by forking the project. |
pitbulk
force-pushed
the
master
branch
2 times, most recently
from
4fa3934 to
acef8eb
Compare
2 participants
This adds support for the POST binding to 'login' flow.