From 59fc3d0fc9664fbe3c2a7d723ed5c62ec937bb5c Mon Sep 17 00:00:00 2001
From: Lukas Reschke
Date: Mon, 14 Nov 2016 14:02:54 +0100
Subject: [PATCH] ADFS lower-case support
---
lib/Settings/Admin.php | 4 ++
lib/samlsettings.php | 1 +
templates/admin.php | 7 +++
tests/Settings/AdminTest.php | 4 ++
tests/clover.xml | 100 +++++++++++++++++++----------------
5 files changed, 69 insertions(+), 47 deletions(-)
diff --git a/lib/Settings/Admin.php b/lib/Settings/Admin.php
index 279aee0..b109d87 100644
--- a/lib/Settings/Admin.php
+++ b/lib/Settings/Admin.php
@@ -73,6 +73,9 @@ class Admin implements ISettings {
'wantNameIdEncrypted' => $this->l10n->t('Indicates a requirement for the NameID received by this SP to be encrypted.'),
'wantXMLValidation' => $this->l10n->t('Indicates if the SP will validate all received XMLs.'),
];
+ $securityGeneral = [
+ 'lowercaseUrlencoding' => $this->l10n->t('ADFS URL-Encodes SAML data as lowercase, and the toolkit by default uses uppercase. Enable for ADFS compatibility on signature verification.'),
+ ];
$generalSettings = [
'uid_mapping' => [
'text' => $this->l10n->t('Attribute to map the UID to.'),
@@ -97,6 +100,7 @@ class Admin implements ISettings {
'sp' => $serviceProviderFields,
'security-offer' => $securityOfferFields,
'security-required' => $securityRequiredFields,
+ 'security-general' => $securityGeneral,
'general' => $generalSettings,
'type' => $type,
];
diff --git a/lib/samlsettings.php b/lib/samlsettings.php
index 0b3d43d..b1ccde3 100644
--- a/lib/samlsettings.php
+++ b/lib/samlsettings.php
@@ -58,6 +58,7 @@ class SAMLSettings {
'wantNameIdEncrypted' => ($this->config->getAppValue('user_saml', 'security-wantNameIdEncrypted', '0') === '1') ? true : false,
'wantXMLValidation' => ($this->config->getAppValue('user_saml', 'security-wantXMLValidation', '0') === '1') ? true : false,
'requestedAuthnContext' => false,
+ 'lowercaseUrlencoding' => ($this->config->getAppValue('user_saml', 'security-lowercaseUrlencoding', '0') === '1') ? true : false,
],
'sp' => [
'entityId' => $this->urlGenerator->linkToRouteAbsolute('user_saml.SAML.getMetadata'),
diff --git a/templates/admin.php b/templates/admin.php
index 5f4c478..28ee200 100644
--- a/templates/admin.php
+++ b/templates/admin.php
@@ -96,6 +96,13 @@ style('user_saml', 'admin');
+ t('General')) ?>
+ $text): ?>
+
+
+
+
+
diff --git a/tests/Settings/AdminTest.php b/tests/Settings/AdminTest.php
index a2dcf1c..b1f1048 100644
--- a/tests/Settings/AdminTest.php
+++ b/tests/Settings/AdminTest.php
@@ -77,6 +77,9 @@ class AdminTest extends \Test\TestCase {
'wantNameIdEncrypted' => 'Indicates a requirement for the NameID received by this SP to be encrypted.',
'wantXMLValidation' => 'Indicates if the SP will validate all received XMLs.',
];
+ $securityGeneral = [
+ 'lowercaseUrlencoding' => 'ADFS URL-Encodes SAML data as lowercase, and the toolkit by default uses uppercase. Enable for ADFS compatibility on signature verification.',
+ ];
$generalSettings = [
'uid_mapping' => [
'text' => 'Attribute to map the UID to.',
@@ -97,6 +100,7 @@ class AdminTest extends \Test\TestCase {
'sp' => $serviceProviderFields,
'security-offer' => $securityOfferFields,
'security-required' => $securityRequiredFields,
+ 'security-general' => $securityGeneral,
'general' => $generalSettings,
];
diff --git a/tests/clover.xml b/tests/clover.xml
index 5bc6439..045fd74 100644
--- a/tests/clover.xml
+++ b/tests/clover.xml
@@ -1,12 +1,11 @@
-
-
+
+
-
@@ -14,7 +13,7 @@
-
+
@@ -23,7 +22,7 @@
-
+
@@ -39,16 +38,16 @@
-
+
-
-
+
+
-
+
@@ -57,11 +56,13 @@
-
+
-
+
+
+
@@ -192,22 +193,21 @@
-
-
+
-
+
-
-
+
+
-
-
-
+
+
+
@@ -215,9 +215,10 @@
-
-
-
+
+
+
+
@@ -251,7 +252,7 @@
-
+
@@ -272,27 +273,29 @@
-
-
+
-
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
-
-
-
-
-
+
+
+
+
+
+
+
@@ -313,15 +316,16 @@
-
+
-
+
+
@@ -348,20 +352,20 @@
+
-
+
-
+
-
@@ -369,9 +373,11 @@
+
-
-
+
+
+
@@ -544,6 +550,6 @@
-
+