lib/rack/saml.rb in rack-saml-0.0.5 vs lib/rack/saml.rb in rack-saml-0.0.6
- old
+ new
@@ -158,11 +158,11 @@
# ["Forbidden." + env.to_a.map {|i| "#{i[0]}: #{i[1]}"}.join("\n")]
#]
if request.request_method == 'GET'
if match_protected_path?(request) # generate AuthnRequest
if session.is_valid?('saml_res') # the client already has a valid session
- ResponseHandler.extract_attrs(request, session)
+ ResponseHandler.extract_attrs(env, session)
else
if !@config['shib_ds'].nil? # use discovery service (ds)
if request.params['entityID'].nil? # start ds session
session.start('ds')
return Rack::Response.new.tap { |r|
@@ -192,10 +192,13 @@
handler = ResponseHandler.new(request, @config, @metadata['idp_lists'][@config['saml_idp']])
if handler.response.is_valid?
session.finish('saml_authreq')
session.start('saml_res', @config['saml_sess_timeout'] || 1800)
handler.extract_attrs(env, session, @attribute_map)
+ return Rack::Response.new.tap { |r|
+ r.redirect request.url
+ }.finish
else
return create_response(403, 'text/html', 'SAML Error: Invalid SAML response.')
end
else
return create_response(500, 'text/html', 'No valid AuthnRequest session.')
@@ -220,7 +223,8 @@
'Content-Type' => content_type
},
[message]
]
end
+
end
end