TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-13 19:44:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(idp): use persistent nameid-format in saml request (#7745)

Browse Source 
(cherry picked from commit 3711130d42)
This commit is contained in:
Livio Spring 2024-04-10 12:05:07 +02:00
parent 7ef95c9194
commit 6136812dd8
No known key found for this signature in database
GPG Key ID: 26BB1C2FA5952CF0
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
internal/idp/providers/saml/saml.go
View File

@ -156,6 +156,10 @@ func (p *Provider) GetSP() (*samlsp.Middleware, error) {
if err != nil { if err != nil {
return nil, zerrors.ThrowInternal(err, "SAML-qee09ffuq5", "Errors.Intent.IDPInvalid") return nil, zerrors.ThrowInternal(err, "SAML-qee09ffuq5", "Errors.Intent.IDPInvalid")
} }
// the library uses transient as default, which we currently can't handle (https://github.com/zitadel/zitadel/discussions/7421)
// for the moment we'll use persistent (for those who actually use it from the saml request) and add an option
// later on to specify on the provider: https://github.com/zitadel/zitadel/issues/7743
sp.ServiceProvider.AuthnNameIDFormat = saml.PersistentNameIDFormat
if p.requestTracker != nil { if p.requestTracker != nil {
sp.RequestTracker = p.requestTracker sp.RequestTracker = p.requestTracker
} }