Commit 8b1fb6c
2017-11-20 00:39:23
1 parent
da04229
Changed files (2)
airport
app
controllers
proof
app
controllers
airport/app/controllers/sessions_controller.rb
@@ -12,7 +12,6 @@ class SessionsController < ApplicationController
# * RelayState
redirect_binding = idp_metadata.single_sign_on_service_for(binding: :http_redirect)
@redirect_uri, _ = redirect_binding.serialize(builder, relay_state: @relay_state)
-
# HTTP POST
# * URI
# * SAMLRequest/SAMLResponse
proof/app/controllers/sessions_controller.rb
@@ -43,7 +43,7 @@ class SessionsController < ApplicationController
end
def load_saml_request
- @saml_request = request_binding_for(request).deserialize(params)
+ @saml_request = request_binding_for(request).deserialize(raw_params_for(request))
raise ActiveRecord::RecordInvalid.new(@saml_request) if @saml_request.invalid?
@saml_request
end
@@ -56,4 +56,12 @@ class SessionsController < ApplicationController
target_binding = request.post? ? :post : :http_redirect
idp.single_sign_on_service_for(binding: target_binding)
end
+
+ def raw_params_for(request)
+ if request.post?
+ request.params
+ else
+ Hash[request.query_string.split("&").map { |x| x.split("=", 2) }]
+ end
+ end
end