Skip to content

Commit fb0b8af

Browse files
pcablepcable
committed
Fixed issues that appeared during deployment. Escaping <? in metadata.blade.php, setting the right file type for the xml download, and adding in missing setup of crsf exemption
1 parent 4f8aa73 commit fb0b8af

File tree

3 files changed

+25
-9
lines changed

3 files changed

+25
-9
lines changed

README.md

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -180,7 +180,19 @@ Auth::routes();
180180
Route::post('/postLogin', 'Auth\LoginController@showLoginForm');
181181
```
182182

183+
You'll also need to add a csrf exemption to ```App\Http\Middleware\VerifyCsrfToken```
183184

185+
class VerifyCsrfToken extends Middleware
186+
{
187+
/**
188+
* The URIs that should be excluded from CSRF verification.
189+
*
190+
* @var array
191+
*/
192+
protected $except = [
193+
'/postLogin'
194+
];
195+
}
184196

185197
### Debugging Connection
186198

src/Http/Controllers/SamlIdpController.php

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -9,9 +9,13 @@
99
class SamlIdpController extends Controller
1010
{
1111
use SamlAuth;
12-
13-
// This includes the controller routing points for
14-
// - metadata
15-
// - certfile
16-
// - keyfile (this one should be used only for authenticated users)
12+
13+
protected function metadata() {
14+
return response(
15+
$this->getSamlFile(config('saml.idp.metadata'), false),
16+
200, [
17+
'Content-Type' => 'application/xml'
18+
]
19+
);
20+
}
1721
}

src/resources/metadata.blade.php

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
1-
<?xml version="1.0"?>
2-
<!-- GENERATED WITH https://www.samltool.com/idp_metadata.php
3-
http://idp.[MYSITE] is just the Entity id, it doesn't need to exist, just needs to be unique
4-
-->
1+
{{--GENERATED WITH https://www.samltool.com/idp_metadata.php--}}
2+
{{--http://idp.[MYSITE] is just the Entity id, it doesn't need to exist, just needs to be unique--}}
3+
{{--We have to escape the document definition as well or it doesn't run on certain php implementations --}}
4+
<{{'?'}}xml version="1.0"{{'?'}}>
55
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" validUntil="2100-01-01T00:00:00Z" cacheDuration="PT1535772621S" entityID="{{config('saml.idp.entityId')}}">
66
<md:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
77
<md:KeyDescriptor use="signing">

0 commit comments

Comments
 (0)