Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

connector/saml: add redirect binding support #1175

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

connector/saml: add redirect binding support #1175

wants to merge 1 commit into from
+96 −44

Conversation

srenatus
Copy link
Contributor

This change adds support for using the "HTTP Redirect Binding" for
AuthnRequests. Note that it's uncommon to use the Redirect Binding for
consuming assertions.

To enable redirect, add

redirectBinding: true

to your SAML connector's config section.

If not set, it will default to the current behaviour, HTTP POST Binding.

Fixes #1169.

@srenatus
Copy link
Contributor Author

@ericchiang What do you think? 😉

@ericchiang
Copy link
Contributor

@srenatus this was brought up before. The dex maintainers have no way of testing this. Do we know a provider that we can use?

@srenatus
Copy link
Contributor Author

srenatus commented Feb 2, 2018

@ericchiang I usually make use of Okta's preview sandbox, oktapreview.com. Concretely, I'm using some https://dev-NUMBER.oktapreview.com, where I cannot really remember how I got to that; but it seems to be related to our company having a company account with okta. Anyways, I believe you can have a developer account with okta regardless, and that'll let you access the same sandbox. There's some evidence in this Q&A.

@srenatus
Copy link
Contributor Author

srenatus commented Mar 5, 2018

@ericchiang have you had a chance to play with this? 😉

@srenatus srenatus mentioned this pull request Apr 16, 2018
Open
@srenatus srenatus mentioned this pull request Sep 10, 2018
Open
@pbar1
Copy link

pbar1 commented Sep 1, 2019

Has there been any movement on this? It would open up the possibility for Salesforce employee internal SSO in a big way

@srenatus
Copy link
Contributor Author

srenatus commented Sep 1, 2019

This pretty much lies dormant. I guess we could revive it -- it's likely straightforward enough to rebase -- the outstanding issue is SAML testing. #1295 would help making this PR easier to deal with.

@pbar1 If you'd like to take over, and open a new PR with this commit rebased, feel free! 😃

@srenatus srenatus mentioned this pull request Sep 6, 2019
Closed
@srenatus
connector/saml: add redirect binding support
6bb255b 
This change adds support for using the "HTTP Redirect Binding" for
AuthnRequests. Note that it's uncommon to use the Redirect Binding for
consuming assertions.

To enable redirect, add

    redirectBinding: true

to your SAML connector's config section.

If not set, it will default to the current behaviour, HTTP POST Binding.

Signed-off-by: Stephan Renatus <[email protected]>
@srenatus srenatus force-pushed the sr/saml/add-redirect-binding branch from 7514f36 to 6bb255b Compare September 6, 2019 11:56
@srenatus
Copy link
Contributor Author

srenatus commented Sep 6, 2019

@pbar1 I've resolved the conflicts. By any chance, could you test this using your SAML IdP? 😃

@pbar1
Copy link

pbar1 commented Sep 9, 2019

I can take a stab at testing it in the coming weeks. Actually rebased myself at the time of my comment just to fiddle around and it seemed to be working. I'll update with the results. Thanks!

@casperbiering casperbiering mentioned this pull request Dec 3, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Configure SAML is not working with DEX
3 participants
@srenatus @ericchiang @pbar1