Support for singleSignOnService SSO HTTP-POST binding

[gsvitak]

Hello,

I have an IDP that only supports the urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST for the singleSignOnService to initiate the SP login flow.

In looking at the code, it appears the library is designed to work with HTTP-Redirect only. Can you please confirm that HTTP-Redirect is the only currently supported binding?

Also, I am curious if the auth.login() method currently URLEncodes the SAMLRequest value? I am trying to use the results of this method to include in an xHTML form to post the SAMLRequest value to the IDP.

"singleSignOnService": {
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
"url": "blah"
}

[pitbulk]

On this toolkit, only the SAMLResponse when SSO must to be received as POST, rest of SAML messages use the HTTP-Redirect binding. That said, take a look on this PR.

The login method deflate and URLencode (on the redirect method) the SAMLRequest value.

You can use

authn_request = OneLogin_Saml2_Authn_Request(settings, force_authn, is_passive, set_nameid_policy)
saml_request = authn_request.get_request(false)

to get the AuthNRequest value that you want.

[gsvitak]

Thank you so much for the help.. especially for the clue on setting deflate to false on the get_request. I will try it out and let you know