Open flupzor opened 3 years ago
pitbulk
commented
3 years ago Adding this opens the door to support the ability to generate LogoutRequest/LogoutResponses via HTTP-POST as well as be able to process them, so at the end, some extra complexity to the toolkit.
flupzor
commented
3 years ago I accidentally included the commit 'Add the ability to change the ProtocolBinding in the authn request.' in this PR, while it should've been part of #237 I moved it to there.
flupzor
commented
3 years ago @pitbulk I can appreciate keeping the project simple. I'm not entirely sure how often the POST-binding is used for the AuthNRequest.
The modification I made to get_request is something that would be useful to have (but I could even work around that by doing a reverse of deflate/base64). Otherwise I could also implement this by extending the OneLogin_Saml2_Auth class.
For the Artifact binding I actually needed some changes, which I could only do by forking the project.
This adds support for the POST binding to 'login' flow.