search

catalyst / moodle-auth_saml2

SAML done 100% in Moodle, fast, simple, secure
https://moodle.org/plugins/auth_saml2
72 stars 135 forks source link

When the IdP provides multiple logos/icons, the first is used automatically; leads to problems with favicon.ico logos #533

Open danowar2k opened 3 years ago

danowar2k commented 3 years ago

Our IdP is Shibboleth Identity Provider 4.0.1, see https://www.shibboleth.net/products/ . Our metadata is autogenerated and the generation cannot be influenced. The metadata contains two "mdui:Logo" elements, the first of which is a favicon.ico element.

What you expected:

If there are multiple mdui:Logo elements, the favicon.ico element should be ignored and one of the other mdui:Logo elements should be used.

What really happened:

auth_saml2 uses the first mdui:Logo element it finds and uses that as an icon for the login button. The favicon is upscaled from 16x16 pixels and looks horribly.

Will try to add a pull request later...

danowar2k commented 3 years ago

For now here's the code that works locally....

        $logos = $xpath->query('.//mdui:Logo', $idpelements);
        $logo = null;
        if ($logos && $logos->length > 0) {
            $faviconLogo = "";
            $favicon = "favicon.ico";
            foreach ($logos as $logoElement) {
                $logoText = $logoElement->textContent;
                if ( substr( $logoText, strlen( $logoText ) - strlen( $favicon ) ) == $favicon ) {
                    $faviconLogo = $logoText;
                } else {
                    $logo = $logoText;
                }
            }
            if (!$logo && $faviconLogo) {
                $logo = $faviconLogo;
            }
        }