Closed 01e9 closed 7 years ago
Fixed with this code in controller before AuthnRequest generation
// Weird LightSAML event system (Doesn't work with Symfony events)
$this->get('lightsaml.system.event_dispatcher')->addListener(
Events::BEFORE_ENCRYPT,
function (GenericEvent $event) {
/** @var ContextInterface $context */
$context = $event->getSubject();
// Add NameIDFormat to AuthnRequest
if (
$context instanceof ProfileContext &&
$context->getProfileId() === 'sso_sp_send_authn_req'
) {
$nameIdFormat = SamlConstants::NAME_ID_FORMAT_PERSISTENT;
/** @var AuthnRequest $authnRequest */
$authnRequest = $context->getOutboundContext()->getMessage();
$authnRequest->setNameIDPolicy(new NameIDPolicy($nameIdFormat, false));
$authnRequest->getIssuer()->setFormat($nameIdFormat);
}
}
);
Set in config.yml
light_saml_symfony_bridge:
...
system:
# dispatch LightSaml events on Symfony event dispatcher instead of separate dispatcher
event_dispatcher: 'event_dispatcher'
So the above event can be hooked as usual
use LightSaml\Event\Events;
public static function getSubscribedEvents()
{
return [
Events::BEFORE_ENCRYPT => 'onSamlBeforeEncrypt',
];
}
https://github.com/lightSAML/lightSAML/blob/d0253368b7eba88e867545ab3590cbcc7fa8b04d/src/LightSaml/Action/Profile/Outbound/Message/CreateMessageIssuerAction.php#L36