Remove $_GET dep

hiddehs · hiddehs · commit 4bdfdd63c484 · 2023-11-05T21:58:52.000+01:00
diff --git a/lib/Saml2/Auth.php b/lib/Saml2/Auth.php
@@ -249,12 +249,13 @@ public function processResponse($requestId = null, $payload =[])
      *
      * @throws OneLogin_Saml2_Error
      */
-    public function processSLO($keepLocalSession = false, $requestId = null, $retrieveParametersFromServer = false, $cbDeleteSession = null, $stay = false)
+    public function processSLO($keepLocalSession = false, $requestId = null, $retrieveParametersFromServer = false, $cbDeleteSession = null, $stay = false, $payload = null)
     {
         $this->_errors = array();
         $this->_errorReason = null;
-        if (isset($_GET['SAMLResponse'])) {
-            $logoutResponse = new OneLogin_Saml2_LogoutResponse($this->_settings, $_GET['SAMLResponse']);
+        $payload = $payload ?: $_GET;
+        if (isset($payload['SAMLResponse'])) {
+            $logoutResponse = new OneLogin_Saml2_LogoutResponse($this->_settings, $payload['SAMLResponse']);
             $this->_lastResponse = $logoutResponse->getXML();
             if (!$logoutResponse->isValid($requestId, $retrieveParametersFromServer)) {
                 $this->_errors[] = 'invalid_logout_response';
@@ -271,8 +272,8 @@ public function processSLO($keepLocalSession = false, $requestId = null, $retrie
                     }
                 }
             }
-        } else if (isset($_GET['SAMLRequest'])) {
-            $logoutRequest = new OneLogin_Saml2_LogoutRequest($this->_settings, $_GET['SAMLRequest']);
+        } else if (isset($payload['SAMLRequest'])) {
+            $logoutRequest = new OneLogin_Saml2_LogoutRequest($this->_settings, $payload['SAMLRequest']);
             $this->_lastRequest = $logoutRequest->getXML();
             if (!$logoutRequest->isValid($retrieveParametersFromServer)) {
                 $this->_errors[] = 'invalid_logout_request';
@@ -294,8 +295,8 @@ public function processSLO($keepLocalSession = false, $requestId = null, $retrie
                 $logoutResponse = $responseBuilder->getResponse();
 
                 $parameters = array('SAMLResponse' => $logoutResponse);
-                if (isset($_GET['RelayState'])) {
-                    $parameters['RelayState'] = $_GET['RelayState'];
+                if (isset($payload['RelayState'])) {
+                    $parameters['RelayState'] = $payload['RelayState'];
                 }
 
                 $security = $this->_settings->getSecurityData();
@@ -305,7 +306,7 @@ public function processSLO($keepLocalSession = false, $requestId = null, $retrie
                     $parameters['Signature'] = $signature;
                 }
 
-                return $this->redirectTo($this->getSLOResponseUrl(), $parameters, $stay);
+                return $this->redirectTo($this->getSLOResponseUrl(), $parameters, $stay, $payload);
             }
         } else {
             $this->_errors[] = 'invalid_binding';
@@ -328,13 +329,14 @@ public function processSLO($keepLocalSession = false, $requestId = null, $retrie
      *
      * @throws OneLogin_Saml2_Error
      */
-    public function redirectTo($url = '', $parameters = array(), $stay = false)
+    public function redirectTo($url = '', $parameters = array(), $stay = false, $payload = null)
     {
         assert('is_string($url)');
         assert('is_array($parameters)');
 
-        if (empty($url) && isset($_REQUEST['RelayState'])) {
-            $url = $_REQUEST['RelayState'];
+        $payload = $payload ?: $_REQUEST;
+        if (empty($url) && isset($payload['RelayState'])) {
+            $url = $payload['RelayState'];
         }
 
         return OneLogin_Saml2_Utils::redirect($url, $parameters, $stay);

Original file line number	Diff line number	Diff line change
`@@ -249,12 +249,13 @@ public function processResponse($requestId = null, $payload =[])`
`249`	`249`	`*`
`250`	`250`	`* @throws OneLogin_Saml2_Error`
`251`	`251`	`*/`
`252`		`- public function processSLO($keepLocalSession = false, $requestId = null, $retrieveParametersFromServer = false, $cbDeleteSession = null, $stay = false)`
	`252`	`+ public function processSLO($keepLocalSession = false, $requestId = null, $retrieveParametersFromServer = false, $cbDeleteSession = null, $stay = false, $payload = null)`
`253`	`253`	`{`
`254`	`254`	`$this->_errors = array();`
`255`	`255`	`$this->_errorReason = null;`
`256`		`- if (isset($_GET['SAMLResponse'])) {`
`257`		`- $logoutResponse = new OneLogin_Saml2_LogoutResponse($this->_settings, $_GET['SAMLResponse']);`
	`256`	`+ $payload = $payload ?: $_GET;`
	`257`	`+ if (isset($payload['SAMLResponse'])) {`
	`258`	`+ $logoutResponse = new OneLogin_Saml2_LogoutResponse($this->_settings, $payload['SAMLResponse']);`
`258`	`259`	`$this->_lastResponse = $logoutResponse->getXML();`
`259`	`260`	`if (!$logoutResponse->isValid($requestId, $retrieveParametersFromServer)) {`
`260`	`261`	`$this->_errors[] = 'invalid_logout_response';`
`@@ -271,8 +272,8 @@ public function processSLO($keepLocalSession = false, $requestId = null, $retrie`
`271`	`272`	`}`
`272`	`273`	`}`
`273`	`274`	`}`
`274`		`- } else if (isset($_GET['SAMLRequest'])) {`
`275`		`- $logoutRequest = new OneLogin_Saml2_LogoutRequest($this->_settings, $_GET['SAMLRequest']);`
	`275`	`+ } else if (isset($payload['SAMLRequest'])) {`
	`276`	`+ $logoutRequest = new OneLogin_Saml2_LogoutRequest($this->_settings, $payload['SAMLRequest']);`
`276`	`277`	`$this->_lastRequest = $logoutRequest->getXML();`
`277`	`278`	`if (!$logoutRequest->isValid($retrieveParametersFromServer)) {`
`278`	`279`	`$this->_errors[] = 'invalid_logout_request';`
`@@ -294,8 +295,8 @@ public function processSLO($keepLocalSession = false, $requestId = null, $retrie`
`294`	`295`	`$logoutResponse = $responseBuilder->getResponse();`
`295`	`296`
`296`	`297`	`$parameters = array('SAMLResponse' => $logoutResponse);`
`297`		`- if (isset($_GET['RelayState'])) {`
`298`		`- $parameters['RelayState'] = $_GET['RelayState'];`
	`298`	`+ if (isset($payload['RelayState'])) {`
	`299`	`+ $parameters['RelayState'] = $payload['RelayState'];`
`299`	`300`	`}`
`300`	`301`
`301`	`302`	`$security = $this->_settings->getSecurityData();`
`@@ -305,7 +306,7 @@ public function processSLO($keepLocalSession = false, $requestId = null, $retrie`
`305`	`306`	`$parameters['Signature'] = $signature;`
`306`	`307`	`}`
`307`	`308`
`308`		`- return $this->redirectTo($this->getSLOResponseUrl(), $parameters, $stay);`
	`309`	`+ return $this->redirectTo($this->getSLOResponseUrl(), $parameters, $stay, $payload);`
`309`	`310`	`}`
`310`	`311`	`} else {`
`311`	`312`	`$this->_errors[] = 'invalid_binding';`
`@@ -328,13 +329,14 @@ public function processSLO($keepLocalSession = false, $requestId = null, $retrie`
`328`	`329`	`*`
`329`	`330`	`* @throws OneLogin_Saml2_Error`
`330`	`331`	`*/`
`331`		`- public function redirectTo($url = '', $parameters = array(), $stay = false)`
	`332`	`+ public function redirectTo($url = '', $parameters = array(), $stay = false, $payload = null)`
`332`	`333`	`{`
`333`	`334`	`assert('is_string($url)');`
`334`	`335`	`assert('is_array($parameters)');`
`335`	`336`
`336`		`- if (empty($url) && isset($_REQUEST['RelayState'])) {`
`337`		`- $url = $_REQUEST['RelayState'];`
	`337`	`+ $payload = $payload ?: $_REQUEST;`
	`338`	`+ if (empty($url) && isset($payload['RelayState'])) {`
	`339`	`+ $url = $payload['RelayState'];`
`338`	`340`	`}`
`339`	`341`
`340`	`342`	`return OneLogin_Saml2_Utils::redirect($url, $parameters, $stay);`