Inject further assertions #9
Comments
|
I may have answered my own question: Looks like this could be done by adding a callback factory for |
|
Don't know what In LightSAML if you want to manipulate outgoing message before the signing or encryption, you should add a custom action to the action builder with according priority, for example $builder = new \LightSaml\Idp\Builder\Action\Profile\SingleSignOn\Idp\SsoIdpAssertionActionBuilder($buildContainer);
$builder->add(new MyCustomAction(), 120);
$action = $builder->build();Though, priorities in https://github.com/lightSAML/lightSAML-IDP/blob/master/src/LightSaml/Idp/Builder/Action/Profile/SingleSignOn/Idp/SsoIdpAssertionActionBuilder.php#L83 are not distributed and spaced well, so atm you won't quite be able to do that. A fix would require each action in the builder to get a priority with some spacing from before, so others like you can inject custom actions in between. |
|
Attribute value provider is used to provide attributes that will be put in the assertion. |
|
Ah, I didn't notice that you could add Actions at different priorities, that's useful to know for the future. I have mutiple ZF2/3 projects that I've managed to create wrappers and proxy classes to use the existing examples and profiles. Not ideal, if I had more time I would port the models to use the native ZF2 Service Manager, Event Manager, Session Containers and Request/Response. |
In the Service Provider's
\LightSaml\Builder\Action\Profile\SingleSignOn\Sp\SsoSpSendAuthnRequestActionBuilderthere is an opportunity to attach a listener that can manipulate the Profile Context or Outbound Message before the message is signed or encrypted.However in the Identity Provider's
\LightSaml\Idp\Builder\Action\Profile\SingleSignOn\Idp\SsoIdpAssertionActionBuilderthere is no such like dispatch event handler before the Outbound Message is signed or encrypted.Is there an alternate way of adding
Assertionsto theLoginResponsebefore signing and encryption?The text was updated successfully, but these errors were encountered: