Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-02-16 01:51:21 +01:00
Code Issues Projects Releases Wiki Activity

SAML NameID Policy AllowCreate should be null (#918)

Browse Source 
* SAML NameID Policy AllowCreate should be null

* Determine if transient, then null, otherwise true
This commit is contained in:
Chad Scharf 2020-09-08 10:43:07 -04:00 committed by GitHub
parent 44c3dc4786
commit 6574d083fe
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
bitwarden_license/src/Sso/Utilities/DynamicAuthenticationSchemeProvider.cs
View File

@ -331,11 +331,16 @@ namespace Bit.Core.Business.Sso
var spEntityId = new Sustainsys.Saml2.Metadata.EntityId(
config.BuildSaml2ModulePath(_globalSettings.BaseServiceUri.Sso));
bool? allowCreate = null;
if (config.SpNameIdFormat != Saml2NameIdFormat.Transient)
{
allowCreate = true;
}
var spOptions = new SPOptions
{
EntityId = spEntityId,
ModulePath = config.BuildSaml2ModulePath(),
NameIdPolicy = new Saml2NameIdPolicy(true, GetNameIdFormat(config.SpNameIdFormat)),
NameIdPolicy = new Saml2NameIdPolicy(allowCreate, GetNameIdFormat(config.SpNameIdFormat)),
WantAssertionsSigned = config.SpWantAssertionsSigned,
AuthenticateRequestSigningBehavior = GetSigningBehavior(config.SpSigningBehavior),
ValidateCertificates = config.SpValidateCertificates,