set SESSION->saml2idp during unsolicited logins

This makes the IdP known in saml_login_complete() and tenant callback.
catalyst · May 14, 2023 · 2eb6f76 · 2eb6f76
1 parent 9423e9d
commit 2eb6f76
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/.extlib/simplesamlphp/modules/saml/lib/Auth/Source/SP.php b/.extlib/simplesamlphp/modules/saml/lib/Auth/Source/SP.php
@@ -1233,6 +1233,11 @@ public static function handleUnsolicitedAuth($authId, array $state, $redirectTo)
         // Moodle hack to handle IdP unsolicited logins.
         $wantsurl = (new \moodle_url($redirectTo))->out(false);
         $SESSION->wantsurl = $wantsurl;
+        if (!empty($state['saml:sp:IdP'])) {
+            $SESSION->saml2idp = md5($state['saml:sp:IdP']);
+        } else {
+            unset($SESSION->saml2idp);
+        }
         $saml2auth->saml_login_complete($state['Attributes']);
         // Should never get to here.