From 2eb6f76502c780e864cfdc5afbe776d3ba92524f Mon Sep 17 00:00:00 2001
From: Petr Skoda <petr.skoda@openlms.net>
Date: Wed, 3 May 2023 21:02:00 +0200
Subject: [PATCH] set SESSION->saml2idp during unsolicited logins

This makes the IdP known in saml_login_complete()
and tenant callback.
---
 .extlib/simplesamlphp/modules/saml/lib/Auth/Source/SP.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.extlib/simplesamlphp/modules/saml/lib/Auth/Source/SP.php b/.extlib/simplesamlphp/modules/saml/lib/Auth/Source/SP.php
index 8d56fc746..80876cb70 100644
--- a/.extlib/simplesamlphp/modules/saml/lib/Auth/Source/SP.php
+++ b/.extlib/simplesamlphp/modules/saml/lib/Auth/Source/SP.php
@@ -1233,6 +1233,11 @@ public static function handleUnsolicitedAuth($authId, array $state, $redirectTo)
         // Moodle hack to handle IdP unsolicited logins.
         $wantsurl = (new \moodle_url($redirectTo))->out(false);
         $SESSION->wantsurl = $wantsurl;
+        if (!empty($state['saml:sp:IdP'])) {
+            $SESSION->saml2idp = md5($state['saml:sp:IdP']);
+        } else {
+            unset($SESSION->saml2idp);
+        }
         $saml2auth->saml_login_complete($state['Attributes']);
         // Should never get to here.