You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If a SAML login is IDP initiated (or SP initiated but the IDP eats our RelayState and supplies their own), then we can't expect RelayState to be properly set, but our current code in login_saml returns a 500 if it doesn't match our format:
let relay_state =
ifletSome(value) = relay_state_string {Some(RelayState::from_encoded(value).map_err(|e| {HttpError::for_internal_error(format!("{}", e))})?)}else{None};
We should instead probably continue with the rest of the function, as it's a bad user experience for them to see a 500 when the log in from their IDP.
The text was updated successfully, but these errors were encountered:
jmpesp
changed the title
Handle missing RelayState during SAML authentication
Handle missing or modified RelayState during SAML authentication
Apr 23, 2024
If a SAML login is IDP initiated (or SP initiated but the IDP eats our
RelayState
and supplies their own), then we can't expectRelayState
to be properly set, but our current code inlogin_saml
returns a 500 if it doesn't match our format:We should instead probably continue with the rest of the function, as it's a bad user experience for them to see a 500 when the log in from their IDP.
The text was updated successfully, but these errors were encountered: