Use a non-empty RelayState for user interactive auth with SAML. (#7552)

This commit is contained in:
Patrick Cloke 2020-05-22 07:17:30 -04:00 committed by GitHub
parent 710d958c64
commit 66f2ebc22f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 5 additions and 1 deletions

1
changelog.d/7552.bugfix Normal file
View file

@ -0,0 +1 @@
Fix "Missing RelayState parameter" error when using user interactive authentication with SAML for some SAML providers.

View file

@ -177,7 +177,10 @@ class AuthRestServlet(RestServlet):
)
elif self._saml_enabled:
client_redirect_url = b""
# Some SAML identity providers (e.g. Google) require a
# RelayState parameter on requests. It is not necessary here, so
# pass in a dummy redirect URL (which will never get used).
client_redirect_url = b"unused"
sso_redirect_url = self._saml_handler.handle_redirect_request(
client_redirect_url, session
)