Restore posibility to use HTTP-Artifact on AuthnRequests

tvdijen · tvdijen · commit 63d2b820f860 · 2023-05-09T22:09:05.000+02:00
diff --git a/docs/simplesamlphp-changelog.md b/docs/simplesamlphp-changelog.md
@@ -16,6 +16,7 @@ Released TBD
 * It is now possible to set a default AuthnContext in the RequestedAuthnContextSelector.
 * Fixed a bug in MDQ metadata expiration
 * Resolved a possible object injection vulnerability in MDQ metadata cache
+* Restored the possibility to use HTTP-Artifact binding on AuthnRequests
 
 ## Version 2.0.3
 
diff --git a/modules/saml/src/Auth/Source/SP.php b/modules/saml/src/Auth/Source/SP.php
@@ -613,6 +613,7 @@ private function startSSO2(Configuration $idpMetadata, array $state): void
             $dst = $idpMetadata->getEndpointPrioritizedByBinding(
                 'SingleSignOnService',
                 [
+                    C::BINDING_HTTP_ARTIFACT,
                     C::BINDING_HTTP_REDIRECT,
                     C::BINDING_HTTP_POST,
                 ]

Original file line number	Diff line number	Diff line change
`@@ -613,6 +613,7 @@ private function startSSO2(Configuration $idpMetadata, array $state): void`
`613`	`613`	`$dst = $idpMetadata->getEndpointPrioritizedByBinding(`
`614`	`614`	`'SingleSignOnService',`
`615`	`615`	`[`
	`616`	`+ C::BINDING_HTTP_ARTIFACT,`
`616`	`617`	`C::BINDING_HTTP_REDIRECT,`
`617`	`618`	`C::BINDING_HTTP_POST,`
`618`	`619`	`]`