Fix for extended remote disco read

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@848 44740490-163a-0410-bde0-09ae8108e29a

2 files changed, 37 insertions, 5 deletions

diff --git a/lib/SimpleSAML/XHTML/IdPDisco.php b/lib/SimpleSAML/XHTML/IdPDisco.php
index b80b93d..e19b432 100644
--- a/lib/SimpleSAML/XHTML/IdPDisco.php
+++ b/lib/SimpleSAML/XHTML/IdPDisco.php
@@ -123,6 +123,8 @@ class SimpleSAML_XHTML_IdPDisco {
 		} else {
 			$this->returnIdParam = $_GET['returnIDParam'];
 		}
+		
+		$this->log('returnIdParam initially set to [' . $this->returnIdParam . ']');
 
 		if(!array_key_exists('return', $_GET)) {
 			throw new Exception('Missing parameter: return');
@@ -131,9 +133,10 @@ class SimpleSAML_XHTML_IdPDisco {
 		}
 		
 		$this->isPassive = FALSE;
-		if (!array_key_exists('isPassive', $_GET)) {
+		if (array_key_exists('isPassive', $_GET)) {
 			if ($_GET['isPassive'] === 'true') $this->isPassive = TRUE;
 		}
+		$this->log('isPassive initially set to [' . ($this->isPassive ? 'TRUE' : 'FALSE' ) . ']');
 		
 		if (!array_key_exists('IdPentityID', $_GET)) {
 			$setIdPentityID = $_GET['IdPentityID'];
@@ -277,8 +280,16 @@ class SimpleSAML_XHTML_IdPDisco {
 		}
 
 		if($this->getCookie('remember') === '1') {
+			$this->log('Return previously saved IdP because of remember cookie set to 1');
+			return $this->getPreviousIdP();
+		}
+		
+		if( $this->isPassive) {
+			$this->log('Return previously saved IdP because of isPassive');
 			return $this->getPreviousIdP();
 		}
+		
+		return NULL;
 	}
 
 
@@ -362,6 +373,8 @@ class SimpleSAML_XHTML_IdPDisco {
 			return $idp;
 		}
 
+		$this->log('getSelectedIdP() returned NULL');
+
 		/* Check if the user has saved an choice earlier. */
 		$idp = $this->getSavedIdP();
 		if($idp !== NULL) {
@@ -388,15 +401,16 @@ class SimpleSAML_XHTML_IdPDisco {
 				$extDiscoveryStorage = $this->config->getValue('idpdisco.extDiscoveryStorage');
 				$this->log('Choice made [' . $idp . '] (Forwarding to external discovery storage)');
 				SimpleSAML_Utilities::redirect($extDiscoveryStorage, array(
-					$this->returnIdParam => $idp,
+//					$this->returnIdParam => $idp,
+					'entityID' => $this->spEntityId,
 					'IdPentityID' => $idp,
-					'returnIdParam' => $this->returnIdParam,
+					'returnIDParam' => $this->returnIdParam,
 					'isPassive' => 'true',
 					'return' => $this->returnURL
 				));
 				
 			} else {
-				$this->log('Choice made [' . $idp . '] (Redirecting the user back)');
+				$this->log('Choice made [' . $idp . '] (Redirecting the user back. returnIDParam=' . $this->returnIdParam . ')');
 				SimpleSAML_Utilities::redirect($this->returnURL, array($this->returnIdParam => $idp));
 			}
 			
diff --git a/www/saml2/sp/initSSO.php b/www/saml2/sp/initSSO.php
index 5b0b095..075a165 100644
--- a/www/saml2/sp/initSSO.php
+++ b/www/saml2/sp/initSSO.php
@@ -54,9 +54,27 @@ if ($idpentityid == null) {
 	} elseif($config->getValue('idpdisco.url.saml20', NULL) !== NULL) {
 		$discourl = $config->getValue('idpdisco.url.saml20', NULL);
 	} else {
-		$discourl = '/' . $config->getBaseURL() . 'saml2/sp/idpdisco.php';
+		$discourl = SimpleSAML_Utilities::selfURLhost() . '/' . $config->getBaseURL() . 'saml2/sp/idpdisco.php';
 	}
 
+	if ($config->getValue('idpdisco.extDiscoveryStorage', NULL) != NULL) {
+		
+		$extDiscoveryStorage = $config->getValue('idpdisco.extDiscoveryStorage');
+		
+		SimpleSAML_Utilities::redirect($extDiscoveryStorage, array(
+			'entityID' => $spentityid,
+			'return' => SimpleSAML_Utilities::addURLparameter($discourl, array(
+				'return' => SimpleSAML_Utilities::selfURL(),
+				'remember' => 'true',
+				'entityID' => $spentityid,
+				'returnIDParam' => 'idpentityid',
+			)),
+			'returnIDParam' => 'idpentityid',
+			'isPassive' => 'true')
+		);
+	}
+
+
 	SimpleSAML_Utilities::redirect($discourl, array(
 		'entityID' => $spentityid,
 		'return' => SimpleSAML_Utilities::selfURL(),