usbharu
/
misskey
mirror of https://github.com/misskey-dev/misskey.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

enhance(SSO): SAML認証のNameIDFormatにemailAddressを追加

This commit is contained in:
まっちゃとーにゅ 2024-03-17 22:20:47 +09:00
parent aebe9ae148
commit b4b8b98336
No known key found for this signature in database
GPG Key ID: 6AFBBF529601C1DB
1 changed files with 18 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
packages/backend/src/server/sso/SAMLIdentifyProviderService.ts
View File

@ -97,9 +97,10 @@ export class SAMLIdentifyProviderService {
}, },
}, },
}, },
'md:NameIDFormat': { 'md:NameIDFormat': [
'#text': 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent', { '#text': 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress' },
}, { '#text': 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent' },
],
'md:SingleSignOnService': [ 'md:SingleSignOnService': [
{ {
'@Binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', '@Binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
@ -186,9 +187,10 @@ export class SAMLIdentifyProviderService {
'@WantAssertionsSigned': provider.wantAssertionsSigned, '@WantAssertionsSigned': provider.wantAssertionsSigned,
'@protocolSupportEnumeration': 'urn:oasis:names:tc:SAML:2.0:protocol', '@protocolSupportEnumeration': 'urn:oasis:names:tc:SAML:2.0:protocol',
'md:KeyDescriptor': keyDescriptor, 'md:KeyDescriptor': keyDescriptor,
'md:NameIDFormat': { 'md:NameIDFormat': [
'#text': 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent', { '#text': 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress' },
}, { '#text': 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent' },
],
'md:AssertionConsumerService': { 'md:AssertionConsumerService': {
'@isDefault': 'true', '@isDefault': 'true',
'@index': 0, '@index': 0,
@ -475,10 +477,16 @@ export class SAMLIdentifyProviderService {
'#text': ssoServiceProvider.issuer, '#text': ssoServiceProvider.issuer,
}, },
'saml:Subject': { 'saml:Subject': {
'saml:NameID': { 'saml:NameID': [
'@Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent', {
'#text': user.id, '@Format': 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
}, '#text': profile.email,
},
{
'@Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
'#text': user.id,
},
],
'saml:SubjectConfirmation': { 'saml:SubjectConfirmation': {
'@Method': 'urn:oasis:names:tc:SAML:2.0:cm:bearer', '@Method': 'urn:oasis:names:tc:SAML:2.0:cm:bearer',
'saml:SubjectConfirmationData': { 'saml:SubjectConfirmationData': {