Skip to content

Commit

Permalink
[IMPROVE] Use SessionId for credential token in SAML request (#13791)
Browse files Browse the repository at this point in the history
[IMPROVE] Use SessionId for credential token in SAML request
  • Loading branch information
MohammedEssehemy authored and engelgabriel committed Apr 6, 2019
1 parent 993a96b commit 3967a74
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 6 deletions.
5 changes: 1 addition & 4 deletions app/meteor-accounts-saml/client/saml_client.js
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
import { Meteor } from 'meteor/meteor';
import { Accounts } from 'meteor/accounts-base';
import { Random } from 'meteor/random';
import { ServiceConfiguration } from 'meteor/service-configuration';

if (!Accounts.saml) {
Expand Down Expand Up @@ -95,14 +94,12 @@ Accounts.saml.initiateLogin = function(options, callback, dimensions) {

Meteor.loginWithSaml = function(options, callback) {
options = options || {};
const credentialToken = `id-${ Random.id() }`;
options.credentialToken = credentialToken;
options.credentialToken = Meteor.default_connection._lastSessionId;

Accounts.saml.initiateLogin(options, function(/* error, result*/) {
Accounts.callLoginMethod({
methodArguments: [{
saml: true,
credentialToken,
}],
userCallback: callback,
});
Expand Down
4 changes: 2 additions & 2 deletions app/meteor-accounts-saml/server/saml_server.js
Original file line number Diff line number Diff line change
Expand Up @@ -92,11 +92,11 @@ Meteor.methods({
});

Accounts.registerLoginHandler(function(loginRequest) {
if (!loginRequest.saml || !loginRequest.credentialToken) {
if (!loginRequest.saml) {
return undefined;
}

const loginResult = Accounts.saml.retrieveCredential(loginRequest.credentialToken);
const loginResult = Accounts.saml.retrieveCredential(this.connection.id);
if (Accounts.saml.settings.debug) {
console.log(`RESULT :${ JSON.stringify(loginResult) }`);
}
Expand Down

0 comments on commit 3967a74

Please sign in to comment.