cdef1b3ab0
Session was being lost due to the callback POST request cookies not being provided due to samesite=lax. This instead adds an additional hop in the flow to route the request via a GET request so the session is retained. SAML POST data is stored encrypted in cache via a unique ID then pulled out straight afterwards, and restored into POST for the SAML toolkit to validate. Updated testing to cover. |
||
|---|---|---|
| .. | ||
| Controllers | ||
| Middleware | ||
| Requests | ||
| Kernel.php | ||
| Request.php | ||