diff --git a/myconext-server/pom.xml b/myconext-server/pom.xml
index 4d388d1d..9aaeed91 100644
--- a/myconext-server/pom.xml
+++ b/myconext-server/pom.xml
@@ -40,7 +40,7 @@
org.openconext
saml-idp
- 0.0.7-SNAPSHOT
+ 1.0.0
org.springframework.boot
diff --git a/myconext-server/src/main/java/myconext/security/GuestIdpAuthenticationRequestFilter.java b/myconext-server/src/main/java/myconext/security/GuestIdpAuthenticationRequestFilter.java
index 08b2e135..0730f261 100644
--- a/myconext-server/src/main/java/myconext/security/GuestIdpAuthenticationRequestFilter.java
+++ b/myconext-server/src/main/java/myconext/security/GuestIdpAuthenticationRequestFilter.java
@@ -168,7 +168,10 @@ private void sso(HttpServletRequest request, HttpServletResponse response) throw
//prevent null-pointer and drop dead
return;
}
- AuthnRequest authnRequest = this.samlService.parseAuthnRequest(samlRequest, true, isDeflated(request));
+ if (!HttpMethod.GET.name().equalsIgnoreCase(request.getMethod())) {
+ throw new IllegalArgumentException("Only GET redirect are support. Not: "+request.getMethod());
+ }
+ AuthnRequest authnRequest = this.samlService.parseAuthnRequest(samlRequest, true, true);
String requesterEntityId = requesterId(authnRequest);
String issuer = authnRequest.getIssuer().getValue();
@@ -330,10 +333,6 @@ private void addBrowserIdentificationCookie(HttpServletResponse response) {
response.setHeader("Set-Cookie", BROWSER_SESSION_COOKIE_NAME + "=true; SameSite=Lax" + (secureCookie ? "; Secure" : ""));
}
- private boolean isDeflated(HttpServletRequest request) {
- return HttpMethod.GET.name().equalsIgnoreCase(request.getMethod());
- }
-
private String requesterId(AuthnRequest authenticationRequest) {
Issuer issuer = authenticationRequest.getIssuer();
String issuerValue = issuer != null ? issuer.getValue() : "";