Conversation
orenyk
changed the title
Contributor
|
Is there a standard place in the SAML metadata endpoint for us to include this in? |
Contributor
Author
|
@zachmargolis I think it would also be under |
Contributor
That has two bindings, one for HTTP-POST and one for HTTP-Redirect. This seems like it would not redirect, so do we only binding to one of those? |
Contributor
Author
|
@zachmargolis yeah we wouldn't list this one with a redirect binding |
orenyk
commented
Dec 10, 2021
jmhooper
approved these changes
Dec 10, 2021
**Why:** This will allow partners to send back-channel SAML Logout requests instead of redirecting users as part of their logout flow. This controller action leverages the <SessionIndex> element of the SAML request to receive a user's agency UUID and uses the unique_session_id attribute to remotely log out a user from any active session.
orenyk
force-pushed
the
oyk-backend-saml-logout
branch
from
f325159 to
b156488
Compare
orenyk
changed the title
nathanberg
added a commit
that referenced
this pull request
Dec 16, 2021
* main: (50 commits) LG-5325 Doc Auth: Error dependent hints and enhanced field level errors (#5708) Setup platform authentication (#5632) Remove unused i18n keys by replacing dynamic key generation with static enumeration (#5706) Configure and fix Rubocop redundant disabling/enabling (#5711) LG-4575: accessiblility issue where no file selected still shows after adding file. (#5691) Update rails to 6.1.4.3 (#5710) Add remote SAML Logout endpoint (#5676) Update "Frontend" CSS docs to reflect current approach (#5695) LG-3795 Harden CSP against JSONP endpoints on "safe" domains (#5704) LG-5261: Add cancel page logging to "Go Back" button (#5697) Add flow path to post doc capture submission events (LG-5257) (#5690) Log all vendor status in VendorStatus#track_event (#5703) Remove accept-terms-button in favor of ValidatedFieldComponent (#5687) Upgrade as many outdated Ruby dependencies as possible (LG-3828) (#5694) Remove BassCSS flex-object styling (#5702) Remove unused personal-key pattern validation message (#5701) Smoke tests in GitLab CI (#5699) Show a message in lower envs explaining how to use test SSNs (#5696) Remove temporary routes for SP redirects (#5679) LG-5262: Add logging to continue button on letter wait page (#5688) ...
mitchellhenke
pushed a commit
that referenced
this pull request
Dec 16, 2021
**Why:** This will allow partners to send back-channel SAML Logout requests instead of redirecting users as part of their logout flow. This controller action leverages the <SessionIndex> element of the SAML request to receive a user's agency UUID and uses the unique_session_id attribute to remotely log out a user from any active session.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why: This will allow partners to send back-channel SAML Logout
requests instead of redirecting users as part of their logout flow. This
controller action leverages the
<SessionIndex>element of the SAMLrequest to receive a user's agency UUID and uses the unique_session_id
attribute to remotely log out a user from any active session.