UpdatePathBase interfering with LoginCompletionURL

trojak3d · May 17, 2021, 2:11am

Hello, We are working with ComponentSpace.Saml2, Version=3.5.0.0 and are encountering an issue with LoginCompletionUrl.

The issue is that the LoginCompletionUrl is appended to apiBase regardless of whether it’s a relative URL – for example, setting LoginCompletionUrl to “https://example.com/TestApp/Test/” results in: https://example.com/TestApp/TestAPIhttps://example.com/TestApp/Test/
The only way around this we found was to use a relative path with an extra ‘/’ added at the start - “/…/Test/”

The culprit is a method called UpdatePathBase in ComponentSpace.Saml2.Authentication which appends the string to the pathBase. We expect the LoginCompletionUrl to be able to take an absolute path as in some cases the client might be hosted on a different address in which case a relative URL will not work. We would also expect a relative URL to work without having to add an additional ‘/’ at the start.

The way our app is configured is as follows
Client root hosted on https://example.com/TestApp/Test/
Service root hosted on https://example.com/TestApp/TestAPI/

Here’s an example config reflecting our setup:
“SSO”: {
“PartnerName”: “https://MiddlewareIdentityProvider”,
“LoginCompletionUrl”: “https://example.com/TestApp/Test/”,
},
“SAML”: {
“$schema”: “https://www.componentspace.com/schemas/saml-config-schema-v1.0.json”,
“Configurations”: [
{
“LocalServiceProviderConfiguration”: {
“Name”: “https://MiddlewareServiceProvider”,
“Description”: “Middleware Service Provider”,
“AssertionConsumerServiceUrl”: “https://example.com/TestApp/TestAPI/SAML/AssertionConsumerService”,
“SingleLogoutServiceUrl”: “https://example.com/TestApp/TestAPI/SAML/SingleLogoutService”,
“ArtifactResolutionServiceUrl”: “https://example.com/TestApp/TestAPI/SAML/ArtifactResolutionService”
},
“PartnerIdentityProviderConfigurations”: [
{
“Name”: “https://MiddlewareIdentityProvider”,
“Description”: “Middleware Identity Provider”,
“WantAssertionOrResponseSigned”: false,
“SingleSignOnServiceUrl”: “https://exampleIdp.com/SAML/SingleSignOnService”,
“SingleLogoutServiceUrl”: “https://exampleIdp.com/SAML/SingleLogoutService”,
“ArtifactResolutionServiceUrl”: “https://exampleIdp.com/SAML/ArtifactResolutionService”
}
]
}
]
}

Many thanks,
Karol

ComponentSpace · May 17, 2021, 4:36pm

Thank for pointing this out.

Please contact support@componentspace.com mentioning your forum post. We’ll organize a fix and a beta for you to try.