You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+7-2Lines changed: 7 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -426,12 +426,13 @@ We can set a 'returnTo' url parameter to the login function and that will be con
426
426
String targetUrl = 'https://example.com';
427
427
auth.login(returnTo=targetUrl)
428
428
```
429
-
The login method can receive 5 more optional parameters:
429
+
The login method can receive 6 more optional parameters:
430
430
-*forceAuthn* When true the AuthNRequest will have the 'ForceAuthn' attribute set to 'true'
431
431
-*isPassive* When true the AuthNRequest will have the 'Ispassive' attribute set to 'true'
432
432
-*setNameIdPolicy* When true the AuthNRequest will set a nameIdPolicy element.
433
433
-*stay* Set to true to stay (returns the url string), otherwise set to false to execute a redirection to that url (IdP SSO URL)
434
434
-*nameIdValueReq* Indicates to the IdP the subject that should be authenticated
435
+
-*parameters* Use it to send extra parameters in addition to the AuthNRequest
435
436
436
437
By default, the login method initiates a redirect to the SAML Identity Provider. You can use the *stay* parameter, to prevent that, and execute the redirection manually. We need to use that if a match on the future SAMLResponse ID and the AuthNRequest ID to be sent is required. That AuthNRequest ID must be extracted and stored for future validation, so we can't execute the redirection on the login. Instead, set *stay* to true, then get that ID by
Also there are 3 optional parameters that can be set:
602
+
Also there are 7 optional parameters that can be set:
602
603
- nameId. That will be used to build the LogoutRequest. If not name_id parameter is set and the auth object processed a SAML Response with a NameId, then this NameId will be used.
603
604
- sessionIndex. Identifies the session of the user.
604
605
If a match on the LogoutResponse ID and the LogoutRequest ID to be sent is required, that LogoutRequest ID must to be extracted and stored for future validation, we can get that ID by
605
606
- stay. True if we want to stay (returns the url string) False to execute a redirection to that url (IdP SLS URL)
607
+
- nameidFormat. The NameID Format that will be set in the LogoutRequest
608
+
- nameIdNameQualifier. The NameID NameQualifier that will be set in the LogoutRequest
609
+
- nameIdSPNameQualifier. The NameID SP Name Qualifier that will be set in the LogoutRequest
610
+
- parameters. Use it to send extra parameters in addition to the LogoutRequest
606
611
607
612
By default the logout method initiates a redirect to the SAML Identity Provider. You can use the stay parameter, to prevent that, and execute the redirection manually. We need to use that
608
613
if a match on the future LogoutResponse ID and the LogoutRequest ID to be sent is required, that LogoutRequest ID must be extracted and stored for future validation so we can't execute the redirection on the logout, instead set stay to true, then get that ID by
0 commit comments