Fixed issues that appeared during deployment. Escaping <? in metadata…

….blade.php, setting the right file type for the xml download, and adding in missing setup of crsf exemption
kingstarter · Aug 27, 2018 · fb0b8af · fb0b8af
1 parent 4f8aa73
commit fb0b8af
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 9 deletions.
diff --git a/README.md b/README.md
@@ -180,7 +180,19 @@ Auth::routes();
 Route::post('/postLogin', 'Auth\LoginController@showLoginForm');
 ```
 
+You'll also need to add a csrf exemption to ```App\Http\Middleware\VerifyCsrfToken```
 
+class VerifyCsrfToken extends Middleware
+{
+    /**
+     * The URIs that should be excluded from CSRF verification.
+     *
+     * @var array
+     */
+    protected $except = [
+        '/postLogin'
+    ];
+}
 
 ### Debugging Connection
 

diff --git a/src/Http/Controllers/SamlIdpController.php b/src/Http/Controllers/SamlIdpController.php
@@ -9,9 +9,13 @@
 class SamlIdpController extends Controller 
 {
     use SamlAuth;
-
-    // This includes the controller routing points for 
-    // - metadata
-    // - certfile
-    // - keyfile (this one should be used only for authenticated users)
+
+    protected function metadata() {
+        return response(
+            $this->getSamlFile(config('saml.idp.metadata'), false),
+            200, [
+                'Content-Type' => 'application/xml'
+            ]
+        );
+    }
 }
diff --git a/src/resources/metadata.blade.php b/src/resources/metadata.blade.php
@@ -1,7 +1,7 @@
-<?xml version="1.0"?>
-<!-- GENERATED WITH https://www.samltool.com/idp_metadata.php
-http://idp.[MYSITE] is just the Entity id, it doesn't need to exist, just needs to be unique
--->
+{{--GENERATED WITH https://www.samltool.com/idp_metadata.php--}}
+{{--http://idp.[MYSITE] is just the Entity id, it doesn't need to exist, just needs to be unique--}}
+{{--We have to escape the document definition as well or it doesn't run on certain php implementations --}}
+<{{'?'}}xml version="1.0"{{'?'}}>
 <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" validUntil="2100-01-01T00:00:00Z" cacheDuration="PT1535772621S" entityID="{{config('saml.idp.entityId')}}">
     <md:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
         <md:KeyDescriptor use="signing">