Merge pull request aacotroneo#72 from maxbrokman/proxyVars

Add support for trusting proxy vars
williamhector · Feb 8, 2017 · 3d22b92 · 3d22b92
2 parents 6f84fc0 + a505fb7
commit 3d22b92
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 2 deletions.
diff --git a/composer.json b/composer.json
@@ -14,7 +14,7 @@
     "require": {
         "php": ">=5.4.0",
         "illuminate/support": ">=5.0.0",
-        "onelogin/php-saml": "2.*"
+        "onelogin/php-saml": "^2.10"
     },
     "require-dev": {
         "mockery/mockery": "0.9.*"

diff --git a/src/Aacotroneo/Saml2/Saml2ServiceProvider.php b/src/Aacotroneo/Saml2/Saml2ServiceProvider.php
@@ -29,6 +29,10 @@ public function boot()
         $this->publishes([
             __DIR__.'/../../config/saml2_settings.php' => config_path('saml2_settings.php'),
         ]);
+
+        if (config('saml2_settings.proxyVars', false)) {
+            \OneLogin_Saml2_Utils::setProxyVars(true);
+        }
     }
 
     /**

diff --git a/src/config/saml2_settings.php b/src/config/saml2_settings.php
@@ -64,7 +64,13 @@
     'strict' => true, //@todo: make this depend on laravel config
 
     // Enable debug mode (to print errors)
-    'debug' => false, //@todo: make this depend on laravel config
+    'debug' => false, //@todo: make this depend on laravel config,
+
+    // If 'proxyVars' is True, then the Saml lib will trust proxy headers
+    // e.g X-Forwarded-Proto / HTTP_X_FORWARDED_PROTO. This is useful if
+    // your application is running behind a load balancer which terminates
+    // SSL.
+    'proxyVars' => false,
 
     // Service Provider Data that we are deploying
     'sp' => array(