authnContextTranslationStrategyEx: passing through the authenticationContextClassRef unmodified?
cantor.2 at osu.edu
Wed Oct 13 00:41:06 UTC 2021
On 10/12/21, 8:26 PM, "users on behalf of Wessel, Keith" <users-bounces at shibboleth.net on behalf of kwessel at illinois.edu> wrote:
> Is there an easy way to get the current response from the upstream IdP and, specifically, the acr values from it
> to use as a default return from my function? I'm not seeing anything obvious in the context tree that would
> provide that information.
Nothing trivial. From the "right" PRC, you go up to AuthenticationContext and down to SAMLAuthnContext, and the authentication statement it processed is in there. From the broken input now, you go down to the AuthnenticationContext and then down to the SAMLAuthnContext.
I think it makes sense to fix the code so it cascades and tries the options in order until it gets a non-null result, to avoid having to do it manually.
More information about the users