From 3badc3832543e0e372cde8faa3bbfc44ce3df855 Mon Sep 17 00:00:00 2001
From: ale <ale@incal.net>
Date: Sat, 17 Aug 2019 16:54:38 +0100
Subject: [PATCH] Modify the SSO URL to /login

---
 saml/saml.go | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/saml/saml.go b/saml/saml.go
index 614044b..6fab1a8 100644
--- a/saml/saml.go
+++ b/saml/saml.go
@@ -232,9 +232,9 @@ func NewSAMLIDP(config *Config) (http.Handler, error) {
 	if err != nil {
 		return nil, err
 	}
-	ssoURL := baseURL
-	ssoURL.Path += "/sso"
-	metadataURL := baseURL
+	ssoURL := *baseURL
+	ssoURL.Path += "/login"
+	metadataURL := *baseURL
 	metadataURL.Path += "/metadata"
 	svc := fmt.Sprintf("%s%s", baseURL.Host, baseURL.Path)
 	if !strings.HasSuffix(svc, "/") {
@@ -246,11 +246,15 @@ func NewSAMLIDP(config *Config) (http.Handler, error) {
 		return nil, err
 	}
 
+	// Create the SAML IdentityProvider, but then we put another
+	// mux.Router in front in order to wrap just the ssoURL with
+	// our own SSO handler.
 	idp := &saml.IdentityProvider{
 		Key:                     cert.PrivateKey,
 		Certificate:             cert.Leaf,
 		Logger:                  logger.DefaultLogger,
-		SSOURL:                  *ssoURL,
+		MetadataURL:             metadataURL,
+		SSOURL:                  ssoURL,
 		ServiceProviderProvider: config,
 		SessionProvider:         users,
 	}
-- 
GitLab