Add support for preferred IdPs in WAYF display#1985
Conversation
johanib
force-pushed
the
feature/1970-preferred-idps-wayf
branch
2 times, most recently
from
2f6926b to
62b309b
Compare
Prior to this change, there was no way to configure priority IdPs. This change adds a `wayf.preferred_idp_entity_ids` parameter to configure IdPs that should show prominent in the wayf. IdPs in this list are shown on top of the wayf, outside of the regular list. Resolves #1970
…vice Prior to this change, much of the wayf rendering happened in Corto. This change moves that logic to the Symfony workspaces. Benefits: - Business logic is now in a testable Symfony service with proper DI - Production (SingleSignOn) and the functional test (WayfController) share the exact same rendering path, eliminating logic duplication - DiContainerRuntime bridge is thinner
johanib
force-pushed
the
feature/1970-preferred-idps-wayf
branch
from
62b309b to
a8115aa
Compare
| ): string { | ||
| $split = $this->splitter->split($idpList, $preferredIdpEntityIds); | ||
| $showPreferredIdps = !empty($split['preferred']); | ||
| $isDefaultIdpPreferred = in_array($defaultIdpEntityId, $preferredIdpEntityIds, true); |
There was a problem hiding this comment.
The banner is suppressed when the default IdP is in $preferredIdpEntityIds, but this is the raw config list it doesn't know whether the IdP is actually connected to this SP. IdpSplitter silently drops disconnected preferred IdPs, so the default IdP can be "on the guest list" but never show up to the party.
When this happens the default IdP is invisible everywhere: not in the preferred section (dropped by splitter), not in the regular list (preferred IdPs are excluded from regular), and the banner is suppressed too.
// checks the config — doesn't know if the IdP is connected
$isDefaultIdpPreferred = in_array($defaultIdpEntityId, $preferredIdpEntityIds, true);
// fix: check what the splitter actually produced
$preferredEntityIdsShown = array_column($split['preferred'], 'EntityID');
$isDefaultIdpPreferred = in_array($defaultIdpEntityId, $preferredEntityIdsShown, true);| @@ -0,0 +1,7 @@ | |||
| <section class="wayf__preferredIdps {% if connectedIdps.formattedPreviousSelectionList is not empty %}hidden{% endif %}"> | |||
There was a problem hiding this comment.
remainingIdps.html.twig has a visually-hidden <h2> so screenreader users know where they are. preferredIdps.html.twig has none a screenreader user landing in this section gets no context.
<section class="wayf__preferredIdps {% if connectedIdps.formattedPreviousSelectionList is not empty %}hidden{% endif %}">
<h2 class="visually-hidden">{{ 'wayf_preferred_idps_title_screenreader'|trans }}</h2>
<ul class="wayf__idpList wayf__idpList--preferred">Or is it not needed here? What do you think?
| showRequestAccess: $showRequestAccess, | ||
| requestId: $requestId, | ||
| serviceProvider: $serviceProvider, | ||
| showRequestAccessContainer: true, |
There was a problem hiding this comment.
showRequestAccessContainer is hardcoded true the parameter does nothing
WayfRenderer::render() always passes showRequestAccessContainer: true to the factory. It is carried through WayfViewModelFactory and stored in WayfViewModel, but no caller can ever change it.
If it should always be true, can you not hardcode it in the factory?
2 participants
Prior to this change, there was no way to configure priority IdPs.
This change adds a
wayf.preferred_idp_entity_idsparameter to configure IdPs that should show prominent in the wayf.IdPs in this list are shown on top of the wayf, outside of the regular list.
Also make the twig templates more explicit by not enabling the global variable scope.
Resolves #1970