i am working on the SAML SLO,
and i am facing an issue, regarding getting the in_response to with the SLO flow.
with the signle sign on with the method process_response, we get the in response to saved in the auth object
so i can verify the value with the one saved in the cache, and also in the case when there is multiple attempts from multiple users
i can check to wich request this response for,
but in the case of the process_slo, we have a parameter, request_id, and the method verify that, and either process or deny accordingly.
but if i have multiple SLO from multiple users, it's not possible to figure out to wich request the actual response belong,
however if we saved the in response to inside the process_slo that will save the issue,
for now this is what i did,
i want to make sure if the is an issue in the library, or if i am missing something,
greetings
i am working on the SAML SLO,
and i am facing an issue, regarding getting the in_response to with the SLO flow.
with the signle sign on with the method process_response, we get the in response to saved in the auth object
so i can verify the value with the one saved in the cache, and also in the case when there is multiple attempts from multiple users
i can check to wich request this response for,
but in the case of the process_slo, we have a parameter, request_id, and the method verify that, and either process or deny accordingly.
but if i have multiple SLO from multiple users, it's not possible to figure out to wich request the actual response belong,
however if we saved the in response to inside the process_slo that will save the issue,
for now this is what i did,
i want to make sure if the is an issue in the library, or if i am missing something,
greetings