-
Committer:
Ubuntu One Auto Copilot
-
Author(s):
Daniel Manrique
-
Date:
2020-03-18 17:24:09 UTC
-
mfrom:
(1728.1.5 saml-real-persistence)
-
Revision ID:
otto-copilot@canonical.com-20200318172409-t06s4igzz85t6105
Send actual persistent identifier in SAML responses if requested by peer.
This modifies the behavior of the "honor persistent nameid request" flag to actually return a persistent identifier (the openid identifier), and moves the existing "honor persistent but fake it and send the email masquerading as a persistent id" to a new "send email as persistent identifier" flag.
The only peer using this functionality can then have both flags switched on, and new peers requiring an actual persistent identifier can have only the first flag switched on, moving the "quirky" behavior to the second flag.
Merged from https://code.launchpad.net/~roadmr/canonical-identity-provider/saml-real-persistence/+merge/380790