we started implementing a SAML-SP authentication plugin for InvoicePlane using php-saml. Though hacking is not appreciated for IP1 I hoped that already preparing it for IP2 as a package would make things easier later for extraction. The package can be found in our github repo but is still under development. A perl installer script directly imports all files into InvoicePlane1 to hopefully let the SAML plugin be integrated into IP1 without big issues when the package is finished.
So far for introduction. A first check against an IDP seems to work as expected. Yet after the SAML request has been evaluated by the IDP and a SAML response send back to InvoicePlane, I always get an ServerError for forbidden requests. I found out that calling the Sessions.php controller using HTTP POST is not allowed. Though I checked all debug and webserver logs and dived into the applications folder I did not find out where to setup http post requests.
Is there a simple way to allow an HTTP POST request to call either any Sessions.php method or at least the login method passing a SAMLResponse object ?