diff --git a/api/js/login.js b/api/js/login.js
index f059254644..eeb0ca12f3 100644
--- a/api/js/login.js
+++ b/api/js/login.js
@@ -59,12 +59,19 @@ egw_LAB.wait(function()
]);
// automatic submit of SAML IdP selection
- jQuery('select.onChangeSubmit').on('change', function() {
+ jQuery('select[name="auth=saml"]').on('change', function() {
if (this.value) {
- this.form.method = 'GET';
+ this.form.method = 'get';
+ jQuery(this.form).append('');
+ jQuery(this.form).append('');
this.form.submit();
}
});
+ // or optional SAML login with a button for a single IdP
+ jQuery('input[type="submit"][name="auth=saml"]').on('click', function(){
+ this.form.method = 'get';
+ jQuery(this.form).append('');
+ });
});
});
diff --git a/api/src/Auth.php b/api/src/Auth.php
index 6523e9ad56..edf83b9b44 100644
--- a/api/src/Auth.php
+++ b/api/src/Auth.php
@@ -128,13 +128,6 @@ class Auth
{
$type = $_REQUEST['auth'];
}
- elseif (($auth = array_filter($_REQUEST, function($key)
- {
- return substr($key, 0, 5) === 'auth=';
- }, ARRAY_FILTER_USE_KEY)) && !empty(current($auth)))
- {
- $type = substr(key($auth), 5);
- }
// to not allow enabling all sort of auth plugins by simply calling login.php?auth=xyz we require the
// plugin to be enabled via "${auth}_discovery" server config
if (!empty($type) && empty($GLOBALS['egw_info']['server'][$type.'_discovery']))
diff --git a/api/src/Auth/Saml.php b/api/src/Auth/Saml.php
index 06096be1ce..bfeef46a39 100644
--- a/api/src/Auth/Saml.php
+++ b/api/src/Auth/Saml.php
@@ -113,8 +113,8 @@ class Saml implements BackendSSO
{
// login (redirects to IdP)
$as = new SimpleSAML\Auth\Simple(self::$auth_source);
- $as->requireAuth(preg_match('|^https://|', $_REQUEST['auth=saml']) ?
- ['saml:idp' => $_REQUEST['auth=saml']] : []);
+ $as->requireAuth(preg_match('|^https://|', $_REQUEST['idp']) ?
+ ['saml:idp' => $_REQUEST['idp']] : []);
/* cleanup session for EGroupware: currently NOT used as we share the session with SimpleSAMLphp
$session = SimpleSAML\Session::getSessionFromRequest();