Utils::buildWithBaseURLPathdoes not provides a correct url.

[RandomPersonFromSpace]

Currently i am trying to follow the demo of the library to bootstrap an implementacion.

I am having an issue with the url validation, with the following error being reported:
"The response was received at https://example.domain/main/path/of/url/login.php instead of https://example.domain/main/path/of/url/secondary/path/of/url/login.php?acs"
(the response was sent to "https://example.domain/root/path/of/url/secondary/path/of/url/login.php?acs").
Besides the query string part that I can change or remove, there is an important part of the url not beign taken into account (/secondary/path/of/url/) .

I have identified that Utils::buildWithBaseURLPath does indeed discard a large portion of the $_SERVER['REQUEST_URI'], as array_pop just gets the last part of it.

protected static function buildWithBaseURLPath($info)
{
    $result = '';
    $baseURLPath = self::getBaseURLPath();
    if (!empty($baseURLPath)) {
        $result = $baseURLPath;
        if (!empty($info)) {
            $path = explode('/', $info);
            $extractedInfo = array_pop($path);
            if (!empty($extractedInfo)) {
                $result .= $extractedInfo;
            }
        }
    }
    return $result;
}

In my case $_SERVER['REQUEST_URI'] is "/main/path/of/url/secondary/path/of/url/login.php?acs" (the code removes the query string part before passing it to buildWithBaseURLPath.

i would try to fix this in my local copy maybe send a patch, but I don't know what security issues i could introduce.

P.S.
"https://example.domain/root/path/of/url/" is the root of the site not "https://example.domain/root/path/of/url/secondary/path/of/url/", but I am restricted on the route i can use.

[pitbulk]

any progress with the fix you were working on?

[maharjanmilan]

I am facing the exact same issue.

[muffintasticdev]

I having the same issue. I could push a patch but I have never done that on github. I tried cloning the repo but changing to the 4.0.0 branch just got me a deatched head on a tag with that name. What is the pull request flow for this project?

[madmatt]

Is this the same issue as #249? There's a suggested workaround there (using Utils::setBaseURL() to be the full URL to your ACS method minus the last part of the URL).

For example in your case you would use Utils::setBaseURL("https://<domain>/main/path/of/url/secondary/path/of/url/login.php")

[sanojv-EY]

Utils::setBaseURL

Is this the same issue as #249? There's a suggested workaround there (using Utils::setBaseURL() to be the full URL to your ACS method minus the last part of the URL).

For example in your case you would use Utils::setBaseURL("https://<domain>/main/path/of/url/secondary/path/of/url/login.php")

Where should i change this?

[joelpittet]

Might be a full or partial fix in #581 ?