When I run with your patch, I get:
Fatal error: Call to a member function get() on a non-object in /web/mahara/mahara/htdocs/auth/saml/index.php on line 82
$SESSION has not been initialized, so that would seem to be the problem. Previously, I had played around with instantiating the object early, but that seemed to have other undesirable side effects that I am unable to recall right now.
If I understand correctly, when saml_session->getIdP() returns something, that means that we've been directed back to index.php, so the referer is the IdP. If it's *not* set, then it's our first time through, so the referer should be the Mahara page the user wants. Admittedly, there may be room for improvement in that logic and/or there may be things about SAML/etc. that I'm failing to take into consideration. But it does seem to work in my environment.
When I run with your patch, I get: mahara/ htdocs/ auth/saml/ index.php on line 82
Fatal error: Call to a member function get() on a non-object in /web/mahara/
$SESSION has not been initialized, so that would seem to be the problem. Previously, I had played around with instantiating the object early, but that seemed to have other undesirable side effects that I am unable to recall right now.
If I understand correctly, when saml_session- >getIdP( ) returns something, that means that we've been directed back to index.php, so the referer is the IdP. If it's *not* set, then it's our first time through, so the referer should be the Mahara page the user wants. Admittedly, there may be room for improvement in that logic and/or there may be things about SAML/etc. that I'm failing to take into consideration. But it does seem to work in my environment.