From b5d63fbc06d34e7b62a08dbe5cb4d7c9b793d5ae Mon Sep 17 00:00:00 2001
From: yu-i-i <kla9555@gmail.com>
Date: Thu, 6 Feb 2025 12:12:03 +0100
Subject: [PATCH] Add ENV variables to control SAML signature validation

---
 .../modules/authentication/saml/app/src/SAMLModuleManager.mjs   | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/services/web/modules/authentication/saml/app/src/SAMLModuleManager.mjs b/services/web/modules/authentication/saml/app/src/SAMLModuleManager.mjs
index c7efdef214..29e9ae52cd 100644
--- a/services/web/modules/authentication/saml/app/src/SAMLModuleManager.mjs
+++ b/services/web/modules/authentication/saml/app/src/SAMLModuleManager.mjs
@@ -46,6 +46,8 @@ const SAMLModuleManager = {
       logoutUrl: process.env.OVERLEAF_SAML_LOGOUT_URL,
       logoutCallbackUrl: `${Settings.siteUrl.replace(/\/+$/, '')}/saml/logout/callback`,
       additionalLogoutParams: JSON.parse(process.env.OVERLEAF_SAML_ADDITIONAL_LOGOUT_PARAMS || '{}'),
+      wantAssertionsSigned: boolFromEnv(process.env.OVERLEAF_SAML_WANT_ASSERTIONS_SIGNED),
+      wantAuthnResponseSigned: boolFromEnv(process.env.OVERLEAF_SAML_WANT_AUTHN_RESPONSE_SIGNED),
       passReqToCallback: true,
     }
     try {