Support reverse proxy the NextCloud way

In some network configurations involving a reverse proxy, the base url generated by the underlying SAML library is not consistent with the way it's generated in NextCloud.

For example, it may generate `http://` urls instead of `https://` when the SSL Layer is handled by a proxy, even when NextCloud URLGenerator#getAbsoluteURL effectively generates `https://` urls.

This change setup SAML library to use the Server Protocol and Server Host as returned by the NextCloud Request object to build SAML urls properly.

Signed-off-by: Rémi Alvergnat <[email protected]>

Author: Toilal

lib/SAMLSettings.php

@@ -14,6 +14,7 @@
 use OCP\ISession;
 use OCP\IURLGenerator;
 use OneLogin\Saml2\Constants;
+use OneLogin\Saml2\Utils;
 
 class SAMLSettings {
 	private const LOADED_NONE = 0;
@@ -78,6 +79,10 @@ public function __construct(
 		private ISession $session,
 		private ConfigurationsMapper $mapper,
 	) {
+		Utils::setSelfProtocol($this->request->getServerProtocol());
+		Utils::setSelfHost($this->request->getServerHost());
+		Utils::setSelfPort(null);
+		Utils::setProxyVars(true);
 	}
 
 	/**