In release 1.1, the Fediz IDP doesn't support other protocols than WS-Federation for a Trusted IDP. Due to the usage of Spring Web Flow, the flow can still be customized but it has a bigger impact and later migration to new release require more effort.
This is a proposal to add support for custom protocols for Trusted IDPs:
- Introduce Interface "SSOProtocolBridge" which is able to transform a WS-Federation SignIn Request to another SignIn Request (ex. SAML-P AuthRequest) and to transform another SignIn Response (ex. SAML-P AuthResponse) to a WS-Federation SignIn Response.
- Processing logic is part of the main IDP web flow which chooses a protocol depending on the configuration of the TrustedIdp
- New protocol implementations can be found due to spring annotations scanning and injecting the beans in the core processing logic