From 6898119891466b6017af92f4cdbb915fbe1530ba Mon Sep 17 00:00:00 2001
From: Alex Janes <ajanes@adagiohealth.org>
Date: Thu, 16 Dec 2021 16:56:39 -0500
Subject: [PATCH] Replaced env() with config() to check environment variables
 Made the app.php description for 'REQUIRE_SAML' a bit more... descriptive.

---
 app/Http/Controllers/Auth/LoginController.php | 4 ++--
 config/app.php                                | 8 +++++---
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
index 0802defcc..c82ffdc6f 100644
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -76,7 +76,7 @@ class LoginController extends Controller
 
         //If the environment is set to ALWAYS require SAML, go straight to the SAML route.
         //We don't need to check other settings, as this should override those.
-        if((env("REQUIRE_SAML", false)))
+        if(config('REQUIRE_SAML'))
         {
             return redirect()->route('saml.login');
         }
@@ -209,7 +209,7 @@ class LoginController extends Controller
     public function login(Request $request)
     {
         //If the environment is set to ALWAYS require SAML, return access denied
-        if((env("REQUIRE_SAML", false)))
+        if(config('REQUIRE_SAML'))
         {
             return view('errors.403');
         }
diff --git a/config/app.php b/config/app.php
index ceb358e58..c2f39c60e 100755
--- a/config/app.php
+++ b/config/app.php
@@ -255,9 +255,11 @@ return [
     | Require SAML Login
     |--------------------------------------------------------------------------
     |
-    | Disable the ability to login via form login, and require all logins to
-    | process via SAML login. (If you are not using SAML, this option should
-    | be left alone.)
+    | Disable the ability to login via form login, and disables the 'nosaml'
+    | workaround. It requires all logins to process via SAML login.
+    | (This is for high security setups. If your SAML configuration is not
+    | working, this option should be set to false. This option is not needed
+    | to successfully configure SAML authentication.)
     |
     */