From 33abe3642ea1acecfad2f96f473734b4babf1c23 Mon Sep 17 00:00:00 2001
From: Hans Zandbelt <hans.zandbelt@surfnet.nl>
Date: Wed, 17 Feb 2010 19:13:41 +0000
Subject: [PATCH] fixes for global logout so the right $idp variable is passed
 to handlers

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2186 44740490-163a-0410-bde0-09ae8108e29a
---
 lib/SimpleSAML/IdP.php                   | 29 +++++++++++++++---------
 lib/SimpleSAML/IdP/LogoutIFrame.php      |  3 ++-
 lib/SimpleSAML/IdP/LogoutTraditional.php |  3 ++-
 modules/core/www/idp/logout-iframe.php   |  3 ++-
 4 files changed, 24 insertions(+), 14 deletions(-)

diff --git a/lib/SimpleSAML/IdP.php b/lib/SimpleSAML/IdP.php
index 89b44f7e8..5d9134f95 100644
--- a/lib/SimpleSAML/IdP.php
+++ b/lib/SimpleSAML/IdP.php
@@ -145,20 +145,24 @@ class SimpleSAML_IdP {
 	public function getSPName($assocId) {
 		assert('is_string($assocId)');
 
-		if (substr($assocId, 0, 5) !== 'saml:') {
-			return NULL;
-		}
-
-		$spEntityId = substr($assocId, 5);
+		$prefix = substr($assocId, 0, 4);
+		$spEntityId = substr($assocId, strlen($prefix) + 1);
 		$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
-		try {
-			$spMetadata = $metadata->getMetaDataConfig($spEntityId, 'saml20-sp-remote');
-		} catch (Exception $e) {
+
+		if ($prefix === 'saml') {
 			try {
-				$spMetadata = $metadata->getMetaDataConfig($spEntityId, 'shib13-sp-remote');
+				$spMetadata = $metadata->getMetaDataConfig($spEntityId, 'saml20-sp-remote');
 			} catch (Exception $e) {
-				return NULL;
+				try {
+					$spMetadata = $metadata->getMetaDataConfig($spEntityId, 'shib13-sp-remote');
+				} catch (Exception $e) {
+					return NULL;
+				}
 			}
+		} else if ($prefix === 'adfs') {
+			$spMetadata = $metadata->getMetaDataConfig($spEntityId, 'adfs-sp-remote');
+		} else {
+			return NULL;
 		}
 
 		if ($spMetadata->hasValue('name')) {
@@ -180,6 +184,8 @@ class SimpleSAML_IdP {
 		assert('isset($association["id"])');
 		assert('isset($association["Handler"])');
 
+		$association['core:IdP'] = $this->id;
+		
 		$session = SimpleSAML_Session::getInstance();
 		$session->addAssociation($this->associationGroup, $association);
 	}
@@ -431,7 +437,8 @@ class SimpleSAML_IdP {
 	public function finishLogout(array &$state) {
 		assert('isset($state["Responder"])');
 
-		call_user_func($state['Responder'], $this, $state);
+		$idp = SimpleSAML_IdP::getByState($state);
+		call_user_func($state['Responder'], $idp, $state);
 		assert('FALSE');
 	}
 
diff --git a/lib/SimpleSAML/IdP/LogoutIFrame.php b/lib/SimpleSAML/IdP/LogoutIFrame.php
index da99deed8..695c344a5 100644
--- a/lib/SimpleSAML/IdP/LogoutIFrame.php
+++ b/lib/SimpleSAML/IdP/LogoutIFrame.php
@@ -24,7 +24,8 @@ class SimpleSAML_IdP_LogoutIFrame extends SimpleSAML_IdP_LogoutHandler {
 		}
 
 		foreach ($associations as $id => &$association) {
-			$association['core:Logout-IFrame:Name'] = $this->idp->getSPName($id);
+			$idp = SimpleSAML_IdP::getByState($association);
+			$association['core:Logout-IFrame:Name'] = $idp->getSPName($id);
 			$association['core:Logout-IFrame:State'] = 'onhold';
 		}
 		$state['core:Logout-IFrame:Associations'] = $associations;
diff --git a/lib/SimpleSAML/IdP/LogoutTraditional.php b/lib/SimpleSAML/IdP/LogoutTraditional.php
index 0db49e275..bdef21c54 100644
--- a/lib/SimpleSAML/IdP/LogoutTraditional.php
+++ b/lib/SimpleSAML/IdP/LogoutTraditional.php
@@ -28,7 +28,8 @@ class SimpleSAML_IdP_LogoutTraditional extends SimpleSAML_IdP_LogoutHandler {
 		SimpleSAML_Logger::info('Logging out of ' . var_export($id, TRUE) . '.');
 
 		try {
-			$url = call_user_func(array($association['Handler'], 'getLogoutURL'), $this->idp, $association, $relayState);
+			$idp = SimpleSAML_IdP::getByState($association);
+			$url = call_user_func(array($association['Handler'], 'getLogoutURL'), $idp, $association, $relayState);
 			SimpleSAML_Utilities::redirect($url);
 		} catch (Exception $e) {
 			SimpleSAML_Logger::warning('Unable to initialize logout to ' . var_export($id, TRUE) . '.');
diff --git a/modules/core/www/idp/logout-iframe.php b/modules/core/www/idp/logout-iframe.php
index 4caa4b47a..e4942b8d3 100644
--- a/modules/core/www/idp/logout-iframe.php
+++ b/modules/core/www/idp/logout-iframe.php
@@ -79,7 +79,8 @@ if ($type === 'js' || $type === 'nojs') {
 		}
 
 		try {
-			$url = call_user_func(array($sp['Handler'], 'getLogoutURL'), $idp, $sp, NULL);
+			$assocIdP = SimpleSAML_IdP::getByState($sp);
+			$url = call_user_func(array($sp['Handler'], 'getLogoutURL'), $assocIdP, $sp, NULL);
 			$sp['core:Logout-IFrame:URL'] = $url;
 		} catch (Exception $e) {
 			$sp['core:Logout-IFrame:State'] = 'failed';
-- 
GitLab