SAML2_LogoutRequest: Add support for NotOnOrAfter attribute.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2755 44740490-163a-0410-bde0-09ae8108e29a

lib/SAML2/LogoutRequest.php

@@ -8,6 +8,13 @@
  */
 class SAML2_LogoutRequest extends SAML2_Request {
 
+	/**
+	 * The expiration time of this request.
+	 *
+	 * @var int|NULL
+	 */
+	private $notOnOrAfter;
+
 
 	/**
 	 * The encrypted NameID in the request.
@@ -49,6 +56,10 @@ class SAML2_LogoutRequest extends SAML2_Request {
 			return;
 		}
 
+		if ($xml->hasAttribute('NotOnOrAfter')) {
+			$this->notOnOrAfter = SimpleSAML_Utilities::parseSAML2Time($xml->getAttribute('NotOnOrAfter'));
+		}
+
 		$nameId = SAML2_Utils::xpQuery($xml, './saml_assertion:NameID | ./saml_assertion:EncryptedID/xenc:EncryptedData');
 		if (empty($nameId)) {
 			throw new Exception('Missing <saml:NameID> or <saml:EncryptedID> in <samlp:LogoutRequest>.');
@@ -70,6 +81,29 @@ class SAML2_LogoutRequest extends SAML2_Request {
 	}
 
 
+	/**
+	 * Retrieve the expiration time of this request.
+	 *
+	 * @return int|NULL  The expiration time of this request.
+	 */
+	public function getNotOnOrAfter() {
+
+		return $this->notOnOrAfter;
+	}
+
+
+	/**
+	 * Set the expiration time of this request.
+	 *
+	 * @param int|NULL $notOnOrAfter  The expiration time of this request.
+	 */
+	public function setNotOnOrAfter($notOnOrAfter) {
+		assert('is_int($notOnOrAfter) || is_null($notOnOrAfter)');
+
+		$this->notOnOrAfter = $notOnOrAfter;
+	}
+
+
 	/**
 	 * Check whether the NameId is encrypted.
 	 *
@@ -225,6 +259,10 @@ class SAML2_LogoutRequest extends SAML2_Request {
 
 		$root = parent::toUnsignedXML();
 
+		if ($this->notOnOrAfter !== NULL) {
+			$root->setAttribute('NotOnOrAfter', gmdate('Y-m-d\TH:i:s\Z', $this->notOnOrAfter));
+		}
+
 		if ($this->encryptedNameId === NULL) {
 			SAML2_Utils::addNameId($root, $this->nameId);
 		} else {