Stop using SimpleSAML_Session::getAuthority() in SimpleSAML_Auth_Default.

lib/SimpleSAML/Auth/Default.php

@@ -226,17 +226,18 @@ class SimpleSAML_Auth_Default {
 
 		$source = $state['SimpleSAML_Auth_Default.logoutSource'];
 
+
 		$session = SimpleSAML_Session::getSessionFromRequest();
-		$authId = $session->getAuthority();
+		if (!$session->isValid($source)) {
+			SimpleSAML_Logger::warning(
+				'Received logout from an invalid authentication source '.
+				var_export($source, TRUE)
+			);
 
-		if ($authId !== $source) {
-			SimpleSAML_Logger::warning('Received logout from different authentication source ' .
-				'than the current. Current is ' . var_export($authId, TRUE) .
-				'. Logout source is ' . var_export($source, TRUE) . '.');
 			return;
 		}
 
-		$session->doLogout();
+		$session->doLogout($source);
 	}