Make it possible to send logout responses to a different endpoint than logout requests.

Patch by Joakim Recht <jre@trifork.com> git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1460 44740490-163a-0410-bde0-09ae8108e29a

Make it possible to send logout responses to a different endpoint than logout requests.
d9f531e6 · Olav Morken · 329b3610 · d9f531e6 · d9f531e6 · d9f531e6
Commit d9f531e6 authored 16 years ago by Olav Morken
--- a/lib/SimpleSAML/Metadata/SAMLParser.php
+++ b/lib/SimpleSAML/Metadata/SAMLParser.php
@@ -609,6 +609,9 @@ class SimpleSAML_Metadata_SAMLParser {
 		$slo = $this->getDefaultEndpoint($spd['singleLogoutServices'], array(self::SAML_20_REDIRECT_BINDING));
 		if($slo !== NULL) {
 			$ret['SingleLogoutService'] = $slo['location'];
+			if (isset($slo['responseLocation']) && $slo['location'] != $slo['responseLocation']) {
+				$ret['SingleLogoutServiceResponse'] = $slo['responseLocation'];
+			}
 		}



--- a/lib/SimpleSAML/XML/SAML20/LogoutResponse.php
+++ b/lib/SimpleSAML/XML/SAML20/LogoutResponse.php
@@ -3,7 +3,7 @@
 /**
 * Implementation of the SAML 2.0 LogoutResponse message.
 *
- * @author Andreas kre Solberg, UNINETT AS. <andreas.solberg@uninett.no>
+ * @author Andreas Åkre Solberg, UNINETT AS. <andreas.solberg@uninett.no>
 * @package simpleSAMLphp
 * @version $Id$
 */
@@ -117,6 +117,9 @@ class SimpleSAML_XML_SAML20_LogoutResponse {
 		$issueInstant = SimpleSAML_Utilities::generateTimestamp();

 		$destination = $receivermd['SingleLogoutService'];
+		if (isset($receivermd['SingleLogoutServiceResponse'])) {
+			$destination = $receivermd['SingleLogoutServiceResponse'];
+		}
 		
 		$samlResponse = '<samlp:LogoutResponse 
    xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"

--- a/www/saml2/idp/SingleLogoutService.php
+++ b/www/saml2/idp/SingleLogoutService.php
@@ -358,7 +358,7 @@ try {
 		$relayState = isset($logoutInfo['RelayState']) ? $logoutInfo['RelayState'] : null;
 	
 		// Parameters: $request, $remoteentityid, $relayState = null, $endpoint = 'SingleLogoutService', $direction = 'SAMLRequest', $mode = 'SP'
-		$httpredirect->sendMessage($logoutResponseXML, $idpentityid, $logoutInfo['Issuer'], $relayState, 'SingleLogoutService', 'SAMLResponse', 'IdP');
+		$httpredirect->sendMessage($logoutResponseXML, $idpentityid, $logoutInfo['Issuer'], $relayState, 'SingleLogoutServiceResponse', 'SAMLResponse', 'IdP');
 		exit;
 		
 	} elseif (array_key_exists('RelayState', $logoutInfo)) {