Skip to content
Snippets Groups Projects
Commit d9f531e6 authored by Olav Morken's avatar Olav Morken
Browse files

Make it possible to send logout responses to a different endpoint than logout requests. 

Patch by Joakim Recht <jre@trifork.com>

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1460 44740490-163a-0410-bde0-09ae8108e29a
parent 329b3610
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
lib/SimpleSAML/Metadata/SAMLParser.php
+ 3
0
View file @ d9f531e6
...@@ -609,6 +609,9 @@ class SimpleSAML_Metadata_SAMLParser { ...@@ -609,6 +609,9 @@ class SimpleSAML_Metadata_SAMLParser {
$slo = $this->getDefaultEndpoint($spd['singleLogoutServices'], array(self::SAML_20_REDIRECT_BINDING)); $slo = $this->getDefaultEndpoint($spd['singleLogoutServices'], array(self::SAML_20_REDIRECT_BINDING));
if($slo !== NULL) { if($slo !== NULL) {
$ret['SingleLogoutService'] = $slo['location']; $ret['SingleLogoutService'] = $slo['location'];
if (isset($slo['responseLocation']) && $slo['location'] != $slo['responseLocation']) {
$ret['SingleLogoutServiceResponse'] = $slo['responseLocation'];
}
} }
......
lib/SimpleSAML/XML/SAML20/LogoutResponse.php
+ 4
1
View file @ d9f531e6
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
/** /**
* Implementation of the SAML 2.0 LogoutResponse message. * Implementation of the SAML 2.0 LogoutResponse message.
* *
* @author Andreas kre Solberg, UNINETT AS. <andreas.solberg@uninett.no> * @author Andreas Åkre Solberg, UNINETT AS. <andreas.solberg@uninett.no>
* @package simpleSAMLphp * @package simpleSAMLphp
* @version $Id$ * @version $Id$
*/ */
...@@ -117,6 +117,9 @@ class SimpleSAML_XML_SAML20_LogoutResponse { ...@@ -117,6 +117,9 @@ class SimpleSAML_XML_SAML20_LogoutResponse {
$issueInstant = SimpleSAML_Utilities::generateTimestamp(); $issueInstant = SimpleSAML_Utilities::generateTimestamp();
$destination = $receivermd['SingleLogoutService']; $destination = $receivermd['SingleLogoutService'];
if (isset($receivermd['SingleLogoutServiceResponse'])) {
$destination = $receivermd['SingleLogoutServiceResponse'];
}
$samlResponse = '<samlp:LogoutResponse $samlResponse = '<samlp:LogoutResponse
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
......
www/saml2/idp/SingleLogoutService.php
+ 1
1
View file @ d9f531e6
...@@ -358,7 +358,7 @@ try { ...@@ -358,7 +358,7 @@ try {
$relayState = isset($logoutInfo['RelayState']) ? $logoutInfo['RelayState'] : null; $relayState = isset($logoutInfo['RelayState']) ? $logoutInfo['RelayState'] : null;
// Parameters: $request, $remoteentityid, $relayState = null, $endpoint = 'SingleLogoutService', $direction = 'SAMLRequest', $mode = 'SP' // Parameters: $request, $remoteentityid, $relayState = null, $endpoint = 'SingleLogoutService', $direction = 'SAMLRequest', $mode = 'SP'
$httpredirect->sendMessage($logoutResponseXML, $idpentityid, $logoutInfo['Issuer'], $relayState, 'SingleLogoutService', 'SAMLResponse', 'IdP'); $httpredirect->sendMessage($logoutResponseXML, $idpentityid, $logoutInfo['Issuer'], $relayState, 'SingleLogoutServiceResponse', 'SAMLResponse', 'IdP');
exit; exit;
} elseif (array_key_exists('RelayState', $logoutInfo)) { } elseif (array_key_exists('RelayState', $logoutInfo)) {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment