From e7188f86014e3c8915eff0641275b536bdd34772 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaime=20Pe=CC=81rez=20Crespo?= <jaime.perez@uninett.no>
Date: Tue, 18 Jul 2017 11:44:18 +0200
Subject: [PATCH] Minor fixes for iframe logout.

- Make sure timeout is added conditionally, when we actually have it.
- Additionally, pass the state ID to the template in the "auth_state" variable. Trying to be consistent with this from now on.
---
 modules/core/templates/logout-iframe-wrapper.php |  2 +-
 modules/core/templates/logout-iframe.php         |  2 +-
 modules/core/www/idp/logout-iframe.php           | 10 ++++++++--
 3 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/modules/core/templates/logout-iframe-wrapper.php b/modules/core/templates/logout-iframe-wrapper.php
index 98993786d..4649c289b 100644
--- a/modules/core/templates/logout-iframe-wrapper.php
+++ b/modules/core/templates/logout-iframe-wrapper.php
@@ -1,6 +1,6 @@
 <?php
 
-$id = $this->data['id'];
+$id = $this->data['auth_state'];
 $SPs = $this->data['SPs'];
 
 $iframeURL = 'logout-iframe.php?type=embed&id='.urlencode($id);
diff --git a/modules/core/templates/logout-iframe.php b/modules/core/templates/logout-iframe.php
index a89470f0a..de177d081 100644
--- a/modules/core/templates/logout-iframe.php
+++ b/modules/core/templates/logout-iframe.php
@@ -1,6 +1,6 @@
 <?php
 
-$id = $this->data['id'];
+$id = $this->data['auth_state'];
 $type = $this->data['type'];
 $from = $this->data['from'];
 $SPs = $this->data['SPs'];
diff --git a/modules/core/www/idp/logout-iframe.php b/modules/core/www/idp/logout-iframe.php
index 68c0f8187..caf00f11d 100644
--- a/modules/core/www/idp/logout-iframe.php
+++ b/modules/core/www/idp/logout-iframe.php
@@ -39,7 +39,7 @@ if ($type !== 'init') { // update association state
             }
         }
 
-        // heck for timeout
+        // check for timeout
         if (isset($sp['core:Logout-IFrame:Timeout']) && $sp['core:Logout-IFrame:Timeout'] < time()) {
             if ($sp['core:Logout-IFrame:State'] === 'inprogress') {
                 $sp['core:Logout-IFrame:State'] = 'failed';
@@ -104,10 +104,12 @@ foreach ($state['core:Logout-IFrame:Associations'] as $association) {
         'entityID' => $association['saml:entityID'],
         'subject' => $association['saml:NameID'],
         'status' => $association['core:Logout-IFrame:State'],
-        'timeout' => $association['core:Logout-IFrame:Timeout'],
         'logoutURL' => $association['core:Logout-IFrame:URL'],
         'metadata' => $mdh->getMetaDataConfig($association['saml:entityID'], $mdset)->toArray(),
     );
+    if (isset($association['core:Logout-IFrame:Timeout'])) {
+        $remaining[$key]['timeout'] = $association['core:Logout-IFrame:Timeout'];
+    }
 }
 
 $id = SimpleSAML_Auth_State::saveState($state, 'core:Logout-IFrame');
@@ -119,6 +121,10 @@ if ($type === 'nojs') {
 }
 
 $t = new SimpleSAML_XHTML_Template($globalConfig, $template_id);
+$t->data['auth_state'] = $id;
+/**
+ * @deprecated The "id" variable will be removed. Please use "auth_state" instead.
+ */
 $t->data['id'] = $id;
 $t->data['type'] = $type;
 $t->data['terminated_service'] = $terminated;
-- 
GitLab