/* Assertion contains AuthnStatement, since AuthnInstant is a required attribute. */
$foundAuthnStatement = TRUE;
}
}
if (!$foundAuthnStatement) {
$e = new SimpleSAML_Error_Exception('No AuthnStatement found in assertion(s).');
SimpleSAML_Auth_State::throwException($state, $e);
}
if ($expire !== NULL) {
$logoutExpire = $expire;
} else {
/* Just expire the logout associtaion 24 hours into the future. */
$logoutExpire = time() + 24 * 60 * 60;
}
/* Register this session in the logout store. */
sspmod_saml_SP_LogoutStore::addSession($sourceId, $nameId, $sessionIndex, $logoutExpire);
/* We need to save the NameID and SessionIndex for logout. */
$logoutState = array('saml:logout:Type' => 'saml2', 'saml:logout:IdP' => $idp, 'saml:logout:NameID' => $nameId, 'saml:logout:SessionIndex' => $sessionIndex);
$state['LogoutState'] = $logoutState;
$state['saml:AuthenticatingAuthority'] = $authenticatingAuthority;
$state['saml:AuthenticatingAuthority'][] = $idp;
$state['PersistentAuthData'][] = 'saml:AuthenticatingAuthority';
$state['saml:sp:IdP'] = $idp;
$state['PersistentAuthData'][] = 'saml:sp:IdP';
$state['saml:sp:NameID'] = $nameId;
$state['PersistentAuthData'][] = 'saml:sp:NameID';
$state['saml:sp:SessionIndex'] = $sessionIndex;
$state['PersistentAuthData'][] = 'saml:sp:SessionIndex';
$state['saml:sp:AuthnContext'] = $assertion->getAuthnContext();
$state['PersistentAuthData'][] = 'saml:sp:AuthnContext';
if ($expire !== NULL) {
