Deletes the local session.
| public static deleteLocalSession ( ) |
/**
* Tests the deleteLocalSession method of the OneLogin_Saml2_Utils
*
* @covers OneLogin_Saml2_Utils::deleteLocalSession
*/
public function testDeleteLocalSession()
{
if (!isset($_SESSION)) {
$_SESSION = array();
}
$_SESSION['samltest'] = true;
$this->assertTrue(isset($_SESSION['samltest']));
$this->assertTrue($_SESSION['samltest']);
OneLogin_Saml2_Utils::deleteLocalSession();
$this->assertFalse(isset($_SESSION));
$this->assertFalse(isset($_SESSION['samltest']));
session_start();
$_SESSION['samltest'] = true;
OneLogin_Saml2_Utils::deleteLocalSession();
$this->assertFalse(isset($_SESSION));
$this->assertFalse(isset($_SESSION['samltest']));
}
/**
* Tests the deleteLocalSession method of the OneLogin_Saml2_Utils
*
* @covers OneLogin_Saml2_Utils::deleteLocalSession
*/
public function testDeleteLocalSession()
{
if (getenv("TRAVIS")) {
// Can't test that on TRAVIS
$this->markTestSkipped("Can't test that on TRAVIS");
} else {
if (!isset($_SESSION)) {
$_SESSION = array();
}
$_SESSION['samltest'] = true;
$this->assertTrue(isset($_SESSION['samltest']));
$this->assertTrue($_SESSION['samltest']);
OneLogin_Saml2_Utils::deleteLocalSession();
$this->assertFalse(isset($_SESSION));
$this->assertFalse(isset($_SESSION['samltest']));
session_start();
$_SESSION['samltest'] = true;
OneLogin_Saml2_Utils::deleteLocalSession();
$this->assertFalse(isset($_SESSION));
$this->assertFalse(isset($_SESSION['samltest']));
}
}
/**
* Process the SAML Logout Response / Logout Request sent by the IdP.
*
* @param boolean $keepLocalSession When false will destroy the local session, otherwise will keep it
* @param string $requestId The ID of the LogoutRequest sent by this SP to the IdP
*/
public function processSLO($keepLocalSession = false, $requestId = null, $retrieveParametersFromServer = false)
{
$this->_errors = array();
$samlResponse = null;
if (isset($_GET) && isset($_GET['SAMLResponse'])) {
$samlResponse = $_GET['SAMLResponse'];
} else {
if (isset($_POST) && isset($_POST['SAMLResponse'])) {
$samlResponse = $_POST['SAMLResponse'];
}
}
$relayState = null;
if (isset($_GET['RelayState'])) {
$relayState = $_GET['RelayState'];
} else {
if ($_POST['RelayState']) {
$relayState = $_POST['RelayState'];
}
}
$samlRequest = null;
if (isset($_GET) && isset($_GET['SAMLRequest'])) {
$samlRequest = $_GET['SAMLRequest'];
} else {
if (isset($_POST) && isset($_POST['SAMLRequest'])) {
$samlRequest = $_POST['SAMLRequest'];
}
}
if ($samlResponse) {
$logoutResponse = new OneLogin_Saml2_LogoutResponse($this->_settings, $samlResponse);
if (!$logoutResponse->isValid($requestId, $retrieveParametersFromServer)) {
$this->_errors[] = 'invalid_logout_response';
$this->_errorReason = $logoutResponse->getError();
} else {
if ($logoutResponse->getStatus() !== OneLogin_Saml2_Constants::STATUS_SUCCESS) {
$this->_errors[] = 'logout_not_success';
} else {
if (!$keepLocalSession) {
OneLogin_Saml2_Utils::deleteLocalSession();
}
}
}
} else {
if ($samlRequest) {
$logoutRequest = new OneLogin_Saml2_LogoutRequest($this->_settings, $samlRequest);
if (!$logoutRequest->isValid($retrieveParametersFromServer)) {
$this->_errors[] = 'invalid_logout_request';
$this->_errorReason = $logoutRequest->getError();
} else {
if (!$keepLocalSession) {
OneLogin_Saml2_Utils::deleteLocalSession();
}
$inResponseTo = $logoutRequest->id;
$responseBuilder = new OneLogin_Saml2_LogoutResponse($this->_settings);
$responseBuilder->build($inResponseTo);
$logoutResponse = $responseBuilder->getResponse();
$parameters = array('SAMLResponse' => $logoutResponse);
if ($relayState) {
$parameters['RelayState'] = $relayState;
}
$security = $this->_settings->getSecurityData();
if (isset($security['logoutResponseSigned']) && $security['logoutResponseSigned']) {
$signature = $this->buildResponseSignature($logoutResponse, $parameters['RelayState']);
$parameters['SigAlg'] = XMLSecurityKey::RSA_SHA1;
$parameters['Signature'] = $signature;
}
$sloUrlWithParameters = $this->redirectTo($this->getSLOurl(), $parameters, true);
}
} else {
$this->_errors[] = 'invalid_binding';
throw new OneLogin_Saml2_Error('SAML LogoutRequest/LogoutResponse not found. Only supported HTTP_REDIRECT Binding', OneLogin_Saml2_Error::SAML_LOGOUTMESSAGE_NOT_FOUND);
}
}
}
/**
* Process the SAML Logout Response / Logout Request sent by the IdP.
*
* @param boolean $keepLocalSession When false will destroy the local session, otherwise will destroy it
* @param string $requestId The ID of the LogoutRequest sent by this SP to the IdP
*/
public function processSLO($keepLocalSession = false, $requestId = null)
{
$this->_errors = array();
if (isset($_GET) && isset($_GET['SAMLResponse'])) {
$logoutResponse = new OneLogin_Saml2_LogoutResponse($this->_settings, $_GET['SAMLResponse']);
if (!$logoutResponse->isValid($requestId)) {
$this->_errors[] = 'invalid_logout_response';
} else {
if ($logoutResponse->getStatus() !== OneLogin_Saml2_Constants::STATUS_SUCCESS) {
$this->_errors[] = 'logout_not_success';
} else {
if (!$keepLocalSession) {
OneLogin_Saml2_Utils::deleteLocalSession();
}
}
}
} else {
if (isset($_GET) && isset($_GET['SAMLRequest'])) {
$decoded = base64_decode($_GET['SAMLRequest']);
$request = gzinflate($decoded);
if (!OneLogin_Saml2_LogoutRequest::isValid($this->_settings, $request)) {
$this->_errors[] = 'invalid_logout_request';
} else {
if (!$keepLocalSession) {
OneLogin_Saml2_Utils::deleteLocalSession();
}
$inResponseTo = OneLogin_Saml2_LogoutRequest::getID($request);
$responseBuilder = new OneLogin_Saml2_LogoutResponse($this->_settings);
$responseBuilder->build($inResponseTo);
$logoutResponse = $responseBuilder->getResponse();
$parameters = array('SAMLResponse' => $logoutResponse);
if (isset($_GET['RelayState'])) {
$parameters['RelayState'] = $_GET['RelayState'];
}
$security = $this->_settings->getSecurityData();
if (isset($security['logoutResponseSigned']) && $security['logoutResponseSigned']) {
$signature = $this->buildResponseSignature($logoutResponse, $parameters['RelayState']);
$parameters['SigAlg'] = XMLSecurityKey::RSA_SHA1;
$parameters['Signature'] = $signature;
}
$this->redirectTo($this->getSLOurl(), $parameters);
}
} else {
$this->_errors[] = 'invalid_binding';
throw new OneLogin_Saml2_Error('SAML LogoutRequest/LogoutResponse not found. Only supported HTTP_REDIRECT Binding', OneLogin_Saml2_Error::SAML_LOGOUTMESSAGE_NOT_FOUND);
}
}
}
