/**
* @param \Symfony\Component\HttpFoundation\Request $request
* @throws \RuntimeException
* @throws \InvalidArgumentException if cannot manage the Request
* @return \Symfony\Component\HttpFoundation\Response|SamlSpInfo|null
*/
public function manage(Request $request)
{
if (!$this->supports($request)) {
throw new \InvalidArgumentException('Unsupported request');
}
$logoutRequest = $this->receiveRequest($request);
$serviceInfo = $this->getServiceInfo($logoutRequest);
$this->validateLogoutRequest($serviceInfo, $logoutRequest);
$arrStates = $this->getSSOState($serviceInfo, $logoutRequest->getNameID()->getValue(), $logoutRequest->getSessionIndex());
$this->deleteSSOState($arrStates);
$logoutResponse = new LogoutResponse();
$logoutResponse->setID(Helper::generateID());
$logoutResponse->setIssuer($serviceInfo->getSpProvider()->getEntityDescriptor()->getEntityID());
$logoutResponse->setInResponseTo($logoutRequest->getID());
$arrSLO = $serviceInfo->getIdpProvider()->getEntityDescriptor()->getFirstIdpSsoDescriptor()->findSingleLogoutServices();
/** @var $slo SingleLogoutService */
$slo = array_pop($arrSLO);
$logoutResponse->setDestination($slo->getLocation());
$status = new Status();
$status->setSuccess();
$logoutResponse->setStatus($status);
$context = new SerializationContext();
$logoutResponse->getXml($context->getDocument(), $context);
$xml = $context->getDocument()->saveXML();
return new Response($xml, 200, array('Content-Type' => 'application/xml'));
}
/**
* @return AuthnRequest
*/
public function build()
{
$result = new AuthnRequest();
$edSP = $this->getEdSP();
$result->setID(Helper::generateID());
$result->setDestination($this->getDestination());
$result->setIssueInstant(time());
$asc = $this->getAssertionConsumerService();
$result->setAssertionConsumerServiceURL($asc->getLocation());
$result->setProtocolBinding($asc->getBinding());
$result->setIssuer($edSP->getEntityID());
if ($this->spMeta->getNameIdFormat()) {
$result->setNameIdPolicyFormat($this->spMeta->getNameIdFormat());
}
return $result;
}
/**
* @param \Symfony\Component\HttpFoundation\Request $request
* @throws \RuntimeException
* @throws \InvalidArgumentException if cannot manage the Request
* @return \Symfony\Component\HttpFoundation\Response|SamlSpInfo|null
*/
public function manage(Request $request)
{
if (!$this->supports($request)) {
throw new \InvalidArgumentException('Unsupported request');
}
$logoutRequest = $this->receiveRequest($request);
$serviceInfo = $this->getServiceInfo($logoutRequest, $request);
$this->validateLogoutRequest($serviceInfo, $logoutRequest);
$arrStates = $this->getSSOState($serviceInfo, $logoutRequest->getNameID()->getValue(), $logoutRequest->getSessionIndex());
$this->deleteSSOState($arrStates);
$logoutResponse = new LogoutResponse();
$logoutResponse->setID(Helper::generateID());
$logoutResponse->setIssuer($serviceInfo->getSpProvider()->getEntityDescriptor()->getEntityID());
$logoutResponse->setInResponseTo($logoutRequest->getID());
$logoutResponse->setRelayState($logoutRequest->getRelayState());
$arrSLO = $serviceInfo->getIdpProvider()->getEntityDescriptor()->getFirstIdpSsoDescriptor()->findSingleLogoutServices();
/** @var $slo SingleLogoutService */
$slo = array_pop($arrSLO);
$logoutResponse->setDestination($slo->getLocation());
$status = new Status();
$status->setSuccess();
$logoutResponse->setStatus($status);
// Log the user out
$request->getSession()->invalidate();
$this->securityContext->setToken(null);
// Return the response to SLO Service
$bindingType = $serviceInfo->getSpMetaProvider()->getSpMeta()->getResponseBinding();
if ($bindingType) {
$detector = new BindingDetector();
$binding = $detector->instantiate($bindingType);
} else {
$binding = new HttpRedirect();
}
$bindingResponse = $binding->send($logoutResponse);
if ($bindingResponse instanceof PostResponse) {
return new Response($bindingResponse->render());
} else {
if ($bindingResponse instanceof RedirectResponse) {
return new RedirectResponse($bindingResponse->getDestination());
} else {
$context = new SerializationContext();
$logoutResponse->getXml($context->getDocument(), $context);
$xml = $context->getDocument()->saveXML();
return new Response($xml, 200, array('Content-Type' => 'application/xml'));
}
}
}
/**
* @param string $nameIDValue
* @param string|null $nameIDFormat
* @param string|null $sessionIndex
* @param string|null $reason
* @return LogoutRequest
*/
public function build($nameIDValue, $nameIDFormat = null, $sessionIndex = null, $reason = null)
{
$result = new LogoutRequest();
$edSP = $this->getEdSP();
$result->setID(Helper::generateID());
$result->setDestination($this->getDestination());
$result->setIssueInstant(time());
if ($reason) {
$result->setReason($reason);
}
if ($sessionIndex) {
$result->setSessionIndex($sessionIndex);
}
$nameID = new NameID();
$nameID->setValue($nameIDValue);
if ($nameIDFormat) {
$nameID->setFormat($nameIDFormat);
}
$result->setNameID($nameID);
$result->setIssuer($edSP->getEntityID());
return $result;
}
protected function prepareForXml()
{
if (!$this->getID()) {
$this->setId(Helper::generateID());
}
if (!$this->getIssueInstant()) {
$this->setIssueInstant(time());
}
if (!$this->getIssuer()) {
throw new InvalidAssertionException('Issuer not set in Assertion');
}
if (!$this->getSubject()) {
throw new InvalidAssertionException('Subject not set in Assertion');
}
if (!$this->getNotBefore()) {
$this->setNotBefore(time());
}
if (!$this->getNotOnOrAfter()) {
$this->setNotOnOrAfter(time());
}
if (!$this->getAuthnStatement()) {
$this->setAuthnStatement(new AuthnStatement());
}
}
