This function will never return.
| public handleLogoutResponse ( string $assocId, string | null $relayState, SimpleSAML_Error_Exception $error = null ) | ||
| $assocId | string | The association that is terminated. |
| $relayState | string | null | The RelayState from the start of the logout. |
| $error | SimpleSAML_Error_Exception | The error that occurred during session termination (if any). |
/**
* Receive a logout message.
*
* @param SimpleSAML_IdP $idp The IdP we are receiving it for.
*/
public static function receiveLogoutMessage(SimpleSAML_IdP $idp)
{
$binding = SAML2_Binding::getCurrentBinding();
$message = $binding->receive();
$spEntityId = $message->getIssuer();
if ($spEntityId === NULL) {
/* Without an issuer we have no way to respond to the message. */
throw new SimpleSAML_Error_BadRequest('Received message on logout endpoint without issuer.');
}
$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
$idpMetadata = $idp->getConfig();
$spMetadata = $metadata->getMetaDataConfig($spEntityId, 'saml20-sp-remote');
sspmod_saml_Message::validateMessage($spMetadata, $idpMetadata, $message);
if ($message instanceof SAML2_LogoutResponse) {
SimpleSAML_Logger::info('Received SAML 2.0 LogoutResponse from: ' . var_export($spEntityId, TRUE));
$statsData = array('spEntityID' => $spEntityId, 'idpEntityID' => $idpMetadata->getString('entityid'));
if (!$message->isSuccess()) {
$statsData['error'] = $message->getStatus();
}
SimpleSAML_Stats::log('saml:idp:LogoutResponse:recv', $statsData);
$relayState = $message->getRelayState();
if (!$message->isSuccess()) {
$logoutError = sspmod_saml_Message::getResponseError($message);
SimpleSAML_Logger::warning('Unsuccessful logout. Status was: ' . $logoutError);
} else {
$logoutError = NULL;
}
$assocId = 'saml:' . $spEntityId;
$idp->handleLogoutResponse($assocId, $relayState, $logoutError);
} elseif ($message instanceof SAML2_LogoutRequest) {
SimpleSAML_Logger::info('Received SAML 2.0 LogoutRequest from: ' . var_export($spEntityId, TRUE));
SimpleSAML_Stats::log('saml:idp:LogoutRequest:recv', array('spEntityID' => $spEntityId, 'idpEntityID' => $idpMetadata->getString('entityid')));
$spStatsId = $spMetadata->getString('core:statistics-id', $spEntityId);
SimpleSAML_Logger::stats('saml20-idp-SLO spinit ' . $spStatsId . ' ' . $idpMetadata->getString('entityid'));
$state = array('Responder' => array('sspmod_saml_IdP_SAML2', 'sendLogoutResponse'), 'saml:SPEntityId' => $spEntityId, 'saml:RelayState' => $message->getRelayState(), 'saml:RequestId' => $message->getId());
$assocId = 'saml:' . $spEntityId;
$idp->handleLogoutRequest($state, $assocId);
} else {
throw new SimpleSAML_Error_BadRequest('Unknown message received on logout endpoint: ' . get_class($message));
}
}
