Initiates the SLO process.
| public logout ( string | null $returnTo = null, array $parameters = [], string | null $nameId = null, string | null $sessionIndex = null, boolean $stay = false, string | null $nameIdFormat = null ) : If | ||
| $returnTo | string | null | The target URL the user should be returned to after logout. |
| $parameters | array | Extra parameters to be added to the GET |
| $nameId | string | null | The NameID that will be set in the LogoutRequest. |
| $sessionIndex | string | null | The SessionIndex (taken from the SAML Response in the SSO process). |
| $stay | boolean | True if we want to stay (returns the url string) False to redirect |
| $nameIdFormat | string | null | The NameID Format will be set in the LogoutRequest. |
| Результат | If | $stay is True, it return a string with the SLO URL + LogoutRequest + parameters |
/**
* Tests the logout method of the OneLogin_Saml2_Auth class
* Case IdP no SLO endpoint.
*
* @covers OneLogin_Saml2_Auth::logout
*/
public function testLogoutNoSLO()
{
$settingsDir = TEST_ROOT . '/settings/';
include $settingsDir . 'settings1.php';
unset($settingsInfo['idp']['singleLogoutService']);
$auth = new OneLogin_Saml2_Auth($settingsInfo);
try {
$returnTo = 'http://example.com/returnto';
$auth->logout($returnTo);
$this->assertFalse(true);
} catch (Exception $e) {
$this->assertContains('The IdP does not support Single Log Out', $e->getMessage());
}
}
if (isset($_GET['sso2'])) {
$returnTo = $spBaseUrl . '/demo1/attrs.php';
$auth->login($returnTo);
} else {
if (isset($_GET['slo'])) {
$returnTo = null;
$paramters = array();
$nameId = null;
$sessionIndex = null;
if (isset($_SESSION['samlNameId'])) {
$nameId = $_SESSION['samlNameId'];
}
if (isset($_SESSION['samlSessionIndex'])) {
$sessionIndex = $_SESSION['samlSessionIndex'];
}
$auth->logout($returnTo, $paramters, $nameId, $sessionIndex);
# If LogoutRequest ID need to be saved in order to later validate it, do instead
# $sloBuiltUrl = $auth->logout(null, $paramters, $nameId, $sessionIndex, true);
# $_SESSION['LogoutRequestID'] = $auth->getLastRequestID();
# header('Pragma: no-cache');
# header('Cache-Control: no-cache, must-revalidate');
# header('Location: ' . $sloBuiltUrl);
# exit();
} else {
if (isset($_GET['acs'])) {
if (isset($_SESSION) && isset($_SESSION['AuthNRequestID'])) {
$requestID = $_SESSION['AuthNRequestID'];
} else {
$requestID = null;
}
$auth->processResponse($requestID);
/**
* SAML Handler
*/
session_start();
require_once dirname(dirname(__FILE__)) . '/_toolkit_loader.php';
require_once 'settings.php';
$auth = new OneLogin_Saml2_Auth($settingsInfo);
if (isset($_GET['sso'])) {
$auth->login();
} else {
if (isset($_GET['sso2'])) {
$returnTo = $spBaseUrl . '/demo1/attrs.php';
$auth->login($returnTo);
} else {
if (isset($_GET['slo'])) {
$auth->logout();
} else {
if (isset($_GET['acs'])) {
$auth->processResponse();
$errors = $auth->getErrors();
if (!empty($errors)) {
print_r('<p>' . implode(', ', $errors) . '</p>');
}
if (!$auth->isAuthenticated()) {
echo "<p>Not authenticated</p>";
exit;
}
$_SESSION['samlUserdata'] = $auth->getAttributes();
if (isset($_POST['RelayState']) && OneLogin_Saml2_Utils::getSelfURL() != $_POST['RelayState']) {
$auth->redirectTo($_POST['RelayState']);
}
if (isset($_GET['slo'])) {
$returnTo = null;
$paramters = array();
$nameId = null;
$sessionIndex = null;
$nameIdFormat = null;
if (isset($_SESSION['samlNameId'])) {
$nameId = $_SESSION['samlNameId'];
}
if (isset($_SESSION['samlSessionIndex'])) {
$sessionIndex = $_SESSION['samlSessionIndex'];
}
if (isset($_SESSION['samlNameIdFormat'])) {
$nameIdFormat = $_SESSION['samlNameIdFormat'];
}
$auth->logout($returnTo, $paramters, $nameId, $sessionIndex, false, $nameIdFormat);
# If LogoutRequest ID need to be saved in order to later validate it, do instead
# $sloBuiltUrl = $auth->logout(null, $paramters, $nameId, $sessionIndex, true);
# $_SESSION['LogoutRequestID'] = $auth->getLastRequestID();
# header('Pragma: no-cache');
# header('Cache-Control: no-cache, must-revalidate');
# header('Location: ' . $sloBuiltUrl);
# exit();
} else {
if (isset($_GET['acs'])) {
if (isset($_SESSION) && isset($_SESSION['AuthNRequestID'])) {
$requestID = $_SESSION['AuthNRequestID'];
} else {
$requestID = null;
}
$auth->processResponse($requestID);
private function procesar_logout(OneLogin_Saml2_Auth $auth)
{
if (!is_null(toba::memoria()->get_parametro('sls'))) {
$auth->processSLO();
} elseif (isset($_GET['slo'])) {
$auth->logout();
}
$this->verificar_errores_onelogin($auth);
}
/**
* Call the logout method on OneLogin_Saml2_Auth.
*/
public function logout($returnTo = null, $parameters = array(), $nameId = null, $sessionIndex = null)
{
return $this->instance->logout($returnTo, $parameters, $nameId, $sessionIndex);
}
public function logout($returnTo = null, $parameters = array(), $nameId = null, $sessionIndex = null)
{
parent::logout($returnTo, $parameters, $nameId, $sessionIndex);
}
