1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
<?php
declare(strict_types=1);
namespace SimpleSAML\IdP;
use SimpleSAML\Auth;
use SimpleSAML\Configuration;
use SimpleSAML\Error;
use SimpleSAML\IdP;
use SimpleSAML\Module;
use SimpleSAML\Utils;
use SimpleSAML\XHTML\Template;
/**
* Class that handles iframe logout.
*
* @package SimpleSAMLphp
*/
class IFrameLogoutHandler implements LogoutHandlerInterface
{
/**
* The IdP we are logging out from.
*
* @var \SimpleSAML\IdP
*/
private $idp;
/**
* LogoutIFrame constructor.
*
* @param \SimpleSAML\IdP $idp The IdP to log out from.
*/
public function __construct(IdP $idp)
{
$this->idp = $idp;
}
/**
* Start the logout operation.
*
* @param array &$state The logout state.
* @param string|null $assocId The SP we are logging out from.
* @return void
*/
public function startLogout(array &$state, $assocId)
{
assert(is_string($assocId) || $assocId === null);
$associations = $this->idp->getAssociations();
if (count($associations) === 0) {
$this->idp->finishLogout($state);
}
foreach ($associations as $id => &$association) {
$idp = IdP::getByState($association);
$association['core:Logout-IFrame:Name'] = $idp->getSPName($id);
$association['core:Logout-IFrame:State'] = 'onhold';
}
$state['core:Logout-IFrame:Associations'] = $associations;
if (!is_null($assocId)) {
$spName = $this->idp->getSPName($assocId);
if ($spName === null) {
$spName = ['en' => $assocId];
}
$state['core:Logout-IFrame:From'] = $spName;
} else {
$state['core:Logout-IFrame:From'] = null;
}
$params = [
'id' => Auth\State::saveState($state, 'core:Logout-IFrame'),
];
if (isset($state['core:Logout-IFrame:InitType'])) {
$params['type'] = $state['core:Logout-IFrame:InitType'];
}
$url = Module::getModuleURL('core/idp/logout-iframe.php', $params);
Utils\HTTP::redirectTrustedURL($url);
}
/**
* Continue the logout operation.
*
* This function will never return.
*
* @param string $assocId The association that is terminated.
* @param string|null $relayState The RelayState from the start of the logout.
* @param \SimpleSAML\Error\Exception|null $error The error that occurred during session termination (if any).
* @return void
*/
public function onResponse($assocId, $relayState, Error\Exception $error = null)
{
assert(is_string($assocId));
$this->idp->terminateAssociation($assocId);
$config = Configuration::getInstance();
$t = new Template($config, 'IFrameLogoutHandler.tpl.php');
$t->data['assocId'] = var_export($assocId, true);
$t->data['spId'] = sha1($assocId);
if (!is_null($error)) {
$t->data['errorMsg'] = $error->getMessage();
}
$t->show();
}
}
|
