| public logout ( string | null $returnTo = null, array $parameters = [], string | null $nameId = null, string | null $sessionIndex = null, boolean $stay = false, string | null $nameIdFormat = null ) : If | ||
| $returnTo | string | null | The target URL the user should be returned to after logout. |
| $parameters | array | Extra parameters to be added to the GET |
| $nameId | string | null | The NameID that will be set in the LogoutRequest. |
| $sessionIndex | string | null | The SessionIndex (taken from the SAML Response in the SSO process). |
| $stay | boolean | True if we want to stay (returns the url string) False to redirect |
| $nameIdFormat | string | null | The NameID Format will be set in the LogoutRequest. |
| return | If | $stay is True, it return a string with the SLO URL + LogoutRequest + parameters |
public function logout($returnTo = null, $parameters = array(), $nameId = null, $sessionIndex = null, $stay = false, $nameIdFormat = null)
{
assert('is_array($parameters)');
$sloUrl = $this->getSLOurl();
if (empty($sloUrl)) {
throw new OneLogin_Saml2_Error('The IdP does not support Single Log Out', OneLogin_Saml2_Error::SAML_SINGLE_LOGOUT_NOT_SUPPORTED);
}
if (empty($nameId) && !empty($this->_nameid)) {
$nameId = $this->_nameid;
}
$logoutRequest = new OneLogin_Saml2_LogoutRequest($this->_settings, null, $nameId, $sessionIndex, $nameIdFormat);
$this->_lastRequestID = $logoutRequest->id;
$samlRequest = $logoutRequest->getRequest();
$parameters['SAMLRequest'] = $samlRequest;
if (!empty($returnTo)) {
$parameters['RelayState'] = $returnTo;
} else {
$parameters['RelayState'] = OneLogin_Saml2_Utils::getSelfRoutedURLNoQuery();
}
$security = $this->_settings->getSecurityData();
if (isset($security['logoutRequestSigned']) && $security['logoutRequestSigned']) {
$signature = $this->buildRequestSignature($samlRequest, $parameters['RelayState'], $security['signatureAlgorithm']);
$parameters['SigAlg'] = $security['signatureAlgorithm'];
$parameters['Signature'] = $signature;
}
return $this->redirectTo($sloUrl, $parameters, $stay);
} /**
* Tests the logout method of the OneLogin_Saml2_Auth class
* Case IdP no SLO endpoint.
*
* @covers OneLogin_Saml2_Auth::logout
*/
public function testLogoutNoSLO()
{
$settingsDir = TEST_ROOT . '/settings/';
include $settingsDir . 'settings1.php';
unset($settingsInfo['idp']['singleLogoutService']);
$auth = new OneLogin_Saml2_Auth($settingsInfo);
try {
$returnTo = 'http://example.com/returnto';
$auth->logout($returnTo);
$this->assertFalse(true);
} catch (Exception $e) {
$this->assertContains('The IdP does not support Single Log Out', $e->getMessage());
}
}
