db/d07/www_2idp_2logout-iframe_8php_source.html

<?php


if (!isset($_REQUEST['id'])) {

    throw new SimpleSAML_Error_BadRequest('Missing required parameter: id');

}


if (isset($_REQUEST['type'])) {

    $type = (string) $_REQUEST['type'];

    if (!in_array($type, array('init', 'js', 'nojs', 'embed'), true)) {

        throw new SimpleSAML_Error_BadRequest('Invalid value for type.');

    }

} else {

    $type = 'init';

}


if ($type !== 'embed') {

    SimpleSAML\Logger::stats('slo-iframe '.$type);

    SimpleSAML_Stats::log('core:idp:logout-iframe:page', array('type' => $type));

}


$state = SimpleSAML_Auth_State::loadState($_REQUEST['id'], 'core:Logout-IFrame');

$idp = SimpleSAML_IdP::getByState($state);

$mdh = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();


if ($type !== 'init') { // update association state

    foreach ($state['core:Logout-IFrame:Associations'] as $assocId => &$sp) {

        $spId = sha1($assocId);


        // move SPs from 'onhold' to 'inprogress'

        if ($sp['core:Logout-IFrame:State'] === 'onhold') {

            $sp['core:Logout-IFrame:State'] = 'inprogress';

        }


        // check for update through request

        if (isset($_REQUEST[$spId])) {

            $s = $_REQUEST[$spId];

            if ($s == 'completed' || $s == 'failed') {

                $sp['core:Logout-IFrame:State'] = $s;

            }

        }


        // check for timeout

        if (isset($sp['core:Logout-IFrame:Timeout']) && $sp['core:Logout-IFrame:Timeout'] < time()) {

            if ($sp['core:Logout-IFrame:State'] === 'inprogress') {

                $sp['core:Logout-IFrame:State'] = 'failed';

            }

        }


        // update the IdP

        if ($sp['core:Logout-IFrame:State'] === 'completed') {

            $idp->terminateAssociation($assocId);

        }


        if (!isset($sp['core:Logout-IFrame:Timeout'])) {

            if (method_exists($sp['Handler'], 'getAssociationConfig')) {

                $assocIdP = SimpleSAML_IdP::getByState($sp);

                $assocConfig = call_user_func(array($sp['Handler'], 'getAssociationConfig'), $assocIdP, $sp);

                $sp['core:Logout-IFrame:Timeout'] = $assocConfig->getInteger('core:logout-timeout', 5) + time();

            } else {

                $sp['core:Logout-IFrame:Timeout'] = time() + 5;

            }

        }

    }

}


$associations = $idp->getAssociations();

foreach ($state['core:Logout-IFrame:Associations'] as $assocId => &$sp) {

    // in case we are refreshing a page

    if (!isset($associations[$assocId])) {

        $sp['core:Logout-IFrame:State'] = 'completed';

    }


    try {

        $assocIdP = SimpleSAML_IdP::getByState($sp);

        $url = call_user_func(array($sp['Handler'], 'getLogoutURL'), $assocIdP, $sp, null);

        $sp['core:Logout-IFrame:URL'] = $url;

    } catch (Exception $e) {

        $sp['core:Logout-IFrame:State'] = 'failed';

    }

}


// get the metadata of the service that initiated logout, if any

$terminated = null;

if ($state['core:TerminatedAssocId'] !== null) {

    $mdset = 'saml20-sp-remote';

    if (substr($state['core:TerminatedAssocId'], 0, 4) === 'adfs') {

        $mdset = 'adfs-sp-remote';

    }

    $terminated = $mdh->getMetaDataConfig($state['saml:SPEntityId'], $mdset)->toArray();

}


// build an array with information about all services currently logged in

$remaining = array();

foreach ($state['core:Logout-IFrame:Associations'] as $association) {

    $key = sha1($association['id']);

    $mdset = 'saml20-sp-remote';

    if (substr($association['id'], 0, 4) === 'adfs') {

        $mdset = 'adfs-sp-remote';

    }


    $remaining[$key] = array(

        'id' => $association['id'],

        'expires_on' => $association['Expires'],

        'entityID' => $association['saml:entityID'],

        'subject' => $association['saml:NameID'],

        'status' => $association['core:Logout-IFrame:State'],

        'logoutURL' => $association['core:Logout-IFrame:URL'],

        'metadata' => $mdh->getMetaDataConfig($association['saml:entityID'], $mdset)->toArray(),

    );

    if (isset($association['core:Logout-IFrame:Timeout'])) {

        $remaining[$key]['timeout'] = $association['core:Logout-IFrame:Timeout'];

    }

}


$id = SimpleSAML_Auth_State::saveState($state, 'core:Logout-IFrame');

$globalConfig = SimpleSAML_Configuration::getInstance();


$template_id = 'core:logout-iframe.php';

if ($type === 'nojs') {

    $template_id = 'core:logout-iframe-wrapper.php';

}


$t = new SimpleSAML_XHTML_Template($globalConfig, $template_id);

$t->data['auth_state'] = $id;

$t->data['id'] = $id;

$t->data['type'] = $type;

$t->data['terminated_service'] = $terminated;

$t->data['remaining_services'] = $remaining;


$t->data['from'] = $state['core:Logout-IFrame:From'];


$t->data['SPs'] = $state['core:Logout-IFrame:Associations'];


if ($type !== 'nojs') {

    $t->data['jquery'] = array('core' => true, 'ui' => false, 'css' => false);

}


$t->show();

php
An exception for terminatinating execution or to throw for unit testing.

SimpleSAML\Logger\stats
static stats($string)
Definition: Logger.php:224

SimpleSAML_Auth_State\saveState
static saveState(&$state, $stage, $rawId=false)
Save the state.
Definition: State.php:194

SimpleSAML_Auth_State\loadState
static loadState($id, $stage, $allowMissing=false)
Retrieve saved state.
Definition: State.php:259

SimpleSAML_Configuration\getInstance
static getInstance($instancename='simplesaml')
Get a configuration file by its instance name.
Definition: Configuration.php:297

SimpleSAML_Error_BadRequest
Definition: BadRequest.php:12

SimpleSAML_IdP\getByState
static getByState(array &$state)
Retrieve the IdP "owning" the state.
Definition: IdP.php:152

SimpleSAML_Metadata_MetaDataStorageHandler\getMetadataHandler
static getMetadataHandler()
This function retrieves the current instance of the metadata handler.
Definition: MetaDataStorageHandler.php:40

SimpleSAML_Stats\log
static log($event, array $data=array())
Notify about an event.
Definition: Stats.php:71

SimpleSAML_XHTML_Template
Definition: Template.php:17

$key
$key
Definition: croninfo.php:18

$association
if(!isset($associations[$assocId])) $association
Definition: logout-iframe-post.php:23

$assocId
if(!isset($_REQUEST['association'])) $assocId
Definition: logout-iframe-post.php:12

$url
$url
Definition: proxy_ylocal.php:28

$s
$s
Definition: pwgen.php:45

$type
$type
Definition: logout-iframe.php:4

$id
$id
Definition: logout-iframe.php:3

$associations
if($type !=='init') $associations
Definition: logout-iframe.php:66

$terminated
foreach($state['core:Logout-IFrame:Associations'] as $assocId=> &$sp) $terminated
Definition: logout-iframe.php:83

$template_id
$template_id
Definition: logout-iframe.php:118

$remaining
if($state['core:TerminatedAssocId'] !==null) $remaining
Definition: logout-iframe.php:93

$t
if($type==='nojs') $t
Definition: logout-iframe.php:123

$idp
$idp
Definition: logout-iframe.php:22

$globalConfig
$globalConfig
Definition: logout-iframe.php:116

$mdh
$mdh
Definition: logout-iframe.php:23

$state
if($type !=='embed') $state
Definition: logout-iframe.php:21