ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
logout-iframe-post.php
Go to the documentation of this file.
1 <?php
2 
3 if (!isset($_REQUEST['idp'])) {
4  throw new SimpleSAML_Error_BadRequest('Missing "idp" parameter.');
5 }
6 $idp = (string) $_REQUEST['idp'];
7 $idp = SimpleSAML_IdP::getById($idp);
8 
9 if (!isset($_REQUEST['association'])) {
10  throw new SimpleSAML_Error_BadRequest('Missing "association" parameter.');
11 }
12 $assocId = urldecode($_REQUEST['association']);
13 
14 $relayState = null;
15 if (isset($_REQUEST['RelayState'])) {
16  $relayState = (string) $_REQUEST['RelayState'];
17 }
18 
19 $associations = $idp->getAssociations();
20 if (!isset($associations[$assocId])) {
21  throw new SimpleSAML_Error_BadRequest('Invalid association id.');
22 }
23 $association = $associations[$assocId];
24 
25 $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
26 $idpMetadata = $idp->getConfig();
27 $spMetadata = $metadata->getMetaDataConfig($association['saml:entityID'], 'saml20-sp-remote');
28 
29 $lr = sspmod_saml_Message::buildLogoutRequest($idpMetadata, $spMetadata);
30 $lr->setSessionIndex($association['saml:SessionIndex']);
31 $lr->setNameId($association['saml:NameID']);
32 
33 $assertionLifetime = $spMetadata->getInteger('assertion.lifetime', null);
34 if ($assertionLifetime === null) {
35  $assertionLifetime = $idpMetadata->getInteger('assertion.lifetime', 300);
36 }
37 $lr->setNotOnOrAfter(time() + $assertionLifetime);
38 
39 $encryptNameId = $spMetadata->getBoolean('nameid.encryption', null);
40 if ($encryptNameId === null) {
41  $encryptNameId = $idpMetadata->getBoolean('nameid.encryption', false);
42 }
43 if ($encryptNameId) {
44  $lr->encryptNameId(sspmod_saml_Message::getEncryptionKey($spMetadata));
45 }
46 
47 SimpleSAML_Stats::log('saml:idp:LogoutRequest:sent', array(
48  'spEntityID' => $association['saml:entityID'],
49  'idpEntityID' => $idpMetadata->getString('entityid'),
50 ));
51 
52 $bindings = array(\SAML2\Constants::BINDING_HTTP_POST);
53 
54 $dst = $spMetadata->getDefaultEndpoint('SingleLogoutService', $bindings);
55 $binding = \SAML2\Binding::getBinding($dst['Binding']);
56 $lr->setDestination($dst['Location']);
57 $lr->setRelayState($relayState);
58 
59 $binding->send($lr);
SimpleSAML_Metadata_MetaDataStorageHandler\getMetadataHandler
static getMetadataHandler()
This function retrieves the current instance of the metadata handler.
Definition: MetaDataStorageHandler.php:40
$dst
$dst
Definition: logout-iframe-post.php:54
$assertionLifetime
$assertionLifetime
Definition: logout-iframe-post.php:33
SimpleSAML_IdP\getById
static getById($id)
Retrieve an IdP by ID.
Definition: IdP.php:124
SAML2\Binding\getBinding
static getBinding($urn)
Retrieve a binding with the given URN.
Definition: Binding.php:28
$associations
if(isset($_REQUEST['RelayState'])) $associations
Definition: logout-iframe-post.php:19
$metadata
$metadata
Definition: logout-iframe-post.php:25
sspmod_saml_Message\buildLogoutRequest
static buildLogoutRequest(SimpleSAML_Configuration $srcMetadata, SimpleSAML_Configuration $dstMetadata)
Build a logout request based on information in the metadata.
Definition: Message.php:536
$spMetadata
$spMetadata
Definition: logout-iframe-post.php:27
$encryptNameId
$encryptNameId
Definition: logout-iframe-post.php:39
$bindings
$bindings
Definition: logout-iframe-post.php:52
SimpleSAML_Error_BadRequest
Definition: BadRequest.php:12
$relayState
$relayState
Definition: logout-iframe-post.php:14
sspmod_saml_Message\getEncryptionKey
static getEncryptionKey(SimpleSAML_Configuration $metadata)
Retrieve the encryption key for the given entity.
Definition: Message.php:865
$association
if(!isset($associations[$assocId])) $association
Definition: logout-iframe-post.php:23
$lr
$lr
Definition: logout-iframe-post.php:29
$idp
if(!isset($_REQUEST['idp'])) $idp
Definition: logout-iframe-post.php:6
$idpMetadata
$idpMetadata
Definition: logout-iframe-post.php:26
$assocId
if(!isset($_REQUEST['association'])) $assocId
Definition: logout-iframe-post.php:12
$binding
$binding
Definition: logout-iframe-post.php:55
SimpleSAML_Stats\log
static log($event, array $data=array())
Notify about an event.
Definition: Stats.php:71