Skip to content

Commit acf61a8

Browse files
committed
add getSLOResponseUrl(), add check for setting ['singleLogoutService']['responseUrl']
1 parent 35efa30 commit acf61a8

2 files changed

Lines changed: 24 additions & 1 deletion

File tree

lib/Saml2/Auth.php

Lines changed: 16 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -285,7 +285,7 @@ public function processSLO($keepLocalSession = false, $requestId = null, $retrie
285285
$parameters['Signature'] = $signature;
286286
}
287287

288-
return $this->redirectTo($this->getSLOurl(), $parameters, $stay);
288+
return $this->redirectTo($this->getSLOResponseUrl(), $parameters, $stay);
289289
}
290290
} else {
291291
$this->_errors[] = 'invalid_binding';
@@ -581,6 +581,21 @@ public function getSLOurl()
581581
return $url;
582582
}
583583

584+
/**
585+
* Gets the SLO response url.
586+
*
587+
* @return string|null The response url of the Single Logout Service
588+
*/
589+
public function getSLOResponseUrl()
590+
{
591+
$url = null;
592+
$idpData = $this->_settings->getIdPData();
593+
if (isset($idpData['singleLogoutService']) && isset($idpData['singleLogoutService']['responseUrl'])) {
594+
return $idpData['singleLogoutService']['responseUrl'];
595+
}
596+
return $this->getSLOurl();
597+
}
598+
584599
/**
585600
* Gets the ID of the last AuthNRequest or LogoutRequest generated by the Service Provider.
586601
*

lib/Saml2/Settings.php

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -531,6 +531,14 @@ public function checkIdPSettings($settings)
531531
$errors[] = 'idp_slo_url_invalid';
532532
}
533533

534+
if (isset($idp['singleLogoutService'])
535+
&& isset($idp['singleLogoutService']['responseUrl'])
536+
&& !empty($idp['singleLogoutService']['responseUrl'])
537+
&& !filter_var($idp['singleLogoutService']['responseUrl'], FILTER_VALIDATE_URL)
538+
) {
539+
$errors[] = 'idp_slo_response_url_invalid';
540+
}
541+
534542
if (isset($settings['security'])) {
535543
$security = $settings['security'];
536544

0 commit comments

Comments
 (0)