Skip to content

Commit 4772b86

Browse files
pitbulkpitbulk
authored
Improve logout documentation on Readme.
1 parent fe3a635 commit 4772b86

File tree

1 file changed

+28
-3
lines changed

1 file changed

+28
-3
lines changed

README.md

Lines changed: 28 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -721,6 +721,7 @@ if (isset($_SESSION) && isset($_SESSION['AuthNRequestID'])) {
721721
}
722722

723723
$auth->processResponse($requestID);
724+
unset($_SESSION['AuthNRequestID']);
724725

725726
$errors = $auth->getErrors();
726727

@@ -736,6 +737,9 @@ if (!$auth->isAuthenticated()) {
736737

737738
$_SESSION['samlUserdata'] = $auth->getAttributes();
738739
$_SESSION['samlNameId'] = $auth->getNameId();
740+
$_SESSION['samlNameIdFormat'] = $auth->getNameIdFormat();
741+
$_SESSION['samlSessionIndex'] = $auth->getSessionIndex();
742+
739743
if (isset($_POST['RelayState']) && OneLogin_Saml2_Utils::getSelfURL() != $_POST['RelayState']) {
740744
$auth->redirectTo($_POST['RelayState']);
741745
}
@@ -961,12 +965,14 @@ $auth = new OneLogin_Saml2_Auth();
961965
$auth->logout(); // Method that sent the Logout Request.
962966
```
963967

964-
Also there are three optional parameters that can be set:
965-
968+
Also there are six optional parameters that can be set:
969+
* `$returnTo` - The target URL the user should be returned to after logout.
970+
* `$parameters` - Extra parameters to be added to the GET.
966971
* `$name_id` - That will be used to build the LogoutRequest. If `name_id` parameter is not set and the auth object processed a
967972
SAML Response with a `NameId`, then this `NameId` will be used.
968973
* `$session_index` - SessionIndex that identifies the session of the user.
969-
* `$strict` - True if we want to stay (returns the url string) False to redirect.
974+
* `$stay` - True if we want to stay (returns the url string) False to redirect.
975+
* `$nameIdFormat` - The NameID Format will be set in the LogoutRequest.
970976

971977
The Logout Request will be sent signed or unsigned based on the security
972978
info of the `advanced_settings.php` (`'logoutRequestSigned'`).
@@ -985,6 +991,25 @@ $newTargetUrl = 'http://example.com/loggedOut.php';
985991
$auth = new OneLogin_Saml2_Auth();
986992
$auth->logout($newTargetUrl);
987993
```
994+
A more complex logout with all the parameters:
995+
```
996+
$auth = new OneLogin_Saml2_Auth();
997+
$returnTo = null;
998+
$paramters = array();
999+
$nameId = null;
1000+
$sessionIndex = null;
1001+
$nameIdFormat = null;
1002+
if (isset($_SESSION['samlNameId'])) {
1003+
$nameId = $_SESSION['samlNameId'];
1004+
}
1005+
if (isset($_SESSION['samlSessionIndex'])) {
1006+
$sessionIndex = $_SESSION['samlSessionIndex'];
1007+
}
1008+
if (isset($_SESSION['samlNameIdFormat'])) {
1009+
$nameIdFormat = $_SESSION['samlNameIdFormat'];
1010+
}
1011+
$auth->logout($returnTo, $paramters, $nameId, $sessionIndex, false, $nameIdFormat);
1012+
```
9881013

9891014
If a match on the future LogoutResponse ID and the LogoutRequest ID to be sent is required, that LogoutRequest ID must to be extracted and stored.
9901015

0 commit comments

Comments
 (0)