-
Notifications
You must be signed in to change notification settings - Fork 672
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Azure Logout Issues #1847
Comments
What happens if in |
Azure doesn't pass anything.. What you're doing here is restoring the state that you had before the |
I did think that, just tried to do it again and unfortunately the same issue persists. |
What version are you running? |
Latest, 2.0.5. |
OK thanks, I was confused because you use the |
To be honest, I might need to write it again or something. I had this SimpleSAML project lying around which was pretty out of date so I updated it to 2.0.5 and tried to integrate into AAD. Had some teething issues but seemed ok mostly. I have updated it from lib to src just to be sure that wasnt causing any issues. By SingleLogout, what do you mean? Sorry aha, if there is a better logout function I would be more than happy to hear it. I was just looking at the docs which had this method. |
The functionality you're trying to use is called Anyway, I'm thinking maybe the state isn't saved before the
|
Ignore my deleted message - I added that line in but same error unfortunately. |
Curious to know if |
Unfortunately leads to the same issue. Let me know what I can do to help with debugging if that is something you need, please. :) |
More hours in a day basically :) All of us have day-jobs |
Aha yeah if only lol. Just came back from work to see if I could find any glaring issues but seems ok. Just ping whenever those magical extra hours appear haha. |
Deleted a message again? Because that seemed like it did what it's supposed to do.. |
Sorry, yes it was deleted... I turned off my debugging messaged lol. Unless all this is happening because of that buggy SingleLogout which it shouldnt be from what was mentioned.
<?php
ini_set('display_errors', 1);
error_reporting(E_ALL);
require_once('/var/www/simplesamlphp/src/_autoload.php');
try {
if ($_REQUEST['LogoutState']) {
$state = \SimpleSAML\Auth\State::loadState((string)$_REQUEST['LogoutState'], 'MyLogoutState');
} else {
echo "Were you logged in?";
exit;
}
} catch (Exception $e) {
echo 'Caught exception: ', $e->getMessage(), "\n";
exit;
}
$ls = $state['saml:sp:LogoutStatus']; /* Only works for SAML SP */
if ($ls['Code'] === 'urn:oasis:names:tc:SAML:2.0:status:Success' && !isset($ls['SubCode'])) {
// Successful logout.
echo("You have been logged out.");
} else {
// Logout failed. Tell the user to close the browser.
echo("We were unable to log you out of all your sessions. To be completely sure that you are logged out, you need to close your web browser.");
} Browser Page:
|
Maybe my fellow devs have an idea :) |
Hmm, a change in behaviour again... I just was messing around with that ServiceProvider and there was a few discrepancies. My return was different. So this is the new behaviour. Seems like the
$state = $this->authState::loadState($relayState, 'saml:slosent');
$state['saml:sp:LogoutStatus'] = $message->getStatus();
$this->authState::saveState($state, 'LogoutState');
return $source::completeLogout($state);
} elseif ($message instanceof LogoutRequest) {
Logger::debug('module/saml2/sp/logout: Request from ' . $idpEntityId); |
OK, I think I understand what's happening here. If there is no SLO-endpoint available, the user will be immediately redirected to |
Describe the bug
I have setup a custom SAML Enterprise Application on Azure Active Directory. I am trying to use SimpleSAML to authenticate through Azure for some local applications. However I am having issues with the logout section. It logs out fine however in my
logged_out.php
it errors out:Here is my
logout.php
file for reference:And here is my
logged_out.php
for reference:To Reproduce
Steps to reproduce the behaviour:
Expected behaviour
Tell me that I have successfully logged out
Additional context
Just note that Azure does log me out, it just does not pass the correct information it seems.
If there is anything I am missing please let me know so I can send it in.
This is what I was originally getting:
Undefined array key "saml:sp:LogoutStatus" in /var/www/sso/logged_out.php
The text was updated successfully, but these errors were encountered: