From 04fcb5387bd2b23f9032d7f86552f41e82b443ef Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= <clement.oudot@worteks.com>
Date: Mon, 16 Dec 2019 15:04:20 +0100
Subject: [PATCH] use NameId format, name qualifier and name SP qualifier in
 SAML logout request
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Clément OUDOT <clement.oudot@worteks.com>
---
 lib/Controller/SAMLController.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/lib/Controller/SAMLController.php b/lib/Controller/SAMLController.php
index c0dffab..7badc3d 100644
--- a/lib/Controller/SAMLController.php
+++ b/lib/Controller/SAMLController.php
@@ -279,6 +279,9 @@ class SAMLController extends Controller {
 
 		$this->session->set('user_saml.samlUserData', $auth->getAttributes());
 		$this->session->set('user_saml.samlNameId', $auth->getNameId());
+		$this->session->set('user_saml.samlNameIdFormat', $auth->getNameIdFormat());
+		$this->session->set('user_saml.samlNameIdNameQualifier', $auth->getNameIdNameQualifier());
+		$this->session->set('user_saml.samlNameIdNameSPQualifier', $auth->getNameIdNameSPQualifier());
 		$this->session->set('user_saml.samlSessionIndex', $auth->getSessionIndex());
 		$this->session->set('user_saml.samlSessionExpiration', $auth->getSessionExpiration());
 		try {
@@ -355,8 +358,11 @@ class SAMLController extends Controller {
 				// If request is not from IDP, we must send him the logout request
 				$parameters = array();
 				$nameId = $this->session->get('user_saml.samlNameId');
+				$nameIdFormat = $this->session->get('user_saml.samlNameIdFormat');
+				$nameIdNameQualifier = $this->session->get('user_saml.samlNameIdNameQualifier');
+				$nameIdNameSPQualifier = $this->session->get('user_saml.samlNameIdNameSPQualifier');
 				$sessionIndex = $this->session->get('user_saml.samlSessionIndex');
-				$targetUrl = $auth->logout(null, [], $nameId, $sessionIndex, $stay);
+				$targetUrl = $auth->logout(null, [], $nameId, $sessionIndex, $stay, $nameIdFormat, $nameIdNameQualifier, $nameIdNameSPQualifier);
 			}
 			if(!empty($targetUrl) && !$auth->getLastErrorReason()){
 				$this->userSession->logout();