NB-Public
/
user_saml
mirror of https://github.com/netzbegruenung/user_saml.git
14
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add logging for SLO errors 

To make debugging SLO errors easier, this adds logging for any
encountered error in that phase.

This is similar to the logging already done on the ACS handling.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
This commit is contained in:
Lukas Reschke 2021-02-15 19:08:31 +00:00 committed by GitHub
parent 32a672a547
commit 10cf853b15
1 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
lib/Controller/SAMLController.php
View File

@ -427,11 +427,19 @@ class SAMLController extends Controller {
$idp = $this->session->get('user_saml.Idp');
$auth = new Auth($this->SAMLSettings->getOneLoginSettingsArray($idp));
$stay = true ; // $auth will return the redirect URL but won't perform the redirect himself
if($isFromIDP){
if ($isFromIDP) {
$keepLocalSession = true ; // do not let processSLO to delete the entire session. Let userSession->logout do the job
$targetUrl = $auth->processSLO($keepLocalSession, null, false, null, $stay);
$errors = $auth->getErrors();
if (!empty($errors)) {
foreach($errors as $error) {
$this->logger->error($error, ['app' => $this->appName]);
}
$this->logger->error($auth->getLastErrorReason(), ['app' => $this->appName]);
}
} else {
// If request is not from IDP, we must send him the logout request
// If request is not from IDP, we send the logout request to the IDP
$parameters = array();
$nameId = $this->session->get('user_saml.samlNameId');
$nameIdFormat = $this->session->get('user_saml.samlNameIdFormat');