mirror of
https://github.com/netzbegruenung/user_saml.git
synced 2024-05-04 10:03:42 +02:00
Add logging for SLO errors
To make debugging SLO errors easier, this adds logging for any encountered error in that phase. This is similar to the logging already done on the ACS handling. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
This commit is contained in:
parent
32a672a547
commit
10cf853b15
|
@ -427,11 +427,19 @@ class SAMLController extends Controller {
|
|||
$idp = $this->session->get('user_saml.Idp');
|
||||
$auth = new Auth($this->SAMLSettings->getOneLoginSettingsArray($idp));
|
||||
$stay = true ; // $auth will return the redirect URL but won't perform the redirect himself
|
||||
if($isFromIDP){
|
||||
if ($isFromIDP) {
|
||||
$keepLocalSession = true ; // do not let processSLO to delete the entire session. Let userSession->logout do the job
|
||||
$targetUrl = $auth->processSLO($keepLocalSession, null, false, null, $stay);
|
||||
|
||||
$errors = $auth->getErrors();
|
||||
if (!empty($errors)) {
|
||||
foreach($errors as $error) {
|
||||
$this->logger->error($error, ['app' => $this->appName]);
|
||||
}
|
||||
$this->logger->error($auth->getLastErrorReason(), ['app' => $this->appName]);
|
||||
}
|
||||
} else {
|
||||
// If request is not from IDP, we must send him the logout request
|
||||
// If request is not from IDP, we send the logout request to the IDP
|
||||
$parameters = array();
|
||||
$nameId = $this->session->get('user_saml.samlNameId');
|
||||
$nameIdFormat = $this->session->get('user_saml.samlNameIdFormat');
|
||||
|
|
Loading…
Reference in a new issue