From 77499230a24387a979073f2a25a5f02010b898a2 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@owncloud.com>
Date: Wed, 29 Jun 2016 11:10:59 +0200
Subject: [PATCH] Only show logout if SLO is set

Fixes https://github.com/nextcloud/user_saml/issues/10
---
 lib/samlsettings.php | 17 +++++++++--------
 lib/userbackend.php  |  6 +++++-
 2 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/lib/samlsettings.php b/lib/samlsettings.php
index 07adddd..edd7375 100644
--- a/lib/samlsettings.php
+++ b/lib/samlsettings.php
@@ -63,18 +63,12 @@ class SAMLSettings {
 				'assertionConsumerService' => [
 					'url' => $this->urlGenerator->linkToRouteAbsolute('user_saml.SAML.assertionConsumerService'),
 				],
-				'singleLogoutService' => [
-					'url' => $this->urlGenerator->linkToRouteAbsolute('user_saml.SAML.singleLogoutService'),
-				],
 			],
 			'idp' => [
 				'entityId' => $this->config->getAppValue('user_saml', 'idp-entityId', ''),
 				'singleSignOnService' => [
 					'url' => $this->config->getAppValue('user_saml', 'idp-singleSignOnService.url', ''),
 				],
-				'singleLogoutService' => [
-					'url' => $this->config->getAppValue('user_saml', 'idp-singleLogoutService.url', ''),
-				],
 			],
 		];
 
@@ -93,8 +87,15 @@ class SAMLSettings {
 			$settings['idp']['x509cert'] = $idpx509cert;
 		}
 
-
-
+		$slo = $this->config->getAppValue('user_saml', 'idp-singleLogoutService.url', '');
+		if($slo !== '') {
+			$settings['idp']['singleLogoutService'] = [
+				'url' => $this->config->getAppValue('user_saml', 'idp-singleLogoutService.url', ''),
+			];
+			$settings['sp']['singleLogoutService'] = [
+				'url' => $this->urlGenerator->linkToRouteAbsolute('user_saml.SAML.singleLogoutService'),
+			];
+		}
 
 		return $settings;
 	}
diff --git a/lib/userbackend.php b/lib/userbackend.php
index b248ebd..4b286b3 100644
--- a/lib/userbackend.php
+++ b/lib/userbackend.php
@@ -154,7 +154,11 @@ class UserBackend implements IApacheBackend, UserInterface, IUserBackend {
 	 * @since 6.0.0
 	 */
 	public function getLogoutAttribute() {
-		// FIXME: Detect if SLO is configured
+		$slo = $this->config->getAppValue('user_saml', 'idp-singleLogoutService.url', '');
+		if($slo === '') {
+			return 'style="display:none;"';
+		}
+
 		return 'href="'.$this->urlGenerator->linkToRouteAbsolute('user_saml.SAML.singleLogoutService').'?requesttoken='.urlencode(\OC::$server->getCsrfTokenManager()->getToken()->getEncryptedValue()).'"';
 	}