From 91866608b696be73f2fd2de4499ee0126dba22ae Mon Sep 17 00:00:00 2001 From: Jacob Klapwijk Date: Thu, 4 Mar 2021 10:46:17 +0100 Subject: [PATCH] Use idp_slo_service_url instead of idp_slo_target_url in LogoutRequest --- lib/onelogin/ruby-saml/logoutrequest.rb | 8 ++++---- test/logoutrequest_test.rb | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/lib/onelogin/ruby-saml/logoutrequest.rb b/lib/onelogin/ruby-saml/logoutrequest.rb index 0187b2f34..4f7c2d78e 100644 --- a/lib/onelogin/ruby-saml/logoutrequest.rb +++ b/lib/onelogin/ruby-saml/logoutrequest.rb @@ -32,14 +32,14 @@ def request_id # def create(settings, params={}) params = create_params(settings, params) - params_prefix = (settings.idp_slo_target_url =~ /\?/) ? '&' : '?' + params_prefix = (settings.idp_slo_service_url =~ /\?/) ? '&' : '?' saml_request = CGI.escape(params.delete("SAMLRequest")) request_params = "#{params_prefix}SAMLRequest=#{saml_request}" params.each_pair do |key, value| request_params << "&#{key.to_s}=#{CGI.escape(value.to_s)}" end - raise SettingError.new "Invalid settings, idp_slo_target_url is not set!" if settings.idp_slo_target_url.nil? or settings.idp_slo_target_url.empty? - @logout_url = settings.idp_slo_target_url + request_params + raise SettingError.new "Invalid settings, idp_slo_service_url is not set!" if settings.idp_slo_service_url.nil? or settings.idp_slo_service_url.empty? + @logout_url = settings.idp_slo_service_url + request_params end # Creates the Get parameters for the logout request. @@ -109,7 +109,7 @@ def create_xml_document(settings) root.attributes['ID'] = uuid root.attributes['IssueInstant'] = time root.attributes['Version'] = "2.0" - root.attributes['Destination'] = settings.idp_slo_target_url unless settings.idp_slo_target_url.nil? or settings.idp_slo_target_url.empty? + root.attributes['Destination'] = settings.idp_slo_service_url unless settings.idp_slo_service_url.nil? or settings.idp_slo_service_url.empty? if settings.sp_entity_id issuer = root.add_element "saml:Issuer" diff --git a/test/logoutrequest_test.rb b/test/logoutrequest_test.rb index 520b53b09..739c13973 100644 --- a/test/logoutrequest_test.rb +++ b/test/logoutrequest_test.rb @@ -8,7 +8,7 @@ class RequestTest < Minitest::Test let(:settings) { OneLogin::RubySaml::Settings.new } before do - settings.idp_slo_target_url = "http://unauth.com/logout" + settings.idp_slo_service_url = "http://unauth.com/logout" settings.name_identifier_value = "f00f00" end @@ -43,7 +43,7 @@ class RequestTest < Minitest::Test end it "set sessionindex" do - settings.idp_slo_target_url = "http://example.com" + settings.idp_slo_service_url = "http://example.com" sessionidx = OneLogin::RubySaml::Utils.uuid settings.sessionindex = sessionidx @@ -75,7 +75,7 @@ class RequestTest < Minitest::Test describe "when the target url contains a query string" do it "create the SAMLRequest parameter correctly" do - settings.idp_slo_target_url = "http://example.com?field=value" + settings.idp_slo_service_url = "http://example.com?field=value" unauth_url = OneLogin::RubySaml::Logoutrequest.new.create(settings) assert_match /^http:\/\/example.com\?field=value&SAMLRequest/, unauth_url @@ -84,7 +84,7 @@ class RequestTest < Minitest::Test describe "consumation of logout may need to track the transaction" do it "have access to the request uuid" do - settings.idp_slo_target_url = "http://example.com?field=value" + settings.idp_slo_service_url = "http://example.com?field=value" unauth_req = OneLogin::RubySaml::Logoutrequest.new unauth_url = unauth_req.create(settings)