SAML: now delete session when logout request for authenticated user is correct
This commit is contained in:
parent
6bfdad2d0b
commit
0eba588385
@ -641,6 +641,8 @@ sub issuerForAuthUser {
|
|||||||
|
|
||||||
if ($request) {
|
if ($request) {
|
||||||
|
|
||||||
|
my $logout_error = 0;
|
||||||
|
|
||||||
# Load Session and Identity if they exist
|
# Load Session and Identity if they exist
|
||||||
my $session = $self->{sessionInfo}->{_lassoSessionDump};
|
my $session = $self->{sessionInfo}->{_lassoSessionDump};
|
||||||
my $identity = $self->{sessionInfo}->{_lassoIdentityDump};
|
my $identity = $self->{sessionInfo}->{_lassoIdentityDump};
|
||||||
@ -671,8 +673,6 @@ sub issuerForAuthUser {
|
|||||||
|
|
||||||
# Get EntityID
|
# Get EntityID
|
||||||
my $entityID = $logout->request->Issuer->content;
|
my $entityID = $logout->request->Issuer->content;
|
||||||
my $name_id = $logout->request()->NameID;
|
|
||||||
my $user = $name_id->content;
|
|
||||||
|
|
||||||
$self->lmLog( "Request issued from $entityID", 'debug' );
|
$self->lmLog( "Request issued from $entityID", 'debug' );
|
||||||
|
|
||||||
@ -687,6 +687,9 @@ sub issuerForAuthUser {
|
|||||||
$id;
|
$id;
|
||||||
} @entitiesID;
|
} @entitiesID;
|
||||||
|
|
||||||
|
# Get current user identifier
|
||||||
|
my $user = $self->{sessionInfo}->{_user};
|
||||||
|
|
||||||
# Get corresponding session
|
# Get corresponding session
|
||||||
my $local_sessions =
|
my $local_sessions =
|
||||||
$self->{samlStorage}
|
$self->{samlStorage}
|
||||||
@ -695,7 +698,6 @@ sub issuerForAuthUser {
|
|||||||
if ( my @local_sessions_keys = keys %$local_sessions ) {
|
if ( my @local_sessions_keys = keys %$local_sessions ) {
|
||||||
|
|
||||||
my $session_dump;
|
my $session_dump;
|
||||||
my $logout_error = 0;
|
|
||||||
|
|
||||||
# A session was found
|
# A session was found
|
||||||
foreach (@local_sessions_keys) {
|
foreach (@local_sessions_keys) {
|
||||||
@ -736,10 +738,12 @@ sub issuerForAuthUser {
|
|||||||
# No corresponding session found
|
# No corresponding session found
|
||||||
$self->lmLog( "No local session found for user $user",
|
$self->lmLog( "No local session found for user $user",
|
||||||
'debug' );
|
'debug' );
|
||||||
|
$logout_error = 1;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# Validate request if no previous error
|
# Validate request if no previous error
|
||||||
unless ( $self->validateLogoutRequest($logout) ) {
|
unless ( !$logout_error && $self->validateLogoutRequest($logout) ) {
|
||||||
$self->lmLog( "SLO request is not valid", 'error' );
|
$self->lmLog( "SLO request is not valid", 'error' );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user