You are here

function drupalauth4ssp_user_logout in DrupalAuth for SimpleSAMLphp 7

Same name and namespace in other branches
  1. 8 drupalauth4ssp.module \drupalauth4ssp_user_logout()

Implements hook_user_logout().

1 string reference to 'drupalauth4ssp_user_logout'
drupalauth4ssp_drupal_goto_alter in ./drupalauth4ssp.module
Implements hook_drupal_goto_alter().

File

./drupalauth4ssp.module, line 57
DrupalAuth For simpleSAMLphp module.

Code

function drupalauth4ssp_user_logout($account) {

  // Get the configuration information from SimpleSAMLphp.
  $ssp_config = _drupalauth4ssp_get_simplesamlphp_config();

  // If we don't have configuration, exit without doing anything.
  if (!is_array($ssp_config)) {

    // The least we can do is write something to the watchdog so someone will know what's happening.
    watchdog('drupalauth4ssp', 'Could not use drupalauth for %name, could not get the SimpleSAMLphp configuration.', array(
      '%name' => $account->name,
    ));
    return;
  }

  // Delete the cookie.
  setcookie($ssp_config['cookie_name'], sha1($ssp_config['secretsalt'] . $account->uid) . ':' . $account->uid, time() - 3600, $ssp_config['baseurlpath']);

  // Invalidate SimpleSAML session by expiring it.
  $session = SimpleSAML_Session::getSessionFromRequest();

  // Backward compatibility with SimpleSAMP older than 1.14.
  // SimpleSAML_Session::getAuthority() has been removed in 1.14.
  // @see https://simplesamlphp.org/docs/development/simplesamlphp-upgrade-notes-1.14
  if (method_exists($session, 'getAuthority')) {
    $session
      ->setAuthorityExpire($session
      ->getAuthority(), 1);
  }
  else {
    foreach ($session
      ->getAuthorities() as $authority) {
      $session
        ->setAuthorityExpire($authority, 1);
    }
  }

  // If the ReturnTo URL is present, send the user to the URL.
  if (isset($_GET['ReturnTo']) && $_GET['ReturnTo']) {
    $destination =& drupal_static(__FUNCTION__);
    $destination = $_GET['ReturnTo'];

    // Check the ReturnTo if it's in the allowed list.
    if (!drupalauth4ssp_valid_returnto_parameter()) {
      $destination = FALSE;
    }
  }
}