You are here

Home » API reference » SAML Service Provider 3.x » saml_sp_drupal_login.module

function saml_sp_user_logout in SAML Service Provider 3.x

Same name and namespace in other branches
  1. 8.3 modules/saml_sp_drupal_login/saml_sp_drupal_login.module \saml_sp_user_logout()
  2. 8.2 modules/saml_sp_drupal_login/saml_sp_drupal_login.module \saml_sp_user_logout()
  3. 7.8 modules/saml_sp_drupal_login/saml_sp_drupal_login.module \saml_sp_user_logout()
  4. 7.2 modules/saml_sp_drupal_login/saml_sp_drupal_login.module \saml_sp_user_logout()
  5. 7.3 modules/saml_sp_drupal_login/saml_sp_drupal_login.module \saml_sp_user_logout()
  6. 4.x modules/saml_sp_drupal_login/saml_sp_drupal_login.module \saml_sp_user_logout()

Implements hook_user_logout().

File

modules/saml_sp_drupal_login/saml_sp_drupal_login.module, line 325
SAML Drupal Login.

Code

function saml_sp_user_logout($account) {

  /*
    // @codingStandardsIgnoreStart
    // Load the IdP to authenticate against.
    $idp = saml_sp_drupal_login__get_id();

    // what is the authentication method?
    switch ($idp->getAuthnContextClassRef()) {
      case 'urn:federation:authentication:windows':
        // the user is logged in through their Windows account
        // it is impractical to log out of the IdP system as well
        return;
        break;
    }

    if (!variable_get('saml_sp_drupal_login__logout', TRUE)) {
      // the site doesn't want the IdP to be signed out of,
      // so just log out of Drupal
      return;
    }
    global $language;
    global $base_url;


    // Settings is an array
    $settings = saml_sp__get_settings($idp);
    // Creating Saml2 Settings object from array
    $saml_settings = new Settings($settings);
    $idp_data = $saml_settings->getIdPData();

    // Checking if logout url is configured
    if (isset($idp_data['singleLogoutService']) && isset($idp_data['singleLogoutService']['url'])) {
      $slo_url = $idp_data['singleLogoutService']['url'];
    }
    else {
      throw new Exception("The IdP does not support Single Log Out");
    }

    // Creating a logout request to be passed to IdP
    if (isset($_SESSION['IdPSessionIndex']) && !empty($_SESSION['IdPSessionIndex'])) {
      $logout_request = new LogoutRequest($saml_settings, NULL, NULL ,$_SESSION['IdPSessionIndex']);
    }
    else {
      $logout_request = new LogoutRequest($saml_settings);
    }

    $saml_request = $logout_request->getRequest();
    $parameters = array('SAMLRequest' => $saml_request);
    // Checking current language, so that user can be redirected to front page
    // in same language
    $parameters['RelayState'] = $base_url . '/' . $language->prefix;
    $url = Utils::redirect($slo_url, $parameters, TRUE);
    \Drupal::logger('saml_sp')->notice('Session closed for %name (%uid) and starting SAML SLO.', array('%name' => $account->name, '%uid' => $account->uid));
    // Force redirection in drupal_goto().
    unset($_GET['destination']);
    if(!empty($saml_request)) {
      drupal_goto($url);
    }
    // @codingStandardsIgnoreEnd
    /**/
}