161
161
profile = LASSO_PROFILE(logout);
163
/* get the provider */
164
provider = g_hash_table_lookup(profile->server->providers, profile->remote_providerID);
165
if (provider == NULL) {
163
if (profile->response == NULL) {
164
if (profile->http_request_method == LASSO_HTTP_METHOD_SOAP) {
165
profile->response = lasso_lib_logout_response_new_full(
166
LASSO_PROVIDER(profile->server)->ProviderID,
167
LASSO_SAML_STATUS_CODE_REQUEST_DENIED,
168
LASSO_LIB_LOGOUT_REQUEST(profile->request),
169
profile->server->certificate ?
170
LASSO_SIGNATURE_TYPE_WITHX509 : LASSO_SIGNATURE_TYPE_SIMPLE,
171
LASSO_SIGNATURE_METHOD_RSA_SHA1);
173
if (profile->http_request_method == LASSO_HTTP_METHOD_REDIRECT) {
174
profile->response = lasso_lib_logout_response_new_full(
175
LASSO_PROVIDER(profile->server)->ProviderID,
176
LASSO_SAML_STATUS_CODE_REQUEST_DENIED,
177
LASSO_LIB_LOGOUT_REQUEST(profile->request),
178
LASSO_SIGNATURE_TYPE_NONE,
183
if (profile->remote_providerID == NULL || profile->response == NULL) {
184
/* no remote provider id set or no response set, this means
185
* this function got called before validate_request, probably
186
* because there were no active session */
166
187
return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND);
178
199
if (profile->http_request_method == LASSO_HTTP_METHOD_REDIRECT) {
200
/* get the provider */
201
provider = g_hash_table_lookup(profile->server->providers,
202
profile->remote_providerID);
203
if (provider == NULL) {
204
return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND);
179
207
url = lasso_provider_get_metadata_one(provider, "SingleLogoutServiceReturnURL");
180
208
if (url == NULL) {
181
209
return critical_error(LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL);
338
366
return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND);
341
/* before setting profile->request, verify if it is already set */
342
if (LASSO_IS_LIB_LOGOUT_REQUEST(profile->request) == TRUE) {
343
lasso_node_destroy(LASSO_NODE(profile->request));
344
profile->request = NULL;
347
/* build a new request object from single logout protocol profile */
349
369
/* get / verify http method */
350
370
if (http_method == LASSO_HTTP_METHOD_ANY) {
351
371
http_method = lasso_provider_get_first_http_method(
352
372
LASSO_PROVIDER(profile->server),
354
374
LASSO_MD_PROTOCOL_TYPE_SINGLE_LOGOUT);
375
/* XXX: check it found a valid http method */
356
377
if (lasso_provider_accept_http_method(LASSO_PROVIDER(profile->server),
358
379
LASSO_MD_PROTOCOL_TYPE_SINGLE_LOGOUT,
360
381
TRUE) == FALSE) {
382
if (http_method == LASSO_HTTP_METHOD_REDIRECT) {
383
/* it was probably used as last resort, and
384
* failed, since the remote provider doesn't
385
* support any logout. remove assertion
386
* unconditionnaly. */
387
lasso_session_remove_assertion(profile->session,
388
profile->remote_providerID);
389
if (logout->initial_remote_providerID && logout->initial_request) {
390
g_free(profile->remote_providerID);
391
profile->remote_providerID = g_strdup(
392
logout->initial_remote_providerID);
393
profile->response = lasso_lib_logout_response_new_full(
394
LASSO_PROVIDER(profile->server)->ProviderID,
395
LASSO_SAML_STATUS_CODE_SUCCESS,
396
LASSO_LIB_LOGOUT_REQUEST(logout->initial_request),
397
LASSO_SIGNATURE_TYPE_NONE,
361
401
return LASSO_PROFILE_ERROR_UNSUPPORTED_PROFILE;
405
/* before setting profile->request, verify it is not already set */
406
if (LASSO_IS_LIB_LOGOUT_REQUEST(profile->request) == TRUE) {
407
lasso_node_destroy(LASSO_NODE(profile->request));
408
profile->request = NULL;
365
411
/* build a new request object from http method */
366
412
if (http_method == LASSO_HTTP_METHOD_SOAP) {
367
413
profile->request = lasso_lib_logout_request_new_full(
798
/* authentication is ok, federation is ok, propagation support is ok, remove federation */
845
/* authentication is ok, federation is ok, propagation support is ok, remove assertion */
799
846
lasso_session_remove_assertion(profile->session, profile->remote_providerID);
801
848
/* if at IDP and nb sp logged > 1, then backup remote provider id,
868
915
xmlNode *xmlnode;
870
917
xmlnode = parent_class->get_xmlNode(node, lasso_dump);
871
xmlNodeSetName(xmlnode, "Logout");
872
xmlSetProp(xmlnode, "LogoutDumpVersion", "2");
918
xmlNodeSetName(xmlnode, (xmlChar*)"Logout");
919
xmlSetProp(xmlnode, (xmlChar*)"LogoutDumpVersion", (xmlChar*)"2");