Commit c5368caa authored by Clément OUDOT's avatar Clément OUDOT
Browse files

Manage CAS logout service (#1298)

parent 19cbbe43
......@@ -250,11 +250,9 @@ sub authLogout {
my ( $self, $req ) = @_;
# Build CAS logout URL
my $logout_url = $self->getServerLogoutURL(
uri_escape( $self->p->fullUrl($req) ),
my $logout_url = $self->getServerLogoutURL( $self->p->fullUrl($req),
$self->conf->{casSrvMetaDataOptions}->{ $req->userData->{_casSrv} }
->{casSrvMetaDataOptionsUrl}
);
->{casSrvMetaDataOptionsUrl} );
$self->logger->debug("Build CAS logout URL: $logout_url");
......
......@@ -212,7 +212,8 @@ sub run {
$req->frame(1);
# GET parameters
my $logout_url = $req->param('url');
my $logout_url = $req->param('url'); # CAS 2.0
my $logout_service = $req->param('service'); # CAS 3.0
# Delete linked CAS sessions
$self->deleteCasSecondarySessions($session_id);
......@@ -237,6 +238,13 @@ sub run {
return PE_CONFIRM;
}
if ($logout_service) {
$self->logger->debug("User will be redirected to $logout_service");
$req->{urldc} = $logout_service;
$req->steps( [] );
return PE_OK;
}
}
else {
$self->logger->info("Unknown session $session_id");
......
......@@ -129,7 +129,7 @@ ok(
'Get iframe from IdP'
);
count(1);
expectOK($res);
expectRedirection( $res, 'http://auth.sp.com/?logout' );
ok( getHeader( $res, 'Content-Security-Policy' ) !~ /frame-ancestors/,
' Frame can be embedded' )
or explain( $res->[1],
......
......@@ -139,7 +139,7 @@ ok(
'Get iframe from IdP'
);
count(1);
expectOK($res);
expectRedirection( $res, 'http://auth.sp.com/?logout' );
ok( getHeader( $res, 'Content-Security-Policy' ) !~ /frame-ancestors/,
' Frame can be embedded' )
or explain( $res->[1],
......
......@@ -139,7 +139,7 @@ ok(
'Get iframe from IdP'
);
count(1);
expectOK($res);
expectRedirection( $res, 'http://auth.sp.com/?logout' );
ok( getHeader( $res, 'Content-Security-Policy' ) !~ /frame-ancestors/,
' Frame can be embedded' )
or explain( $res->[1],
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment