DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-11-10 15:44:11 -08:00
Code Issues Actions 11 Packages Projects Releases Wiki Activity

Merge pull request #11076 from johnson-yi/fixes/saml_slo

Browse source 
Fixes #10706 - Fix saml slo for logout
This commit is contained in:
snipe 2022-05-14 08:10:50 -07:00 committed by GitHub
parent c4d75dca68 4401dab8d6
commit d904fb1d80
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 14 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
app/Http/Controllers/Auth/LoginController.php
View file

@ -449,10 +449,17 @@ class LoginController extends Controller
*/
public function logout(Request $request)
{
// Logout is only allowed with a http POST but we need to allow GET for SAML SLO
$settings = Setting::getSettings();
$saml = $this->saml;
$samlLogout = $request->session()->get('saml_logout');
$sloRedirectUrl = null;
$sloRequestUrl = null;
// Only allow GET if we are doing SAML SLO otherwise abort with 405
if ($request->isMethod('GET') && !$samlLogout) {
abort(405);
}
if ($saml->isEnabled()) {
$auth = $saml->getAuth();

2
app/Http/Controllers/Auth/SamlController.php
View file

@ -142,6 +142,6 @@ class SamlController extends Controller
return view('errors.403');
}
return redirect()->route('logout')->with('saml_slo_redirect_url', $sloUrl);
return redirect()->route('logout')->with(['saml_logout' => true,'saml_slo_redirect_url' => $sloUrl]);
}
}

6
routes/web.php
View file

@ -434,6 +434,12 @@ Route::group(['middleware' => 'web'], function () {
'uses' => 'DashboardController@getIndex' ]
);
// need to keep GET /logout for SAML SLO
Route::get(
'logout',
[LoginController::class, 'logout']
)->name('logout');
Route::post(
'logout',
[LoginController::class, 'logout']