laravel-saml2 icon indicating copy to clipboard operation
laravel-saml2 copied to clipboard

Published 20 hours ago verified publisher icon aacotroneo

Saml2LogoutEvent didnot get called

Open pkendre opened this issue 7 years ago • 5 comments

Hi,

I have added the event listener in the

app/Providers/EventServiceProvider.php

 Event::listen('Aacotroneo\Saml2\Events\Saml2LogoutEvent', function ($event) {
            Log::info('SSO Logout event listener');
            Auth::logout();
            Session::save();
        });

My use case is, if a user logout from any of the SP website, I want the user to get logged out from SSO server and the SSO server needs to send the event to all the SP which will log out the user from there website (The above code snippet).

I tried log out the user from the SSO server (simplesamlphp) the user gets successfully logout but the Saml2LogoutEvent did not get called. (I am not sure whether this should happen)

If a user click son Logout button on my SP website, I tried to logout the user from my SP website like below in my UserController.php file

public function logout() {
Log::info('logout function called');
Auth::logout();
Saml2Auth::logout();
}

In saml2_settings.php the value for the key named "logoutRoute" is "/"

and on my "/" route, if I print the Auth::id() it still returns me the value. This means the user is not getting log out from the system.

I am not able to figure out why the Saml2LogoutEvent is not getting fired. and if wrote Auth::logout() still the system returns me the Auth::id().

Thanks in advance Paresh Kendre

pkendre avatar May 18 '17 04:05 pkendre

Since you don't make any reference to #84, did you read that issue?

danmichaelo avatar May 18 '17 06:05 danmichaelo

I'm having this issue as well. I've read the referenced issue, checked the version:

package version
aacotroneo/laravel-saml2 0.8.1
onelogin/php-saml 2.11.0

I've also checked the method which the SSO returns (GET), but I'm still having two issues. The first issue is that the sls method is throwing an error:

Signature validation failed. Logout Request rejected

However, if I then try to logout a second time, the SSO signs me out on their end and says

You Are Successfully Signed Out

But as I do not receive this event back from the SSO server, on either the first or second log out attempt, I cannot log my user out locally.

pet1330 avatar Sep 23 '17 22:09 pet1330

what laravel version are you using?

matijakovacevic avatar Nov 16 '17 11:11 matijakovacevic

I am having the same issue that is facing by @pet1330, did anyone find the solution?

mubashar-veon avatar May 28 '21 13:05 mubashar-veon

what laravel version are you using?

@matijakovacevic, sorry, I didn't see your message, at the time, I was using version 6.2

pet1330 avatar May 28 '21 14:05 pet1330