search

aacotroneo / laravel-saml2

A Laravel 5 package for Saml2 integration as a SP (service provider) based on the simple OneLogin toolkit
MIT License
566 stars 237 forks source link

Saml2LogoutEvent didnot get called #86

Open pkendre opened 7 years ago

pkendre commented 7 years ago

Hi,

I have added the event listener in the

app/Providers/EventServiceProvider.php

 Event::listen('Aacotroneo\Saml2\Events\Saml2LogoutEvent', function ($event) {
            Log::info('SSO Logout event listener');
            Auth::logout();
            Session::save();
        });

My use case is, if a user logout from any of the SP website, I want the user to get logged out from SSO server and the SSO server needs to send the event to all the SP which will log out the user from there website (The above code snippet).

I tried log out the user from the SSO server (simplesamlphp) the user gets successfully logout but the Saml2LogoutEvent did not get called. (I am not sure whether this should happen)

If a user click son Logout button on my SP website, I tried to logout the user from my SP website like below in my UserController.php file

public function logout() {
Log::info('logout function called');
Auth::logout();
Saml2Auth::logout();
}

In saml2_settings.php the value for the key named "logoutRoute" is "/"

and on my "/" route, if I print the Auth::id() it still returns me the value. This means the user is not getting log out from the system.

I am not able to figure out why the Saml2LogoutEvent is not getting fired. and if wrote Auth::logout() still the system returns me the Auth::id().

Thanks in advance Paresh Kendre

danmichaelo commented 7 years ago

Since you don't make any reference to #84, did you read that issue?

pet1330 commented 6 years ago

I'm having this issue as well. I've read the referenced issue, checked the version:

package version
aacotroneo/laravel-saml2 0.8.1
onelogin/php-saml 2.11.0

I've also checked the method which the SSO returns (GET), but I'm still having two issues. The first issue is that the sls method is throwing an error:

Signature validation failed. Logout Request rejected

However, if I then try to logout a second time, the SSO signs me out on their end and says

You Are Successfully Signed Out

But as I do not receive this event back from the SSO server, on either the first or second log out attempt, I cannot log my user out locally.

matijakovacevic commented 6 years ago

what laravel version are you using?

mubashar-veon commented 3 years ago

I am having the same issue that is facing by @pet1330, did anyone find the solution?

pet1330 commented 3 years ago

what laravel version are you using?

@matijakovacevic, sorry, I didn't see your message, at the time, I was using version 6.2