I created a hook that checks some attributes within the XML of the SAML response and if it does not satisfy some conditions it redirects the user to the login page with an error message, logging out of the moodle session. the problem that I can't solve, however, is related to the logout on the idp side. In fact, when I then try to log in again from the dedicated button on the main page, the user is still logged in on the fixed side and therefore does not allow me to log in with a different user. can someone help me please. I share the code of my hook, in this case I don't log out on the Moodle side, but my intention is to clean the session and everything works as it should. the problem remains on the idp side. Thanks in advance
defined('MOODLE_INTERNAL') || die();
function local_customsamlhook_extend_auth_saml2_proc()
{
return [
51 => array(
'class' => 'core:PHP',
'code' => '
$attributeName = "http://schemas.xmlsoap.org/claims/Group";
if (isset($attributes[$attributeName])) {
$attributeValues = $attributes[$attributeName];
$attributeValuesString = is_array($attributeValues) ? implode(", ", $attributeValues) : $attributeValues;
if (strpos($attributeValuesString, "grp-viceversa") === false) {
global $PAGE, $OUTPUT, $SESSION, $CFG;
// Set the error message in the session.
$SESSION->loginerrormsg = "Accesso non Autorizzato: si prega di contattare l\'help desk";
$indexPageURL = new moodle_url("$CFG->wwwroot/login/index.php");
redirect($indexPageURL);
exit(1);
}
} else {
global $PAGE, $OUTPUT, $SESSION, $CFG;
// Set the error message in the session.
$SESSION->loginerrormsg = "Accesso non Autorizzato: si prega di contattare l\'help desk";
$indexPageURL = new moodle_url("$CFG->wwwroot/login/index.php");
redirect($indexPageURL);
exit(1);
}
'
)
];
}```
I created a hook that checks some attributes within the XML of the SAML response and if it does not satisfy some conditions it redirects the user to the login page with an error message, logging out of the moodle session. the problem that I can't solve, however, is related to the logout on the idp side. In fact, when I then try to log in again from the dedicated button on the main page, the user is still logged in on the fixed side and therefore does not allow me to log in with a different user. can someone help me please. I share the code of my hook, in this case I don't log out on the Moodle side, but my intention is to clean the session and everything works as it should. the problem remains on the idp side. Thanks in advance