crewjam / saml

SAML library for go
BSD 2-Clause "Simplified" License
968 stars 435 forks source link

Add an implementation of an SLO handler on `IdentityProvider`? #307

Open inconshreveable opened 4 years ago

inconshreveable commented 4 years ago

While building an end-to-end test for SP-initiated SAML logout, I needed to implement the IdP side of the SP-initiated logout flow. Before potentially putting together a PR for this, I wanted to first check if you're amendable to a PR for adding this functionality. The proposal is roughly that saml.IdentityProvider.Handler() will expose a new /slo or /logout endpoint which will implement the Redirect method SLO endpoint that it advertises in its metadata. There would also likely be a separate a function on the IdentityProvider itself to invoke that functionality directly.

If that's within the scope of the library, let me know if there are any additional asks or guidelines you'd have for accepting such a PR. If it's not within scope, feel free to simply close out the issue.

crewjam commented 3 years ago

Thanks for your patience. Yes, I think it is very much in scope, and a PR would be awesome.

[btw, it's nice to hear from you and get your other PRs... I'm a long time ngrok fan. :)]