/logout error 404
Closed this issue · 2 comments
Hello,
I have just implemented your middleware, everything works well, right down to the logout.
Indeed this one finishes, on an error 404 for the route: /logout/saml2callback
Here is the extension I made, very close to your example:
AppSaml2.php
<?php
namespace App\Http\Middleware;
use App\Http\MaitrePylos\Filter;
use App\User;
use Auth;
use RootInc\LaravelSaml2Middleware\Saml2;
class AppSaml2 extends Saml2
{
private $token = null;
private $profile = null;
private $filtre = null;
public function __construct(Filter $filtre)
{
parent::__construct();
$this->filtre = $filtre;
}
/**
* Handler that is called when a successful login has taken place for the first time
*
* @param \Illuminate\Http\Request $request
* @param String $tokenSAML2_IDP_x509
* @param mixed $profile
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector|mixed
*/
protected function success($request, $token, $profile)
{
$this->token = $token;
$this->profile = $profile;
$user = User::updateOrCreate(['email' => $token], [
'name' => $this->getUsername(),
]);
Auth::login($user, true);
return parent::success($request, $token, $profile);
}
public function getUsername()
{
[$name, $dns] = explode('@', $this->token);
return $name;
}
}
my routes
web.php
Route::get('/login', '\App\Http\Middleware\AppSaml2@saml2')->name('login');
Route::get('/saml2/metadata', '\App\Http\Middleware\AppSaml2@saml2metadata');
Route::post('/login/saml2callback', '\App\Http\Middleware\AppSaml2@saml2callback');
Route::get('/logout', '\App\Http\Middleware\AppSaml2@saml2logout')->name('logout');
Route::post('/logout/logoutcallback', '\App\Http\Middleware\AppSaml2@logoutcallback');
I'm going around in circles, do you have any leads?
Thank you very much.
Hi @maitrepylos
Indeed this one finishes, on an error 404 for the route: /logout/saml2callback
Based on what is supplied in the web.php
, I think we want to use /logout/logoutcallback
instead of /logout/saml2callback
. My guess is the IdP was configured with /logout/saml2callback
instead of /logout/logoutcallback
.
Let us know if that solves your issue.
Hello, while applying your proposal, I came across another mistake:
OneLogin\Saml2\Error
SAML LogoutRequest/LogoutResponse not found. Only supported HTTP_REDIRECT Binding
So I looked for the error and it turns out that the method of the class OneLogin\Saml2\Auth.php processSLO() checks only $_GET['SAMLResponse']) except for my sso provider (wso2), only returns post.
So I added this:
if (!empty($_POST['SAMLResponse']) {
$_GET['SAMLResponse'] = $_POST['SAMLResponse'];
}
in AppSaml2\logoutcallback
And it works well.
Thank you for your help.
Translated with www.DeepL.com/Translator (free version)