Skip to content

LogoutRequestID is in $_SESSION but no LogoutRequest/LogoutResponse found in headers #31

Description

@simevo

if you reproduce #2 (comment) then your $_SESSION has a LogoutRequestID

now visit /login.php and you'll get error 500:

Sat Aug 11 09:05:03 2018] PHP Fatal error:  Uncaught OneLogin\Saml2\Error: SAML LogoutRequest/LogoutResponse not found. Only supported HTTP_REDIRECT Binding in /srv/spid-php2/vendor/onelogin/php-saml/src/Saml2/Auth.php:317
Stack trace:
#0 /srv/spid-php2/src/Strategy/SpOneLogin.php(106): OneLogin\Saml2\Auth->processSLO(false, 'ONELOGIN_4dc8cc...')
#1 /srv/spid-php2/src/Sp.php(48): Italia\Spid2\Strategy\SpOneLogin->isAuthenticated()
#2 /srv/spid-php2/example/login.php(8): Italia\Spid2\Sp->isAuthenticated()
#3 {main}
  thrown in /srv/spid-php2/vendor/onelogin/php-saml/src/Saml2/Auth.php on line 317

the reason is that at this line it is looking for LogoutRequest or LogoutResponse in the headers but nothing is found

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions