feat: Idp initiated-logging-out

saml-idp · Aug 30, 2024 · 92927db · 92927db
1 parent 2d95c0d
commit 92927db
Show file tree

Hide file tree

Showing 2 changed files with 69 additions and 11 deletions.
diff --git a/.idea/workspace.xml b/.idea/workspace.xml
diff --git a/lib/saml_idp/logout_request_builder.rb b/lib/saml_idp/logout_request_builder.rb
@@ -1,26 +1,31 @@
 require 'saml_idp/logout_builder'
 module SamlIdp
   class LogoutRequestBuilder < LogoutBuilder
+    include SamlIdp::Signable
+
     attr_accessor :name_id
+    attr_accessor :reference_id
 
     def initialize(response_id, issuer_uri, saml_slo_url, name_id, algorithm)
       super(response_id, issuer_uri, saml_slo_url, algorithm)
       self.name_id = name_id
     end
 
     def build
+      req_options = {}
+      req_options[:ID] = "_#{reference_id}"
+      req_options[:Version] = "2.0"
+      req_options[:IssueInstant] = now_iso
+      req_options[:Destination] = saml_slo_url
+      req_options["xmlns:samlp"] = Saml::XML::Namespaces::PROTOCOL
+      req_options["xmlns:saml"] = Saml::XML::Namespaces::ASSERTION
+      req_options[:NotOnOrAfter] = (Time.now + 180).utc.iso8601
       builder = Builder::XmlMarkup.new
-      builder.LogoutRequest ID: response_id_string,
-        Version: "2.0",
-        IssueInstant: now_iso,
-        Destination: saml_slo_url,
-        "xmlns" => Saml::XML::Namespaces::PROTOCOL do |request|
-          request.Issuer issuer_uri, xmlns: Saml::XML::Namespaces::ASSERTION
-          sign request
-          request.NameID name_id, xmlns: Saml::XML::Namespaces::ASSERTION,
-            Format: Saml::XML::Namespaces::Formats::NameId::PERSISTENT
-          request.SessionIndex response_id_string
-        end
+      builder.tag! "samlp:LogoutRequest", req_options do |request|
+        request.tag! "saml:Issuer", issuer_uri
+        sign request
+        request.tag! "saml:NameID", name_id, Format: Saml::XML::Namespaces::Formats::NameId::PERSISTENT
+      end
     end
     private :build
   end