X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/20511899214f084732f90df7f0adb36be16c7714..refs/pull/3113/head:/routes/web.php

diff --git a/routes/web.php b/routes/web.php
index 653b5c227..c924ed68c 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -277,7 +277,7 @@ Route::get('/register/service/{socialDriver}', [Auth\SocialController::class, 'r
 // Login/Logout routes
 Route::get('/login', [Auth\LoginController::class, 'getLogin']);
 Route::post('/login', [Auth\LoginController::class, 'login']);
-Route::get('/logout', [Auth\LoginController::class, 'logout']);
+Route::post('/logout', [Auth\LoginController::class, 'logout']);
 Route::get('/register', [Auth\RegisterController::class, 'getRegister']);
 Route::get('/register/confirm', [Auth\ConfirmEmailController::class, 'show']);
 Route::get('/register/confirm/awaiting', [Auth\ConfirmEmailController::class, 'showAwaiting']);
@@ -287,10 +287,14 @@ Route::post('/register', [Auth\RegisterController::class, 'postRegister']);
 
 // SAML routes
 Route::post('/saml2/login', [Auth\Saml2Controller::class, 'login']);
-Route::get('/saml2/logout', [Auth\Saml2Controller::class, 'logout']);
+Route::post('/saml2/logout', [Auth\Saml2Controller::class, 'logout']);
 Route::get('/saml2/metadata', [Auth\Saml2Controller::class, 'metadata']);
 Route::get('/saml2/sls', [Auth\Saml2Controller::class, 'sls']);
-Route::post('/saml2/acs', [Auth\Saml2Controller::class, 'startAcs']);
+Route::post('/saml2/acs', [Auth\Saml2Controller::class, 'startAcs'])->withoutMiddleware([
+    \Illuminate\Session\Middleware\StartSession::class,
+    \Illuminate\View\Middleware\ShareErrorsFromSession::class,
+    \BookStack\Http\Middleware\VerifyCsrfToken::class,
+]);
 Route::get('/saml2/acs', [Auth\Saml2Controller::class, 'processAcs']);
 
 // OIDC routes