X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/3a17ba2cb9e923d70df6439be242df49918389fa..refs/pull/2023/head:/app/Http/Controllers/Auth/Saml2Controller.php

diff --git a/app/Http/Controllers/Auth/Saml2Controller.php b/app/Http/Controllers/Auth/Saml2Controller.php
index d54e925bb..7ffcc572b 100644
--- a/app/Http/Controllers/Auth/Saml2Controller.php
+++ b/app/Http/Controllers/Auth/Saml2Controller.php
@@ -4,7 +4,6 @@ namespace BookStack\Http\Controllers\Auth;
 
 use BookStack\Auth\Access\Saml2Service;
 use BookStack\Http\Controllers\Controller;
-use Illuminate\Http\Request;
 
 class Saml2Controller extends Controller
 {
@@ -18,6 +17,7 @@ class Saml2Controller extends Controller
     {
         parent::__construct();
         $this->samlService = $samlService;
+        $this->middleware('guard:saml2');
     }
 
     /**
@@ -31,6 +31,20 @@ class Saml2Controller extends Controller
         return redirect($loginDetails['url']);
     }
 
+    /**
+     * Start the logout flow via SAML2.
+     */
+    public function logout()
+    {
+        $logoutDetails = $this->samlService->logout();
+
+        if ($logoutDetails['id']) {
+            session()->flash('saml2_logout_request_id', $logoutDetails['id']);
+        }
+
+        return redirect($logoutDetails['url']);
+    }
+
     /*
      * Get the metadata for this SAML2 service provider.
      */
@@ -48,7 +62,9 @@ class Saml2Controller extends Controller
      */
     public function sls()
     {
-        // TODO
+        $requestId = session()->pull('saml2_logout_request_id', null);
+        $redirect = $this->samlService->processSlsResponse($requestId) ?? '/';
+        return redirect($redirect);
     }
 
     /**