X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/ac110eb6b2df1a30628e9800a60e1357f474fa1f..refs/pull/2902/head:/app/Auth/Access/Saml2Service.php

diff --git a/app/Auth/Access/Saml2Service.php b/app/Auth/Access/Saml2Service.php
index 6cbfdac0b..339701d27 100644
--- a/app/Auth/Access/Saml2Service.php
+++ b/app/Auth/Access/Saml2Service.php
@@ -61,7 +61,11 @@ class Saml2Service extends ExternalAuthService
         $returnRoute = url('/');
 
         try {
-            $url = $toolKit->logout($returnRoute, [], null, null, true);
+            $email = auth()->user()['email'];
+            $nameIdFormat = env('SAML2_SP_NAME_ID_Format', null);
+            $nameIdSPNameQualifier = env('SAML2_SP_NAME_ID_SP_NAME_QUALIFIER', null);
+
+            $url = $toolKit->logout($returnRoute, [], $email, null, true, $nameIdFormat, null, $nameIdSPNameQualifier);
             $id = $toolKit->getLastRequestID();
         } catch (Error $error) {
             if ($error->getCode() !== Error::SAML_SINGLE_LOGOUT_NOT_SUPPORTED) {
@@ -117,7 +121,9 @@ class Saml2Service extends ExternalAuthService
     public function processSlsResponse(?string $requestId): ?string
     {
         $toolkit = $this->getToolkit();
-        $redirect = $toolkit->processSLO(true, $requestId, false, null, true);
+        $retrieveParametersFromServer = env('SAML2_RETRIEVE_PARAMETERS_FROM_SERVER', false);
+
+        $redirect = $toolkit->processSLO(true, $requestId, $retrieveParametersFromServer, null, true);
 
         $errors = $toolkit->getErrors();