Use idp_slo_service_url instead of idp_slo_target_url in LogoutRequest

Jacob Klapwijk · Jacob Klapwijk · commit 91866608b696 · 2021-03-04T10:46:17.000+01:00
diff --git a/lib/onelogin/ruby-saml/logoutrequest.rb b/lib/onelogin/ruby-saml/logoutrequest.rb
@@ -32,14 +32,14 @@ def request_id
       #
       def create(settings, params={})
         params = create_params(settings, params)
-        params_prefix = (settings.idp_slo_target_url =~ /\?/) ? '&' : '?'
+        params_prefix = (settings.idp_slo_service_url =~ /\?/) ? '&' : '?'
         saml_request = CGI.escape(params.delete("SAMLRequest"))
         request_params = "#{params_prefix}SAMLRequest=#{saml_request}"
         params.each_pair do |key, value|
           request_params << "&#{key.to_s}=#{CGI.escape(value.to_s)}"
         end
-        raise SettingError.new "Invalid settings, idp_slo_target_url is not set!" if settings.idp_slo_target_url.nil? or settings.idp_slo_target_url.empty?
-        @logout_url = settings.idp_slo_target_url + request_params
+        raise SettingError.new "Invalid settings, idp_slo_service_url is not set!" if settings.idp_slo_service_url.nil? or settings.idp_slo_service_url.empty?
+        @logout_url = settings.idp_slo_service_url + request_params
       end
 
       # Creates the Get parameters for the logout request.
@@ -109,7 +109,7 @@ def create_xml_document(settings)
         root.attributes['ID'] = uuid
         root.attributes['IssueInstant'] = time
         root.attributes['Version'] = "2.0"
-        root.attributes['Destination'] = settings.idp_slo_target_url  unless settings.idp_slo_target_url.nil? or settings.idp_slo_target_url.empty?
+        root.attributes['Destination'] = settings.idp_slo_service_url  unless settings.idp_slo_service_url.nil? or settings.idp_slo_service_url.empty?
 
         if settings.sp_entity_id
           issuer = root.add_element "saml:Issuer"
diff --git a/test/logoutrequest_test.rb b/test/logoutrequest_test.rb
@@ -8,7 +8,7 @@ class RequestTest < Minitest::Test
     let(:settings) { OneLogin::RubySaml::Settings.new }
 
     before do
-      settings.idp_slo_target_url = "http://unauth.com/logout"
+      settings.idp_slo_service_url = "http://unauth.com/logout"
       settings.name_identifier_value = "f00f00"
     end
 
@@ -43,7 +43,7 @@ class RequestTest < Minitest::Test
     end
 
     it "set sessionindex" do
-      settings.idp_slo_target_url = "http://example.com"
+      settings.idp_slo_service_url = "http://example.com"
       sessionidx = OneLogin::RubySaml::Utils.uuid
       settings.sessionindex = sessionidx
 
@@ -75,7 +75,7 @@ class RequestTest < Minitest::Test
 
     describe "when the target url contains a query string" do
       it "create the SAMLRequest parameter correctly" do
-        settings.idp_slo_target_url = "http://example.com?field=value"
+        settings.idp_slo_service_url = "http://example.com?field=value"
 
         unauth_url = OneLogin::RubySaml::Logoutrequest.new.create(settings)
         assert_match /^http:\/\/example.com\?field=value&SAMLRequest/, unauth_url
@@ -84,7 +84,7 @@ class RequestTest < Minitest::Test
 
     describe "consumation of logout may need to track the transaction" do
       it "have access to the request uuid" do
-        settings.idp_slo_target_url = "http://example.com?field=value"
+        settings.idp_slo_service_url = "http://example.com?field=value"
 
         unauth_req = OneLogin::RubySaml::Logoutrequest.new
         unauth_url = unauth_req.create(settings)
