Fix SloLogoutresponse that threw SettingError due to idp_slo_target_url being deprecated

Jacob Klapwijk · Jacob Klapwijk · commit a5de86f29427 · 2021-03-04T10:41:36.000+01:00
diff --git a/lib/onelogin/ruby-saml/slo_logoutresponse.rb b/lib/onelogin/ruby-saml/slo_logoutresponse.rb
@@ -36,15 +36,15 @@ def response_id
       #
       def create(settings, request_id = nil, logout_message = nil, params = {}, logout_status_code = nil)
         params = create_params(settings, request_id, logout_message, params, logout_status_code)
-        params_prefix = (settings.idp_slo_target_url =~ /\?/) ? '&' : '?'
-        url = settings.idp_slo_response_service_url || settings.idp_slo_target_url
+        params_prefix = (settings.idp_slo_service_url =~ /\?/) ? '&' : '?'
+        url = settings.idp_slo_response_service_url || settings.idp_slo_service_url
         saml_response = CGI.escape(params.delete("SAMLResponse"))
         response_params = "#{params_prefix}SAMLResponse=#{saml_response}"
         params.each_pair do |key, value|
           response_params << "&#{key.to_s}=#{CGI.escape(value.to_s)}"
         end
 
-        raise SettingError.new "Invalid settings, idp_slo_target_url is not set!" if url.nil? or url.empty?
+        raise SettingError.new "Invalid settings, idp_slo_service_url is not set!" if url.nil? or url.empty?
         @logout_url = url + response_params
       end
 
@@ -117,7 +117,8 @@ def create_xml_document(settings, request_id = nil, logout_message = nil, status
         response_doc = XMLSecurity::Document.new
         response_doc.uuid = uuid
 
-        destination = settings.idp_slo_response_service_url || settings.idp_slo_target_url
+        destination = settings.idp_slo_response_service_url || settings.idp_slo_service_url
+
 
         root = response_doc.add_element 'samlp:LogoutResponse', { 'xmlns:samlp' => 'urn:oasis:names:tc:SAML:2.0:protocol', "xmlns:saml" => "urn:oasis:names:tc:SAML:2.0:assertion" }
         root.attributes['ID'] = uuid
diff --git a/test/logoutresponse_test.rb b/test/logoutresponse_test.rb
@@ -225,7 +225,7 @@ class RubySamlTest < Minitest::Test
 
         before do
           settings.soft = true
-          settings.idp_slo_target_url = "http://example.com?field=value"
+          settings.idp_slo_service_url = "http://example.com?field=value"
           settings.security[:logout_responses_signed] = true
           settings.security[:embed_sign] = false
           settings.certificate = ruby_saml_cert_text
@@ -373,7 +373,7 @@ class RubySamlTest < Minitest::Test
 
         before do
           settings.soft = true
-          settings.idp_slo_target_url = "http://example.com?field=value"
+          settings.idp_slo_service_url = "http://example.com?field=value"
           settings.security[:signature_method] = XMLSecurity::Document::RSA_SHA1
           settings.security[:logout_responses_signed] = true
           settings.security[:embed_sign] = false
diff --git a/test/slo_logoutresponse_test.rb b/test/slo_logoutresponse_test.rb
@@ -10,7 +10,7 @@ class SloLogoutresponseTest < Minitest::Test
 
     before do
       settings.idp_entity_id = 'https://app.onelogin.com/saml/metadata/SOMEACCOUNT'
-      settings.idp_slo_target_url = "http://unauth.com/logout"
+      settings.idp_slo_service_url = "http://unauth.com/logout"
       settings.name_identifier_value = "f00f00"
       settings.compress_request = true
       settings.certificate = ruby_saml_cert_text
