From d6c3b12af8f5708f5969cb3d66dcd2e63fad1612 Mon Sep 17 00:00:00 2001
From: Christophe Nowicki <cnowicki@easter-eggs.com>
Date: Thu, 19 Aug 2004 13:55:00 +0000
Subject: logout

---
 php/Attic/examples/sample-sp/assertionConsumer.php | 15 +++----
 php/Attic/examples/sample-sp/index.php             |  7 ++-
 php/Attic/examples/sample-sp/logout.php            | 50 +++++++++++++++++++---
 php/environs/lasso_logout.c                        |  9 ++--
 4 files changed, 62 insertions(+), 19 deletions(-)

(limited to 'php')

diff --git a/php/Attic/examples/sample-sp/assertionConsumer.php b/php/Attic/examples/sample-sp/assertionConsumer.php
index f5a1b8c4..7f19994a 100644
--- a/php/Attic/examples/sample-sp/assertionConsumer.php
+++ b/php/Attic/examples/sample-sp/assertionConsumer.php
@@ -50,9 +50,6 @@
   $msg_url = lasso_profile_get_msg_url($profile);
   $msg_body = lasso_profile_get_msg_body($profile);
 
-  /*print "msg_url : " . $msg_url . "\n<br>";
-  print "msg_body : " . $msg_body . "\n<br>"; */
-
   $url = parse_url($msg_url);
 
   $soap = sprintf(
@@ -80,9 +77,6 @@
   lasso_login_process_response_msg($login, $body); 
   $nameidentifier = lasso_profile_get_nameidentifier($profile);
 
-  // print "nameidentifier: " . $nameidentifier . "<br>\n";
-
-
   # Look for the name_identifier in user db.
   $options = array(
     	'debug'       => 2,
@@ -100,6 +94,7 @@
 
   if ($res->numRows() > 0)
   {
+	// User already exist in the database
 	$row =& $res->fetchRow();
     $user_id = $row[0];
 
@@ -119,11 +114,15 @@
   	
 	lasso_login_accept_sso($login);
 	
+	$session = lasso_profile_get_session($profile); 
+	$session_dump = lasso_session_dump($session);
+  
 	$_SESSION["nameidentifier"] = $nameidentifier;
 	$_SESSION["session_dump"] = $session_dump;
 	$_SESSION["user_id"] = $user_id;
 
-	$url = "index.php";
+	
+	$url = "index.php?SID=". $SID;
   }
   else 
   {
@@ -165,7 +164,7 @@
 	$_SESSION["session_dump"] = $session_dump;
 	$_SESSION["user_id"] = $user_id;
 
-	$url = "register.php";
+	$url = "register.php?SID=". $SID;
   }
   
   // Update last_login
diff --git a/php/Attic/examples/sample-sp/index.php b/php/Attic/examples/sample-sp/index.php
index 9f8b1b5f..0b36a188 100644
--- a/php/Attic/examples/sample-sp/index.php
+++ b/php/Attic/examples/sample-sp/index.php
@@ -38,7 +38,7 @@
 
  require_once 'DB.php';
 
- session_start();
+ session_start($SID);
 
  lasso_init();
  
@@ -83,7 +83,7 @@
 </tr>
 <?php } else { ?>
 <tr>
-  <td><a href="logout.php">Logout!</a></td>
+  <td><a href="logout.php?SID=<?php echo $SID ?>">Logout!</a></td>
 </tr>
 <?php } ?>
 </table>
@@ -129,6 +129,9 @@
 <tr>
 	<td><b>First Name:</b></td><td><?php echo $first_name; ?></td>
 </tr>
+<tr>
+	<td><b>PHP Session ID:</b></td><td><?php echo session_id(); ?></td>
+</tr>
 <tr>
 	<td><b>Account Created:</b></td><td><?php echo $created; ?></td>
 </tr>
diff --git a/php/Attic/examples/sample-sp/logout.php b/php/Attic/examples/sample-sp/logout.php
index 94b790b4..e55b6ba1 100644
--- a/php/Attic/examples/sample-sp/logout.php
+++ b/php/Attic/examples/sample-sp/logout.php
@@ -26,8 +26,10 @@
 
  require_once 'DB.php';
 
-  
-  session_start();
+  if (!empty($_GET['SID'])) 
+	session_start($_GET['SID']);
+  else
+	session_start();
 
   if (!isset($_SESSION["nameidentifier"])) {
 	print "User is not logged in";
@@ -49,7 +51,6 @@
 
   $profile = lasso_cast_to_profile($logout);
 
-  lasso_profile_set_session_from_dump($profile, $_SESSION['session_dump']);
 
   $query = "SELECT identity_dump FROM users WHERE user_id='" . $_SESSION['user_id'] . "'";
 
@@ -60,14 +61,53 @@
  
   $row = $res->fetchRow();
   $identity_dump = $row[0];
+  $session_dump = $_SESSION['session_dump'];
 
   lasso_profile_set_identity_from_dump($profile, $identity_dump);
+  lasso_profile_set_session_from_dump($profile, $session_dump);
+  
+  lasso_logout_init_request($logout);
 
-  lasso_logout_init_request($logout, "");
   lasso_logout_build_request_msg($logout); 
 
-  $db->disconnect();
 
+  $msg_url = lasso_profile_get_msg_url($profile);
+  $msg_body = lasso_profile_get_msg_body($profile);
+
+  $url = parse_url($msg_url);
+
+  $soap = sprintf(
+	"POST %s HTTP/1.1\r\nHost: %s:%d\r\nAccept-Encoding: identity\r\nContent-Length: %d\r\nContent-Type: text/xml\r\nAccept: text/xml,application/xml,application/xhtml+xml,text/html\r\nConnection: close\r\n\r\n%s\r\n",
+  $url['path'], $url['host'], $url['port'], strlen($msg_body), $msg_body);
+
+  # PHP 4.3.0 with OpenSSL support required
+  $fp = fsockopen("ssl://" . $url['host'], $url['port'], $errno, $errstr, 30) or die($errstr ($errno));
+ 
+  fwrite($fp, $soap);
+  $ret = fgets($fp);
+
+  if (!preg_match("/^HTTP\/1\\.. 200/i", $ret)) {
+	die("User is already logged out");
+  }
 
+  while (!feof($fp)) {
+  	$reponse .= @fread($fp, 8192);
+  }
+
+  fclose($fp);
+
+  # Destroy PHP Session
+  $_SESSION = array();
+
+  session_destroy();
+
+  
+  $db->disconnect();
   lasso_shutdown();
+
+  $url = "index.php";
+  
+  header("Request-URI: $url");
+  header("Content-Location: $url");
+  header("Location: $url");
 ?>
diff --git a/php/environs/lasso_logout.c b/php/environs/lasso_logout.c
index 37e7dabf..91c10ac9 100644
--- a/php/environs/lasso_logout.c
+++ b/php/environs/lasso_logout.c
@@ -62,17 +62,18 @@ PHP_FUNCTION(lasso_logout_new) {
 PHP_FUNCTION(lasso_logout_init_request) {
 
   	LassoLogout *logout;
-	char *remote_providerid;
-	int remote_providerid_len;
+	char *remote_providerid = 0;
+	int remote_providerid_len = 0;
 	zval *param;
 	long provider_type;
 
 	int num_args;
 
-	if ((num_args = ZEND_NUM_ARGS()) != 1) 
+	num_args = ZEND_NUM_ARGS();
+	if ((num_args == 1) && (num_args == 2)) 
 		WRONG_PARAM_COUNT
 
-	if (zend_parse_parameters(num_args TSRMLS_CC, "zs", 
+	if (zend_parse_parameters(num_args TSRMLS_CC, "z|s", 
 		  &param, &remote_providerid, &remote_providerid_len) == FAILURE) {
 		return;
 	}
-- 
cgit