Notifications when initiating logout

machunmei · Mar 26, 2020 · 1a2b976 · 1a2b976
1 parent 8ad7586
commit 1a2b976
Show file tree

Hide file tree

Showing 4 changed files with 32 additions and 2 deletions.
diff --git a/Sustainsys.Saml2/Configuration/Saml2Notifications.cs b/Sustainsys.Saml2/Configuration/Saml2Notifications.cs
@@ -129,6 +129,17 @@ public Func<Saml2LogoutResponse, StoredRequestState, bool>
         [System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Naming", "CA1726:UsePreferredTerms", MessageId = "Logout")]
         public Action<CommandResult> LogoutCommandResultCreated { get; set; } = cr => { };
 
+        /// <summary>
+        /// Notification called when a logout request is created to initiate single log
+        /// out with an identity provider.
+        /// </summary>
+        public Action<Saml2LogoutRequest, ClaimsPrincipal, IdentityProvider> LogoutRequestCreated { get; set; } = (lr, user, idp) => { };
+
+        /// <summary>
+        /// Notification called when a logout request has been transformed to an XML node tree.
+        /// </summary>
+        public Action<Saml2LogoutRequest, XDocument> LogoutRequestXmlCreated { get; set; } = (lr, xd) => { };
+
         /// <summary>
         /// Notification called when metadata has been created, but before
         /// signing. At this point the contents of the metadata can be

diff --git a/Sustainsys.Saml2/IdentityProvider.cs b/Sustainsys.Saml2/IdentityProvider.cs
@@ -360,7 +360,7 @@ public CommandResult Bind<TMessage>(
             TMessage message, Action<TMessage, XDocument> xmlCreatedNotification)
             where TMessage: ISaml2Message
         {
-            return Saml2Binding.Get(Binding).Bind(message, null, xmlCreatedNotification);
+            return Saml2Binding.Get(Binding).Bind(message, spOptions.Logger, xmlCreatedNotification);
         }
 
         private readonly ConfiguredAndLoadedSigningKeysCollection signingKeys =

diff --git a/Sustainsys.Saml2/WebSSO/LogOutCommand.cs b/Sustainsys.Saml2/WebSSO/LogOutCommand.cs
@@ -185,8 +185,10 @@ public static CommandResult InitiateLogout(HttpRequestData request, Uri returnUr
             {
                 var logoutRequest = idp.CreateLogoutRequest(request.User);
 
+                options.Notifications.LogoutRequestCreated(logoutRequest, request.User, idp);
+
                 commandResult = Saml2Binding.Get(idp.SingleLogoutServiceBinding)
-                    .Bind(logoutRequest);
+                    .Bind(logoutRequest, options.SPOptions.Logger, options.Notifications.LogoutRequestXmlCreated);
 
                 commandResult.RelayState = logoutRequest.RelayState;
                 commandResult.RequestState = new StoredRequestState(

diff --git a/Tests/Tests.Shared/WebSSO/LogoutCommandTests.cs b/Tests/Tests.Shared/WebSSO/LogoutCommandTests.cs
@@ -100,10 +100,27 @@ public void LogoutCommand_Run_ReturnsLogoutRequest()
                 notifiedCommandResult = cr;
             };
 
+            Saml2LogoutRequest logoutRequest = null;
+            options.Notifications.LogoutRequestCreated = (lr, u, idp) =>
+            {
+                logoutRequest = lr;
+                u.Identities.Single().FindFirst(Saml2ClaimTypes.SessionIndex).Value.Should().Be("SessionId");
+                idp.EntityId.Id.Should().Be("https://idp.example.com");
+            };
+
+            var logoutRequestXmlCreatedCalled = false;
+            options.Notifications.LogoutRequestXmlCreated = (lr, xd) =>
+            {
+                logoutRequestXmlCreatedCalled = true;
+                xd.Root.Attribute("ID").Value.Should().Be(lr.Id.Value);
+            };
+
             var actual = CommandFactory.GetCommand(CommandFactory.LogoutCommandName)
                 .Run(request, options);
 
             actual.Should().BeSameAs(notifiedCommandResult);
+            logoutRequest.Should().NotBeNull();
+            logoutRequestXmlCreatedCalled.Should().BeTrue();
 
             var expected = new CommandResult
             {