From 323cc8bc5088771b4e85fb7bbcd523ee5119357d Mon Sep 17 00:00:00 2001
From: Benjamin Renard <brenard@easter-eggs.com>
Date: Wed, 27 Mar 2019 18:03:25 +0100
Subject: [PATCH] LSauthMethod_HTTP : add LSAUTHMETHOD_HTTP_LOGOUT_REMOTE_URL
 parameter

---
 .../LSauthMethod/LSauthMethod_HTTP.docbook     | 11 +++++++++++
 .../conf/LSauth/config.LSauthMethod_HTTP.php   |  2 ++
 .../includes/class/class.LSauthMethod_HTTP.php | 18 +++++++++++++++++-
 3 files changed, 30 insertions(+), 1 deletion(-)

diff --git a/doc/conf/LSauthMethod/LSauthMethod_HTTP.docbook b/doc/conf/LSauthMethod/LSauthMethod_HTTP.docbook
index 5fd744c3..69641f9d 100644
--- a/doc/conf/LSauthMethod/LSauthMethod_HTTP.docbook
+++ b/doc/conf/LSauthMethod/LSauthMethod_HTTP.docbook
@@ -93,6 +93,17 @@
   </listitem>
 </varlistentry>
 
+<varlistentry>
+  <term>LSAUTHMETHOD_HTTP_LOGOUT_REMOTE_URL</term>
+  <listitem>
+    <para>URL de déconnexion externe, utile par exemple dans le contexte d'une
+    connexion via un service SSO. L'utilisateur sera automatiquement redirigé
+    vers cette URL après sa déconnexion effective au niveau d'LdapSaisie.</para>
+    <note><simpara>Si cette URL de déconnexion n'est pas défini, le bouton de
+    déconnexion sera masqué.</simpara></note>
+  </listitem>
+</varlistentry>
+
     </variablelist>
     </para>
 
diff --git a/public_html/conf/LSauth/config.LSauthMethod_HTTP.php b/public_html/conf/LSauth/config.LSauthMethod_HTTP.php
index 29540675..9cb3cdcd 100644
--- a/public_html/conf/LSauth/config.LSauthMethod_HTTP.php
+++ b/public_html/conf/LSauth/config.LSauthMethod_HTTP.php
@@ -47,3 +47,5 @@
  */
 //define('LSAUTHMETHOD_HTTP_METHOD', 'PHP_PASS');
 
+// Remote logout URL (in SSO context for instance)
+//define('LSAUTHMETHOD_HTTP_LOGOUT_REMOTE_URL', 'https://idp.domain.tld/logout');
diff --git a/public_html/includes/class/class.LSauthMethod_HTTP.php b/public_html/includes/class/class.LSauthMethod_HTTP.php
index 81ef86ab..6318de5a 100644
--- a/public_html/includes/class/class.LSauthMethod_HTTP.php
+++ b/public_html/includes/class/class.LSauthMethod_HTTP.php
@@ -31,7 +31,8 @@ class LSauthMethod_HTTP extends LSauthMethod_basic {
 
   public function __construct() {
     LSauth :: disableLoginForm();
-    LSauth :: disableLogoutBtn();
+    if (!defined('LSAUTHMETHOD_HTTP_LOGOUT_REMOTE_URL'))
+      LSauth :: disableLogoutBtn();
     return parent :: __construct();
   }
 
@@ -102,6 +103,21 @@ class LSauthMethod_HTTP extends LSauthMethod_basic {
     }
   }
 
+ /**
+  * After logout
+  *
+  * This method is run by LSsession after the local session was
+  * was successfully destroyed.
+  *
+  * @retval void
+  **/
+  public static function afterLogout() {
+    if (defined('LSAUTHMETHOD_HTTP_LOGOUT_REMOTE_URL')) {
+      LSsession :: redirect(LSAUTHMETHOD_HTTP_LOGOUT_REMOTE_URL);
+    }
+    return true;
+  }
+
 }
 
 /*