[Help Needed] - SLO

[subu1979]

// Logout Route
app.get('/logout', async (req, res) => {
console.log('req.session.user :->', req.session.user);

if (req.session && req.session.user) {
try {
const nameId = req.session.user;
if (!nameId) {
console.error("Error: Missing NameID for user");
return res.status(400).send("Cannot log out without NameID");
}

  const logoutRequest = await sp.createLogoutRequest(idp, saml.Constants.wording.binding.post, {
    nameId: nameId,
    relayState: 'logout',
  });

  console.log('Generated Logout Request:', logoutRequest);
  console.log("Decoded SAMLRequest: ", Buffer.from(logoutRequest.context, 'base64').toString());

  req.session.destroy((err) => {
    if (err) {
      console.error("Error during session destruction:", err);
      return res.status(500).send();
    }

    res.send(`
      <form action="${logoutRequest.entityEndpoint.location}" method="POST" id="saml-logout-form">
        <input type="hidden" name="SAMLRequest" value="${logoutRequest.context}" />
      </form>
      <script>
        document.getElementById('saml-logout-form').submit();
      </script>
    `);
  });
} catch (error) {
  console.error("Error generating logout request:", error);
  res.status(500).send("Error during logout request creation");
}

} else {
res.redirect('/login');
}
});

Output :-

req.session.user :-> [email protected]
Generated Logout Request: {
id: '_ae700179-b19f-4b0a-89d4-c601187060b2',
context: 'PHNhbWxwOkxvZ291dFJlcXVlc3QgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9Il9hZTcwMDE3OS1iMTlmLTRiMGEtODlkNC1jNjAxMTg3MDYwYjIiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDI0LTExLTIxVDEwOjUyOjMwLjE0M1oiIERlc3RpbmF0aW9uPSJbb2JqZWN0IE9iamVjdF0iPjxzYW1sOklzc3Vlcj5odHRwOi8vbG9jYWxob3N0OjMwMDEvYXBpL3Nzby9zYW1sMi9zcC9tZXRhZGF0YTwvc2FtbDpJc3N1ZXI+PHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6ZW1haWxBZGRyZXNzIj51bmRlZmluZWQ8L3NhbWw6TmFtZUlEPjwvc2FtbHA6TG9nb3V0UmVxdWVzdD4=',
relayState: '',
entityEndpoint: {
binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
location: 'http://localhost:3000/api/sso/saml2/idp/slo'
},
type: 'SAMLRequest'
}
Decoded SAMLRequest: <samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_ae700179-b19f-4b0a-89d4-c601187060b2" Version="2.0" IssueInstant="2024-11-21T10:52:30.143Z" Destination="[object Object]">saml:Issuerhttp://localhost:3001/api/sso/saml2/sp/metadata</saml:Issuer><saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">undefined</saml:NameID></samlp:LogoutRequest>
[ERROR] validateXML Error: invalid xml (status=WITH_ERRORS)
[error] cvc-datatype-valid.1.2.1: '[object Object]' is not a valid value for 'anyURI'. (1:272)
[error] cvc-attribute.3: The value '[object Object]' of attribute 'Destination' on element 'samlp:LogoutResponse' is not valid with respect to its type, 'anyURI'. (1:272)
at buildError (/Volumes/External/Projects/sso-saml-example/node_modules/@authenio/xsd-schema-validator/lib/validator.js:126:12)
at finish (/Volumes/External/Projects/sso-saml-example/node_modules/@authenio/xsd-schema-validator/lib/validator.js:92:34)
at ChildProcess. (/Volumes/External/Projects/sso-saml-example/node_modules/@authenio/xsd-schema-validator/lib/validator.js:132:5)
at ChildProcess.emit (node:events:519:28)
at ChildProcess._handle.onexit (node:internal/child_process:294:12)
ERR_EXCEPTION_VALIDATE_XML