Added SOGoSAML2LogoutURL

Documentation/SOGoInstallationGuide.asciidoc

@@ -457,6 +457,11 @@ SAML2 as authentication mechanism. When using this feature, SOGo will invoke
 the IdP to proceed with the logout procedure. When the user clicks on the logout
 button, a redirection will be made to the IdP to trigger the logout.
 
+|S |SOGoSAML2LogoutURL
+|The URL to which redirect the user after the "Logout" link is clicked.
+SOGoSAML2LogoutEnabled must be set to YES. If unset, the user will be
+redirected to a blank page.
+
 |D |SOGoTimeZone
 |Parameter used to set a default time zone for users. The default
 timezone is set to UTC. The Olson database is a standard database that

SoObjects/SOGo/SOGoSystemDefaults.h

@@ -82,6 +82,7 @@
 - (NSString *) SAML2IdpCertificateLocation;
 - (NSString *) SAML2LoginAttribute;
 - (BOOL) SAML2LogoutEnabled;
+- (NSString *) SAML2LogoutURL;
 
 - (BOOL) enablePublicAccess;
 

SoObjects/SOGo/SOGoSystemDefaults.m

@@ -511,6 +511,11 @@ _injectConfigurationFromFile (NSMutableDictionary *defaultsDict,
   return [self boolForKey: @"SOGoSAML2LogoutEnabled"];
 }
 
+- (NSString *) SAML2LogoutURL
+{
+  return [self stringForKey: @"SOGoSAML2LogoutURL"];
+}
+
 - (NSString *) SAML2LoginAttribute
 {
   return [self stringForKey: @"SOGoSAML2LoginAttribute"];

UI/MainUI/SOGoSAML2Actions.m

@@ -73,6 +73,7 @@
 {
   NSString *userName, *value, *cookieName, *domain, *username, *password;
   SOGoWebAuthenticator *auth;
+  SOGoSystemDefaults *sd;
   WOResponse *response;
   NSCalendarDate *date;
   WOCookie *cookie;
@@ -81,8 +82,16 @@
   userName = [[context activeUser] login];
   [self logWithFormat: @"SAML2 IdP-initiated SLO for user '%@'", userName];
 
+  sd = [SOGoSystemDefaults sharedSystemDefaults];
+
   response = [context response];
 
+  if ([sd SAML2LogoutURL])
+    {
+      [response setStatus: 302];
+      [response setHeader: [sd SAML2LogoutURL]  forKey: @"location"];
+    }
+
   if ([userName isEqualToString: @"anonymous"])
     return response;