[Saml] fixes logout (#1613)

claroline · Mar 12, 2021 · 68c4cad · 68c4cad
1 parent c506f5d
commit 68c4cad
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/src/main/authentication/Security/Logout/LogoutHandler.php b/src/main/authentication/Security/Logout/LogoutHandler.php
@@ -13,6 +13,7 @@
 namespace Claroline\AuthenticationBundle\Security\Logout;
 
 use Claroline\AppBundle\Event\StrictDispatcher;
+use Claroline\CoreBundle\Entity\User;
 use Claroline\CoreBundle\Event\CatalogEvents\SecurityEvents;
 use Claroline\CoreBundle\Event\Security\UserLogoutEvent;
 use Symfony\Component\HttpFoundation\Request;
@@ -31,6 +32,11 @@ public function __construct(StrictDispatcher $eventDispatcher)
 
     public function logout(Request $request, Response $response, TokenInterface $token)
     {
-        $this->eventDispatcher->dispatch(SecurityEvents::USER_LOGOUT, UserLogoutEvent::class, [$token->getUser()]);
+        if ($token->getUser() instanceof User) {
+            // only log if the user isn't already logged out
+            // this can occur with SAML : when we call the IDP to request a logout, it will call back to our logout endpoint
+            // but our user is no longer in the token storage.
+            $this->eventDispatcher->dispatch(SecurityEvents::USER_LOGOUT, UserLogoutEvent::class, [$token->getUser()]);
+        }
     }
 }