From 0cb99dc97f4ac14d9e18f88a144add5f5dc27972 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Tue, 31 May 2016 14:56:42 +0200
Subject: [PATCH] allow choosing to support SLO or not

---
 supann.conf            | 6 ++++++
 update-renater-meta.sh | 9 ++++++++-
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/supann.conf b/supann.conf
index b0aa95f..58c67c7 100644
--- a/supann.conf
+++ b/supann.conf
@@ -76,3 +76,9 @@ export BIND=127.0.0.1:8080
 # /etc/ldap/ldap.conf avec la ligne
 # TLS_CAPATH /chemin/du/certificat_ou_du_certificat_racine
 export USE_TLS=0
+
+
+# Allow SLO
+#
+# Is SLO supported ?
+export ALLOW_SLO=0
diff --git a/update-renater-meta.sh b/update-renater-meta.sh
index 9c1c9b9..8b6c052 100755
--- a/update-renater-meta.sh
+++ b/update-renater-meta.sh
@@ -52,6 +52,13 @@ if ! xmlsec1 --verify --id-attr:ID EntitiesDescriptor --pubkey-cert-pem $CERTIFI
 	exit 1
 fi
 
+if [ "$ALLOW_SLO" = "0" ]; then
+	IDP_INITIATED_SLO=false
+else
+	IDP_INITIATED_SLO=true
+fi
+
+
 # Build fixture
 cat <<EOF >$FIXTURE_TMP
 [
@@ -69,7 +76,7 @@ cat <<EOF >$FIXTURE_TMP
         "federation_mode" : 0,
         "forward_slo" : true,
         "http_method_for_slo_request" : 4,
-        "idp_initiated_sso" : false,
+        "idp_initiated_sso" : $IDP_INITIATED_SLO,
         "iframe_logout_timeout" : 300,
         "name" : "Default",
         "needs_iframe_logout" : false,