diff --git a/src/Saml2/AuthnRequest.php b/src/Saml2/AuthnRequest.php
index fd9afb5..e1ad2e4 100644
--- a/src/Saml2/AuthnRequest.php
+++ b/src/Saml2/AuthnRequest.php
@@ -81,8 +81,7 @@ SUBJECT;
$nameIdPolicyStr = <<
+ Format="{$nameIDPolicyFormat}" />
NAMEIDPOLICY;
}
@@ -156,12 +155,17 @@ REQUESTEDAUTHN;
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
ID="$id"
Version="2.0"
-{$providerNameStr}{$forceAuthnStr}{$isPassiveStr}
+{$forceAuthnStr}{$isPassiveStr}
IssueInstant="{$issueInstant}"
Destination="{$destination}"
ProtocolBinding="{$spData['assertionConsumerService']['binding']}"
- AssertionConsumerServiceURL="{$acsUrl}">
- {$spEntityId}{$subjectStr}{$nameIdPolicyStr}{$requestedAuthnStr}
+ AssertionConsumerServiceURL="{$acsUrl}"
+ AttributeConsumingServiceIndex="{$spData['attributeConsumingService']['index']}">
+ {$spEntityId}
+{$nameIdPolicyStr}
+{$requestedAuthnStr}
AUTHNREQUEST;
diff --git a/src/Saml2/LogoutRequest.php b/src/Saml2/LogoutRequest.php
index 108c49b..ddca081 100644
--- a/src/Saml2/LogoutRequest.php
+++ b/src/Saml2/LogoutRequest.php
@@ -137,8 +137,10 @@ class LogoutRequest
ID="{$id}"
Version="2.0"
IssueInstant="{$issueInstant}"
- Destination="{$destination}">
- {$spEntityId}
+ Destination="{$idpData['entityId']}">
+ {$spEntityId}
{$nameIdObj}
{$sessionIndexStr}
diff --git a/src/Saml2/LogoutResponse.php b/src/Saml2/LogoutResponse.php
index 9c3f020..7a33d4c 100644
--- a/src/Saml2/LogoutResponse.php
+++ b/src/Saml2/LogoutResponse.php
@@ -114,7 +114,7 @@ class LogoutResponse
if ($issuerNodes->length == 1) {
$issuer = $issuerNodes->item(0)->textContent;
}
- return $issuer;
+ return trim($issuer);
}
/**
diff --git a/src/Saml2/Metadata.php b/src/Saml2/Metadata.php
index 922ad60..efd97dc 100644
--- a/src/Saml2/Metadata.php
+++ b/src/Saml2/Metadata.php
@@ -163,7 +163,7 @@ ATTRIBUTEVALUE;
$requestedAttributeStr = implode(PHP_EOL, $requestedAttributeData);
$strAttributeConsumingService = <<
+
{$sp['attributeConsumingService']['serviceName']}
{$attrCsDesc}{$requestedAttributeStr}
@@ -172,17 +172,17 @@ METADATA_TEMPLATE;
$spEntityId = htmlspecialchars($sp['entityId'], ENT_QUOTES);
$acsUrl = htmlspecialchars($sp['assertionConsumerService']['url'], ENT_QUOTES);
+ $isDefaultAcs = (0 === $sp['assertionConsumerService']['index']) ? 'isDefault="true"' : '';
$metadata = <<
{$sls} {$sp['NameIDFormat']}
+ {$isDefaultAcs}
+ index="{$sp['assertionConsumerService']['index']}" />
{$strAttributeConsumingService}
{$strOrganization}{$strContacts}