Missing Documentation on Logout Request

[robertdeboer]

Thank you for this great library! It fills a needed space between writing your own SAML2 library or having to use a large one like OneLogin.

Issue

I am trying to create a LogoutRequest object and but am unable to add the NameID element. I see the function to add it to the request object but cannot figure out how to pass in the correct NameID object. The documentation simply says "stay tune..." for the Logout Request area.

How

Create a logout request object as such:

$identityProviderConsumerService = $this->getIdentityProviderEntityDescriptor()
                                        ->getFirstIdpSsoDescriptor()
                                        ->getFirstSingleLogoutService();

$logoutRequest = new LogoutRequest();
$logoutRequest
    ->setID(Helper::generateID())
    ->setIssueInstant(new DateTime())
    ->setDestination($identityProviderConsumerService->getLocation())
    ->setIssuer(new Issuer($this->getServiceProviderEntityDescriptor()->getEntityID()))
    ->setNameID((new NameIDPolicy())->setFormat($this->getNameIDFormat()));

return $this->sendMessage($logoutRequest, SamlConstants::BINDING_SAML2_HTTP_REDIRECT);

Error

This generates an invalid type error:

LightSaml\Model\Protocol\LogoutRequest::setNameID(): Argument #1 ($nameID) must be of type LightSaml\Model\Assertion\NameID, LightSaml\Model\Protocol\NameIDPolicy given

I see the NameID object at \LightSaml\Model\Assertion\NameID but see nothing in the documentation nor do I see any examples of how to use it in the code.

Note

The LogoutRequest is generated fine without it. However, it is a required part of the SAML LogoutRequest message and the SSO system will reject the request without it.