Merge pull request #1155 from nextcloud/fix/noid/sso-logout-no-session-data

Make sure to logout in the IdP when single-logout didn't find the provider

Author: julien-nc

lib/Controller/LoginController.php

@@ -26,6 +26,7 @@
 use OCA\UserOIDC\Service\OIDCService;
 use OCA\UserOIDC\Service\ProviderService;
 use OCA\UserOIDC\Service\ProvisioningService;
+use OCA\UserOIDC\Service\SettingsService;
 use OCA\UserOIDC\Service\TokenService;
 use OCA\UserOIDC\User\Backend;
 use OCA\UserOIDC\Vendor\Firebase\JWT\JWT;
@@ -70,6 +71,7 @@ public function __construct(
 		private ProviderService $providerService,
 		private DiscoveryService $discoveryService,
 		private LdapService $ldapService,
+		private SettingsService $settingsService,
 		private ISecureRandom $random,
 		private ISession $session,
 		private HttpClientHelper $clientService,
@@ -667,6 +669,13 @@ public function singleLogoutService() {
 				}
 			} else {
 				$providerId = $this->session->get(self::PROVIDERID);
+				// if the provider is not found and we are in SSO mode, just use the one and only provider
+				if ($providerId === null && !$this->settingsService->getAllowMultipleUserBackEnds()) {
+					$providers = $this->providerMapper->getProviders();
+					if (count($providers) === 1) {
+						$providerId = $providers[0]->getId();
+					}
+				}
 			}
 			if ($providerId) {
 				try {